Derek Martin wrote:
> My answer to that would be "maybe" -- depends on what you're
> doing and wether or not you have any other bottlenecks. My
> guess is if you're having performance problems, it's because of
> Internet latency, and/or saturation on your mediaone segment.
> But it's very difficult to tell without doing some testing.
I wouldn't say I'm having performance problems. I was just wondering
about some of the lower levels of firewalls and if the hardware had any
major impact on kernel-level packet filtering as opposed to packet
filtering outside of the kernel. For example, if the load on the box is
low, would better hardware do anthing to increase the performance, or
would it be the same? I understand that the final limit is the actual
bandwidth which is affected by traffic and physical factors of outside
lines, route distance, etc.
> I'm still waiting for cheap Gig fibre. :)
I hear that Palo-Alto Ca. is offering Fiber To The Home. It's a little
pricy ($150/month with a $1200 installation fee), and your limited to
100Mbps 2-way.
> Another potential source of performance degredation is fw rules
> checking, but I add this as an afterthought only because unless
> you have a huge amount of rules, this factor is unlikely to make
> a huge difference.
I think this bottleneck will be seriously reduced, if not eliminated
all together in the 2.4.x kernels thanks to iptables. Stateful packet
filtering at the kernel level should increase the speed of the fw
rule-checking. I have to admit, I do have a very lengthy rule set, but
on a Mediaone segment, one can never be too careful ;-)
Kenny
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
