From owner-freebsd-net Mon Mar 29 16:59:24 1999 Delivered-To: freebsd-net@freebsd.org Received: from xylan.com (postal.xylan.com [208.8.0.248]) by hub.freebsd.org (Postfix) with ESMTP id 29A1B1518E for ; Mon, 29 Mar 1999 16:59:10 -0800 (PST) (envelope-from wes@softweyr.com) Received: from mailhub.xylan.com by xylan.com (8.8.7/SMI-SVR4 (xylan-mgw 2.2 [OUT])) id QAA17901; Mon, 29 Mar 1999 16:57:23 -0800 (PST) Received: from utah.XYLAN.COM by mailhub.xylan.com (SMI-8.6/SMI-SVR4 (mailhub 2.1 [HUB])) id QAA12740; Mon, 29 Mar 1999 16:57:23 -0800 Received: from softweyr.com by utah.XYLAN.COM (SMI-8.6/SMI-SVR4 (xylan utah [SPOOL])) id RAA24793; Mon, 29 Mar 1999 17:57:14 -0700 Message-ID: <3700216B.D9C090D8@softweyr.com> Date: Mon, 29 Mar 1999 17:57:15 -0700 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.5 [en] (X11; U; FreeBSD 3.1-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: Mike Thompson Cc: Craig Metz , Mike Tancsa , freebsd-net@FreeBSD.ORG Subject: Re: FreeBSD as a router References: <4.1.19990329115145.00a62ab0@mail.dnai.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Mike Thompson wrote: > > At 04:59 PM 3/27/99 -0500, Craig Metz wrote: > > What really matters here is the application. > > > >If the original poster was thinking about using FreeBSD-based > >commidity PCs for the core routers of a large ISP... > > Sorry, I should have defined high-capacity better. I would like to > isolate a half-dozen FreeBSD servers running a custom distributed > web application behind a router/firewall. This is to increase > security for intra-machine communication. At our co-location > facility we have a 100Mb ethernet tap to a Cisco switch/router > combination isolating our systems on a VPN. And what throughput do you have coming into the other side of the Cisco? In other words, what kind of total throughput from the outside world to your servers do you expect to see? Does this router have a 100 Mb/s connection to the external network, whatever that is? > My question is about > whether FreeBSD can keep up as a router (with a few firewall rules) > between two 100Mb ethernet networks on decent hardware such as 2 PCI > NICs and a 450 MHz PII. From the responses it sounds like it can. Probably can. If your real throughput is less than 100 Mb/s, then it almost certainly can. Firewall performance probably won't keep up with 100 Mb/s unless you have VERY few rules, but it might be adequate depending on what your REAL throughput requirements are. > I am interested in using FreeBSD as the router/firewall because it > is easy to configure and I don't have to learn something new on > top everything else I am doing. > > Thanks to everyone for their responses. Best of luck. -- Where am I, and what am I doing in this handbasket? Wes Peters +1.801.915.2061 Softweyr LLC wes@softweyr.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message