Hardware requirements for firewall
Wayne Pascoe
freebsd-questions at penguinpowered.org
Wed Jan 7 09:29:51 PST 2004
Hi all,
I'm trying to place a FreeBSD firewall into our network. It needs to be
able to filter traffic for up to 50 machines using a total of up to 128
IP addresses between them.
The daily average traffic inbound is 4276.3 kb/s with today's max being
7695.0 kb/s. We do need to be able to cope with up to 30 Mb/s for
extended periods of time though (months).
The network setup will be as follows:
- 2 Cisco 36xx's connected to ISP's backbone and a 100Mb switch
- FreeBSD machine with 2 interfaces, one connected to the same switch as
the routers and the other connected to the switch that all the servers
are connected to
- 100Mb Switch with all hosting servers connected to it, as well as the
second interface on the FreeBSD firewall
I want to run the firewall in bridging mode, so there will be no IP's
assigned to the ethernet interfaces of that machine, and it will be
invisible on the network. I then want to use IPFW to filter all incoming
and outgoing traffic.
The machine I have in mind for this task is as follows:
Pentium III 667 Mhz with 512MB RAM
2 x Intel EtherExpress 100Mb cards
If this is not sufficient I have the following:
Intel Xeon 2.80GHz with 2GB RAM
1 x Intel PRO/1000 Network adaptor
1 x Intel EtherExpress Pro/100(B)
I would prefer to avoid having to use the second machine if at all
possible as this has been designated as a server, but if the first
machine listed here is not sufficient then I would have to.
Would either of these machines be able to meet my firewall requirements
?
Regards,
--
Wayne Pascoe
If there's anything more important than my
ego around, I want it caught and shot now!
More information about the freebsd-questions
mailing list