--On Wednesday, May 09, 2001 12:18 PM -0400 "Larry D. Adams"
<[EMAIL PROTECTED]> wrote:
> I have a SunScreen EFS 3.0b running on a Sun E250 box in
> Stealth mode. I also have a quad card on the Firewall
> machine. I currently have hme0 (ADMIN) and qfe0 (SPF 100Mbps)
> coming from a Cisco Catalyst 2900 Switch to the Firewall
> and I have qfe2(SPF) going to a BayStack 350T Switch which
> have 12 ports. That allows me to attach 11 HOSTS to the
> 350T.
>
> I am thinking about changing that box to a Cajun P330 with
> 48 ports. According to the SunScreen Ref manual, the Firewall
> can support as many as 15 interfaces. I interpret that as
> I can add two more quad cards, which will give me 12 interfaces
> plus hme0 for a total of 13 interfaces connected to the Firewall.
...
> Even if the 15 interfaces refers to the maximum no matter how
> you connect them, how could I increase throughput on qfe0 since
> it only supports 10/100 Mbps in Stealth mode?
- Increasing throughput on qfe0 won't help unless you also increase
throughput on qfe2.
- In theory, you could use fast ether channel to gang multiple fast
ethernet ports into one logical connection, if your switch supports it. I
have no idea if this actually works with SunScreen.
- Upgrading both interfaces to gigabit may be easier, if your switches
support gigabit interfaces.
- The total number of hosts supported is extremely large (unless you have a
license limit). Your real restriction is going to be bitrate. Not knowing
how your E250 is configured, I can't guess when you'll run into CPU
exhaustion. I'm also not sure how many PCI busses the E250 has - that could
become a bottleneck.
--
Carson
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
