Hi Ken,
ISA 486/33 should be more than adequate for your needs on <= 10Mb/s
network. If it is a Mediaone connection (1.5Mb/s = 1/6 of regular
ethernet) even a 386 should be enough.
I have a 486/50 acting as my firewall/router and during ~ 190KB/s
downloads it never breaks a sweat (load always < 0.05). And this is with
about 170 packet filtering rules!
(The reason why so many filtering rules don't effect the throughput is
because the packets are so large (MTU=1500) during high throughput:
only about 100pkts/sec to check. Flood of small packets, e.g. Dos
attack, would likely be a different story...)
I have CONFIG_IP_ROUTER (optimize as router) set in kernel .config,
but I haven't measured what difference that makes. I can send you
the network options part of my .config if you are interested.
Read /usr/src/linux/Documentation/Configure.help for more info on the
CONFIG_IP* switches.
Please also read the /usr/doc/HOWTO/Ethernet-HOWTO in particular
section "4. Performance Tips", where the author argues even
an 8-bit NIC on a 486 with 8MHz ISA bus is borderline for 10Mb/s
ethernet, but probably sufficient for Cable modem rates. 16 bit NIC's
(probably what you have) are even better.
Karl Runge
On Sat, 26 Feb 2000, "Kenneth E. Lussier" <[EMAIL PROTECTED]> wrote:
> All,
> I have a fairly dumb question about firewall performance. Does the
> system hardware impact the speed of network traffic going through the
> firewall? I have an old 486/33 with 24M of RAM running RH6.1 with
> ipchains for a firewall. The box isn't doing anything but packet
> filtering. I'm just wondering if I could increase my network speed if I
> put a faster system in.
> TIA,
> Kenny
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
