Date: Wed, 16 Aug 2000 23:16:27 -0600 From: Warner Losh <imp@village.org> To: Mike Silbersack <silby@silby.com> Cc: David May <David_May@allsolutions.com.au>, freebsd-security@FreeBSD.ORG Subject: Re: [Q] why does my firewall degrade Web performance? Message-ID: <200008170516.XAA09705@harmony.village.org> In-Reply-To: Your message of "Wed, 16 Aug 2000 18:29:11 CDT." <Pine.BSF.4.21.0008161825580.14500-100000@achilles.silby.com> References: <Pine.BSF.4.21.0008161825580.14500-100000@achilles.silby.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <Pine.BSF.4.21.0008161825580.14500-100000@achilles.silby.com> Mike Silbersack writes: : : On Wed, 16 Aug 2000, David May wrote: : : > The firewall machine CPU load is always light. It is a Pentium II Celeron : > 300MHz, 64Mb RAM, four Ethernet cards (3 D-Link 10/100, 1 NE2000), : > and around 180 ipfw rules. : : I'm not sure how fast/slow ipfw is, but 180 rules sounds like a : LOT. Could you get by with a few less? (Or at least try the setup with : no rules and the firewall box just runningas a pure router.) 180 is about normal for having multiple cards. 300MHz should be plenty fast enough. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200008170516.XAA09705>