Hello everyone. I have an Intel D815EGEW board with a single PIII 1GHZ, 256MEG RAM, 2 Intel Pro 100MB cards. This will be used as an IPFW+bridging firewall with FreeBSD 4.8 (RELENG_4_8, perhaps RELENG_4_9 when available). My message is about network capacity.
Assume that it will be processing at peak all of this at once: 500 TCP connections with long lived sessions (an hour or more at a time) 500 UDP 'connections' 500 web (HTTP port 80 tcp) connections per second (graphics, small html pages) The HTTP sessions will be short lived, so lots of TCP handshakes at *least* a good portion will not utilize persistant HTTP The total bandwidth could be 20-50 megabits, mostly outbound to clients on the internet. Should I tweak the kernel at all for this? NMBCLUSTERS or NMBUFS? Something else? For IPFW, I figure that adding accept rules that catch most of the packets up front will help lower CPU usage. Is this correct? Maybe allow TCP if the session is established, allow setup of outbound TCP, allow setup of incoming TCP/80, allow outbound UDP packets to be happy, etc. Does anyone see any possible issues with this configuration and the expected network load? Thank you, folks! Any suggestions are very appreciated. _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"