Firewall Speed
Chad Leigh -- Shire.Net LLC
chad at shire.net
Thu May 18 12:48:47 PDT 2006
On May 18, 2006, at 12:39 PM, Giorgos Keramidas wrote:
> On 2006-05-18 11:03, bc <bc3910 at pcisys.net> wrote:
>> I want to run 6.1_RELEASE with Packet Filter(PF) configured as
>> a gateway using 2 identical 10/100 nics, on an old 450mhz
>> pentium with 256 meg ram and an 8 gig HD.
>>
>> In general, should I expect any speed performance issues with
>> internet access base on the processor, ram and bus speeds of
>> the MB? Would the PF config cause any speed performance
>> deficiencies?
>>
>> I had same setup as above but with IPF firewall and received
>> complaints about surfing speed so I put them back on a Linksys
>> router firewall.
>
> We'd have to see the ruleset to be able to reply in an informed
> manner. I have seen firewalls doing both filtering & NAT on a
> system, with almost no overhead at all though.
>
> This top output:
>
> http://keramida.serverhive.com/pixelshow-top.txt
>
> shows that a FreeBSD 5.X system with 256 MB of physical memory is
> happily filtering the traffic and doing NAT for more than 100
> users, while still being 97% idle.
I would think it is more than CPU speed. The speed of the PCI bus
and the speed and efficiency of the two network cards being used and
their drivers may have a bit to do with latency ("surfing speed")...
Just a guess
Chad
More information about the freebsd-questions
mailing list