[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Building a Gigabit firewall



I'm really worried about gigabit firewall.
I have read (Computer Network - Tanenbaum), as a rule of thumb, that
a machine with 100MIPS can treat only 16Mbps! It is mainly because the excessive
copies in the protocol layers.  The author says that the bottleneck is not the NIC
itself but the combination CPU, memory and protocols.
It makes me think that a good OS project is imperative!
Cecilia

Yuri K wrote:

> Hello twig,
>
> Thursday, January 31, 2002, 18:18:27, you wrote:
>
> tl> I guess whether the hard disk is a factor depends on
> tl> the level of logging and how much it logs locally.
> tl> I've never built a firewall to filter at that level
> tl> but maybe a seperation of tasks would let the firewall
> tl> focus on firewalling?
>
> Probably. Never made 1G myself, although I read in a publication
> that none of the commercial industrial strength FW on the market
> was able to keep the packets under loads exceeding 70% of saturation.
> Just keep this in mind. Unfortunately, I can not find a single
> link at the moment, but it was some Network Computing branch.
>
> --
> Best regards,
>  Yuri                            mailto:koroby398_(_at_)_ifrance_(_dot_)_com
>
>
> ______________________________________________________________________________
> ifrance.com, l'email gratuit le plus complet de l'Internet !
> vos emails depuis un navigateur, en POP3, sur Minitel, sur le WAP...
> http://www.ifrance.com/_reloc/email.emailif