Date: Wed, 09 Feb 2005 11:04:45 -0800 From: "Mark A. Garcia" <mag@hamletinc.com> To: darryl@osborne-ind.com Cc: freebsd-questions@freebsd.org Subject: Re: Firewall throughput question Message-ID: <420A5ECD.4090308@hamletinc.com> In-Reply-To: <000801c50ec5$a2115c00$0701a8c0@darryl> References: <000801c50ec5$a2115c00$0701a8c0@darryl>
next in thread | previous in thread | raw e-mail | index | archive | help
Darryl Hoar wrote: >Greetings, >I have had a Freebsd firewall (Older computer with (1) 3com 10Mb >ethernet PCI card, and (1) 3 com 10/100 Mb ethernet PCI card). >The firewall croaked on me (motherboard died). As a quick fix, >I plugged in a Linksys BEFSX41. > >My Question is, should I build a new Freebsd firewall or just >continue using the Linksys ? Throughput and security are my >concern. I can have up to 20 machines on the LAN at one time >using the internet, so traffic throughput is a factor. > >Anyway, my inclination is to build a new freebsd firewall, but >don't want to do the work if the Linksys is good enough. > >Thanks for any ideas or suggestions. > How old are those 3com cards? I think the most important area to look at is guaging how much packet loss will occur under these high loads. And that in-of-itself might appear differently in one type of traffic and not others, i.e. vpn, ssh, encrypted traffic, ssl. Also, how well and quick a device can handle packet loss can be determined by newer equipment (new linksys router) handling packets that come over the wire verses and older 3com card with aging firmware. It's a toss up that's hard to make a definative suggestion... unless you can do what Hexren mentioned and pit them against each other. That would be the easiest way to appease your needs. -.mag
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?420A5ECD.4090308>