Hi Michael, > I'm looking for a NAT/firewall/VPN solution with failover for a private enterprise TV system. While my gut reaction is PF, I'm wondering if anybody here has done this before.
I might start a capabilities war, but we've seen OpenBSD become CPU bound with about 150k packets per second with some pretty fast hardware. This is without PF running. I'm sure there are a million tweaks that can be done to improve this, but expecting OpenBSD + PF to process small packets (lets say 128 byte packets on average), resulting in 1 million packets per second on a "full" 1Gbps connection, is probably not going to happen. Eric
