Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 09 Feb 2005 11:04:45 -0800
From:      "Mark A. Garcia" <mag@hamletinc.com>
To:        darryl@osborne-ind.com
Cc:        freebsd-questions@freebsd.org
Subject:   Re: Firewall throughput question
Message-ID:  <420A5ECD.4090308@hamletinc.com>
In-Reply-To: <000801c50ec5$a2115c00$0701a8c0@darryl>
References:  <000801c50ec5$a2115c00$0701a8c0@darryl>

next in thread | previous in thread | raw e-mail | index | archive | help
Darryl Hoar wrote:

>Greetings,
>I have had a Freebsd firewall (Older computer with (1) 3com 10Mb 
>ethernet PCI card, and (1) 3 com 10/100 Mb ethernet PCI card).  
>The firewall croaked on me (motherboard died).  As a quick fix, 
>I plugged in a Linksys BEFSX41.
>
>My Question is, should I build a new Freebsd firewall or just 
>continue using the Linksys ? Throughput and security are my 
>concern.  I can have up to 20 machines on the LAN at one time
>using the internet, so traffic throughput is a factor.
>
>Anyway, my inclination is to build a new freebsd firewall, but 
>don't want to do the  work if the Linksys is good enough.
>
>Thanks for any ideas or suggestions.
>
How old are those 3com cards?

I think the most important area to look at is guaging how much packet 
loss will occur under these high loads.  And that in-of-itself might 
appear differently in one type of traffic and not others, i.e. vpn, ssh, 
encrypted traffic, ssl.  Also, how well and quick a device can handle 
packet loss can be determined by newer equipment (new linksys router) 
handling packets that come over the wire verses and older 3com card with 
aging firmware.

It's a toss up that's hard to make a definative suggestion... unless you 
can do what Hexren mentioned and pit them against each other.  That 
would be the easiest way to appease your needs.

-.mag



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?420A5ECD.4090308>