Date: Mon, 15 Apr 2013 14:43:54 +0200 From: =?ISO-8859-1?Q?Olivier_Cochard=2DLabb=E9?= <olivier@cochard.me> To: Daniel Kalchev <daniel@digsys.bg> Cc: "freebsd-current@freebsd.org" <freebsd-current@freebsd.org> Subject: Re: ipfilter(4) needs maintainer Message-ID: <CA%2Bq%2BTcrfNZCnh4345TQ8pW7EPkmBJo=TLNjR0L%2B68mOEwydYUg@mail.gmail.com> In-Reply-To: <516BDA15.6000605@digsys.bg> References: <20130411201805.GD76816@FreeBSD.org> <7D8ACD5C-821D-4505-82E4-02267A7BA4F8@FreeBSD.org> <E2F803DD-1F3A-430E-957F-7AB1904CDF42@samsco.org> <96D56EAE-E797-429E-AEC9-42B19B048CCC@FreeBSD.org> <6DEDD3EA-45C1-4549-AA13-5E4F6674BE3E@samsco.org> <2D0B66DB-E232-4F34-9D01-57DF226B9BAA@FreeBSD.org> <2DA4A561-3304-432D-B5D1-7053A27E758F@yahoo.com> <F45FFB8A-4B54-4AEF-AA19-D96DAD0C399D@felyko.com> <CADLo839TyKF2dnONpQ6fyUAVOHG1dYYXih5wS3jANVZBiR=VTA@mail.gmail.com> <alpine.BSF.2.00.1304140946440.10505@wonkity.com> <20130414160648.GD96431@in-addr.com> <36562.1365960622.5652758659450863616@ffe10.ukr.net> <516AFB99.2040007@rewt.org.uk> <516BDA15.6000605@digsys.bg>
index | next in thread | previous in thread | raw e-mail
> > I have been very stubborn IPFW user for very long time, but finally gave up > in favor of PF. Nothing like that ever since. I am also not convinced IPFW > is any faster than PF. Hi Daniel, I know that measuring PPS for a firewall is not enought for comparing firewall performance (rfc3511 details lot's of the parameters, but on my small&dirty bench lab with an old server (one core Intel Pentium4 3.00GHz with a dual NIC 82546GB connected to the PCI-X Bus) I've got theses differences (value are in Kpps, small packet size) on FreeBSD 9.1: - forwarding-only: 405 Kpps - IPFW enabled: 320 Kpps - PF enabled: 274 Kpps IPFW was configured with only one line: add 3000 allow ip from any to any And PF with one line too: pass => On this simple test, IPFW is "faster" than PF regarding the forwarding rate. But without "ipfwsync" feature, IPFW is useless for our use case... Regards, Olivierhome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA%2Bq%2BTcrfNZCnh4345TQ8pW7EPkmBJo=TLNjR0L%2B68mOEwydYUg>