On Thu, Jan 31, 2002 at 08:56:54AM +0000, Paul Reilly wrote:
> > traffic. PCI bus speed is a biggie however -- for the amount of data
> > you're talking about, make sure you use a 64-bit/66MHz NIC and motherboard
> > to squeeze as much performance as possible from the system. Build a
> > custom kernel for increased performance / high-bandwidth ability (increase
> > the buffer sizes), and strip the running processes to what you absolutely
> > need.
> >
>
> I'm interested in this too. Has anyone built a GB firewall and if so what
> kind of performance did you achieve? Is it really viable building such a
> beast using PC hardware? I'd be interested to know what motherboard (PCI
> bus speeds) and NIC's were used. Also has anyone detailed how exactly to
> customise the kernel as suggested above. I think a lot of people would
> be interested in this.
Last week I've setup a Dell 1550 which will act as a corporate firewall,
for an organisation that has a GigE link to the internet. Usage normally
is very low so top performance wasn't needed (and isn't tested for).
The config:
cpu: cpu0: Intel Pentium III (Coppermine) ("GenuineIntel" 686-class) 1 GHz
mem: avail mem = 118554624 (115776K)
nic: ti0 at pci1 dev 4 function 0 "Netgear GA620" rev 0x01:
nic: ti1 at pci2 dev 4 function 0 "Netgear GA620" rev 0x01:
nic: skc0: SysKonnect SK-9821 Gigabit Ethernet Server Adapter (SK-NET GE-T)
nic: fxp0 at pci0 dev 1 function 0 "Intel 82557" rev 0x08:
nic: fxp1 at pci0 dev 2 function 0 "Intel 82557" rev 0x08
We haven't tested throughput, but if someone can suggest a
'testsuite' I'm willing to test the box and post some stats.
--
Exit! Stage Left!
|