From owner-freebsd-isp Sat Apr 28 7: 5:44 2001 Delivered-To: freebsd-isp@freebsd.org Received: from shell.coffey-web.net (www.coffey-web.net [208.247.65.236]) by hub.freebsd.org (Postfix) with ESMTP id 93A3C37B422 for ; Sat, 28 Apr 2001 07:05:41 -0700 (PDT) (envelope-from bsd@shell.coffey-web.net) Received: from bduross (nic-41-c53-116.mw.mediaone.net [66.41.53.116]) by shell.coffey-web.net (8.11.1/8.11.1) with ESMTP id f3SE5ef51662 for ; Sat, 28 Apr 2001 10:05:40 -0400 (EDT) (envelope-from bsd@shell.coffey-web.net) From: bsd@shell.coffey-web.net Message-ID: <005a01c0cfec$1303c6e0$6401a8c0@bduross> To: Subject: ipfw and ISP's. Date: Sat, 28 Apr 2001 10:03:59 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2919.6700 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello, I am new to the list as of today. I work for a small ISP in Michigan, we have 2 T1's out to different providers in which we run BGP on a Cisco 3640. My question is this: We are looking for a way to filter traffic (if needed, due to an attack or similar) inbound or outbound to our network. I believe I could do this with a dual nic configuration on a FreeBSD machine with ipfw. Would the machine be able to handle the traffic? and if so, what kind of specs would you reccomend for a machine to do 3mb/s of bandwidth? We have a DS3 coming in the soon months, would the machine be able to handle even that? Here is a diagram (in my great ascii skills.. :/) 2 T1's ----------->Cisco 3640 -------->FreeBSD ipfw box -------->Cisco 3500XL Switch ------>rest of network(dialupandothers) Is this feasuble(sp)? Would appreciate any comments or reccomendations on this topic. TIA, Brian S. DuRoss bsd@shell.coffey-web.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message