Date: Wed, 7 Jan 2004 17:30:58 +0000 From: Wayne Pascoe <freebsd-questions@penguinpowered.org> To: freebsd-questions@freebsd.org Subject: Hardware requirements for firewall Message-ID: <20040107173058.GB6217@marvin.penguinpowered.org>
next in thread | raw e-mail | index | archive | help
Hi all, I'm trying to place a FreeBSD firewall into our network. It needs to be able to filter traffic for up to 50 machines using a total of up to 128 IP addresses between them. The daily average traffic inbound is 4276.3 kb/s with today's max being 7695.0 kb/s. We do need to be able to cope with up to 30 Mb/s for extended periods of time though (months). The network setup will be as follows: - 2 Cisco 36xx's connected to ISP's backbone and a 100Mb switch - FreeBSD machine with 2 interfaces, one connected to the same switch as the routers and the other connected to the switch that all the servers are connected to - 100Mb Switch with all hosting servers connected to it, as well as the second interface on the FreeBSD firewall I want to run the firewall in bridging mode, so there will be no IP's assigned to the ethernet interfaces of that machine, and it will be invisible on the network. I then want to use IPFW to filter all incoming and outgoing traffic. The machine I have in mind for this task is as follows: Pentium III 667 Mhz with 512MB RAM 2 x Intel EtherExpress 100Mb cards If this is not sufficient I have the following: Intel Xeon 2.80GHz with 2GB RAM 1 x Intel PRO/1000 Network adaptor 1 x Intel EtherExpress Pro/100(B) I would prefer to avoid having to use the second machine if at all possible as this has been designated as a server, but if the first machine listed here is not sufficient then I would have to. Would either of these machines be able to meet my firewall requirements ? Regards, -- Wayne Pascoe If there's anything more important than my ego around, I want it caught and shot now!
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040107173058.GB6217>