Date: Mon, 15 Apr 2013 14:43:54 +0200 From: =?ISO-8859-1?Q?Olivier_Cochard=2DLabb=E9?= <olivier@cochard.me> To: Daniel Kalchev <daniel@digsys.bg> Cc: "freebsd-current@freebsd.org" <freebsd-current@freebsd.org> Subject: Re: ipfilter(4) needs maintainer Message-ID: <CA%2Bq%2BTcrfNZCnh4345TQ8pW7EPkmBJo=TLNjR0L%2B68mOEwydYUg@mail.gmail.com> In-Reply-To: <516BDA15.6000605@digsys.bg> References: <20130411201805.GD76816@FreeBSD.org> <7D8ACD5C-821D-4505-82E4-02267A7BA4F8@FreeBSD.org> <E2F803DD-1F3A-430E-957F-7AB1904CDF42@samsco.org> <96D56EAE-E797-429E-AEC9-42B19B048CCC@FreeBSD.org> <6DEDD3EA-45C1-4549-AA13-5E4F6674BE3E@samsco.org> <2D0B66DB-E232-4F34-9D01-57DF226B9BAA@FreeBSD.org> <2DA4A561-3304-432D-B5D1-7053A27E758F@yahoo.com> <F45FFB8A-4B54-4AEF-AA19-D96DAD0C399D@felyko.com> <CADLo839TyKF2dnONpQ6fyUAVOHG1dYYXih5wS3jANVZBiR=VTA@mail.gmail.com> <alpine.BSF.2.00.1304140946440.10505@wonkity.com> <20130414160648.GD96431@in-addr.com> <36562.1365960622.5652758659450863616@ffe10.ukr.net> <516AFB99.2040007@rewt.org.uk> <516BDA15.6000605@digsys.bg>
next in thread | previous in thread | raw e-mail | index | archive | help
> > I have been very stubborn IPFW user for very long time, but finally gave up > in favor of PF. Nothing like that ever since. I am also not convinced IPFW > is any faster than PF. Hi Daniel, I know that measuring PPS for a firewall is not enought for comparing firewall performance (rfc3511 details lot's of the parameters, but on my small&dirty bench lab with an old server (one core Intel Pentium4 3.00GHz with a dual NIC 82546GB connected to the PCI-X Bus) I've got theses differences (value are in Kpps, small packet size) on FreeBSD 9.1: - forwarding-only: 405 Kpps - IPFW enabled: 320 Kpps - PF enabled: 274 Kpps IPFW was configured with only one line: add 3000 allow ip from any to any And PF with one line too: pass => On this simple test, IPFW is "faster" than PF regarding the forwarding rate. But without "ipfwsync" feature, IPFW is useless for our use case... Regards, Olivier
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA%2Bq%2BTcrfNZCnh4345TQ8pW7EPkmBJo=TLNjR0L%2B68mOEwydYUg>