[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Building a Gigabit firewall
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: Building a Gigabit firewall
- From: "Cecilia A. Castro Cesar" <cecilia_(_at_)_comp_(_dot_)_ita_(_dot_)_br>
- Date: Fri, 01 Feb 2002 09:48:38 -0200
I'm really worried about gigabit firewall.
I have read (Computer Network - Tanenbaum), as a rule of thumb, that
a machine with 100MIPS can treat only 16Mbps! It is mainly because the excessive
copies in the protocol layers. The author says that the bottleneck is not the NIC
itself but the combination CPU, memory and protocols.
It makes me think that a good OS project is imperative!
Yuri K wrote:
> Hello twig,
> Thursday, January 31, 2002, 18:18:27, you wrote:
> tl> I guess whether the hard disk is a factor depends on
> tl> the level of logging and how much it logs locally.
> tl> I've never built a firewall to filter at that level
> tl> but maybe a seperation of tasks would let the firewall
> tl> focus on firewalling?
> Probably. Never made 1G myself, although I read in a publication
> that none of the commercial industrial strength FW on the market
> was able to keep the packets under loads exceeding 70% of saturation.
> Just keep this in mind. Unfortunately, I can not find a single
> link at the moment, but it was some Network Computing branch.
> Best regards,
> Yuri mailto:koroby398_(_at_)_ifrance_(_dot_)_com
> ifrance.com, l'email gratuit le plus complet de l'Internet !
> vos emails depuis un navigateur, en POP3, sur Minitel, sur le WAP...
Visit your host, monkey.org