> > The hardware will be on the low to medium end (budget 400-600 EURO). > > > > Which processor architecture is faster for firewalling purposes? pf > > runs in kernelspace AFAIK, so will dual-core be useless? AMD64? > > Pentium 4?
Unless you're pushing lots of traffic, you don't describe anything where there will be much difference between different modern processors. > Dual-core won't do much good. AMD64 could, but the kernel is slightly > less mature[1] and I'm not sure. That's choice of OS arch, not choice of chip. You can run either arch on AMD64 chips and you should be able to run either arch on some of the newer Intel chips too. AMD64 chips should use less electricity. > > I thought about buying 2GB+ of RAM and running parts of the system > > from RAM (tmp, squid-cache). Is this possible on OpenBSD? A quick > > google search did not turn up anything. > > mount_mfs(8) could be helpful here. For squid: you could just turn off the disk cache and just use cache_mem... http://www.squid-cache.org/mail-archive/squid-users/200409/0292.html > You might also want to take a look at the 'async' mount option. Horrible > filesystem damage is just around the corner, but it's not like that > matters all that much for Squid's cache. Just be sure to properly catch > unclean shutdowns. ...they can probably be brought back up after a crash much more quickly with newfs than fsck :) Don't forget noatime too. > A couple of good NICs are always a worthwhile investment, though. > Some pointers may be found in the archive - ISTR that fxp was nice. fxp's pretty good, also sk (even if you don't need gig): fxp and sk usually cost about the same anyway.
