> Edy Purnomo wrote: > > i suggested to my friend to replace his linux box to > openbsd. he uses > > mailnly for internet gateway : pf + squid proxy after 2 > weeks later he > > switched it back linux and said : linux much faster to respond the > > http requests (he had a same configuration on openbsd, pf + squid > > proxy). > > > > is there any program that can proof what he says ? > > thanks. > > > > -edy- > > Some users orefer speed over security > *shrug*
I will put forward and qualify linux being faster as a bunch of crap - perhaps he is using low grade hardware? In our application (~ 30mbps of various traffic - you name it, its there.. And lots of it is web) .. Linux won't even do it. Try to do connection tracking, or use the limiting modules for iptables, and it dies At 50,000 states.. I've personally seen ours do in excess of 540,000 states. Linux just runs out of ram and dies.. Its really horrible as a network firewall (IMNSHO) Have you tried tcpblast? That would probably give you an accurate benchmark. I'd still say if the throughput on BSD is worse, something is incorrectly configured. And I would have to echo what was already said - it's a firewall.. It is security your after? :) D.
