FreeBSD router - large scale

[Kevin Wilcox]

Hello everyone.

We're in the very early stages of considering [Free|Open]BSD on
commodity hardware to handle NAT *and* firewall duties for (what I
consider to be) a sizable deployment. Overall bandwidth is low, only a
gigabit connection, but we handle approximately fifteen thousand
devices. DHCP and DNS would be passed through to other servers, this
hardware would only be responsible for address translation and pf.

I've done this on a very, very small scale (small/home office, small
business) but I'm curious how many other folks are doing it on this
scale, the hardware they are running on and any "gotchas" they may
have faced. Does pf on FreeBSD take advantage of multiple cores/SMP?
Is it preferable, as with OpenBSD, to go for a very stout processor
without much consideration to cores?  Would freebsd-net@ be a better
place to ask this?

I'm getting ready to start digging in to memory and other resources
needed based on available documentation but real-world usage is much
preferred to my academic assessment.

Thanks!

kmw

-- 
A: Maybe because some people are too annoyed by top-posting.
Q: Why do I not get an answer to my question(s)?
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?