From owner-freebsd-net Sat Mar 27 14: 0:30 1999 Delivered-To: freebsd-net@freebsd.org Received: from inner.net (avarice.inner.net [199.33.248.2]) by hub.freebsd.org (Postfix) with ESMTP id D030914F0C for ; Sat, 27 Mar 1999 14:00:28 -0800 (PST) (envelope-from cmetz@inner.net) Received: from inner.net (cmetz.cstone.net [205.197.102.217]) by inner.net (8.9.1/8.9.1) with ESMTP id VAA08726; Sat, 27 Mar 1999 21:56:06 GMT Message-Id: <199903272156.VAA08726@inner.net> To: mike@sentex.net (Mike Tancsa) Cc: freebsd-net@FreeBSD.ORG Subject: Re: FreeBSD as a router In-reply-to: Your message of "Sat, 27 Mar 1999 21:40:24 GMT." <36fd12fb.3761327633@mail.sentex.net> X-Copyright: Copyright 1999, Craig Metz, All Rights Reserved. X-Reposting: With explicit permission only Date: Sat, 27 Mar 1999 16:59:08 -0500 From: Craig Metz Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In message <36fd12fb.3761327633@mail.sentex.net>, you write: >On 27 Mar 1999 02:44:45 -0500, in sentex.lists.freebsd.misc you wrote: > >>This is probably a stupid question (not that it ever stopped >>me before), but is a FreeBSD system capable of running as a >>high-capacity Internet router? I would like to run a number >>of FreeBSD servers running a web application behind a FreeBSD >>system acting as a router/firewall. Any examples of web sites >>doing this would be great. > >Have a look through the various archives. You will see this topic >discussed several times. Also, you will need to be a little more specific >about the term 'high-capacity'.. In an industry riddled with >high-hyperbole, what does high capacity mean ? >10Mb ? 100Mb ? 155Mb ? 1 Gigabit ? ftp.cdrom.com is probably a good >example, as is www.yahoo.com which also makes use of FreeBSD. As an >ethernet router, I can push through over 10Mbits comfortably through my >router with a dozen or so firewall rules as well as running gated with 2 >views. If you are talking about anything faster, you are best off to test >it yourself to see if it will meet your needs or not. What really matters here is the application. If the original poster was thinking about using FreeBSD-based commidity PCs for the core routers of a large ISP, well, he can keep thinking that (just don't do it!). The hardware can't move the bits fast enough and keep the interfaces fed, FreeBSD isn't able to forward packets that fast, and standard GateD can't handle that sort of routing load/complexity. Several "real" router vendors (e.g., Torrent, Juniper) use very special hardware (including hardware fast-path forwarding) and special routing software with FreeBSD in the middle, so the problem is not FreeBSD itself but the pieces above and below. If the original poster was thinking about using FreeBSD-based commodity PCs for small-to-midrange routers in an environment where cost/flexibility is important and it doesn't have to deliver every last bit of line capacity, then it might be a great choice. Research networks (e.g., vBNS and CAIRN) are deploying FreeBSD-based PCs as midrange WAN routers (OC3 ATM on one side, 100Mb/s Ethernet on the other), and in the process, are trying to push what can be done on such a platform. A FreeBSD (*BSD or Linux, too) PC with a quad-Tulip board can build you a decent four-/eight-/twelve-port 100Mb/s router for a lot less cash than a "real" router vendor would charge you, which might be reasonable for a mid-sized business with a lot of subnets and not so much traffic. This might fit some people's definition of high capacity. In both scenarios, a FreeBSD-based PC might not actually be able to move the bits fast enough to run all four ports at capacity (PC NIC boards tend not to have useful amounts of buffer on-board, and the PCI bus can only service one device at a time), but that might not be really necessary, and the difference in cost might really be worth it. And with FreeBSD, you have the source code. -Craig To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message