Michael J McCafferty wrote:
But, I don't know which will better solve the problem. The problem is
packets per second, not megabits.
Basically, I need the PF solution that can handle the highest number of
states, and the highest number of packets per second, as possible. I
figure I need four of these machines (2 networks, each with one
redundant pair of firewalls). Even though I already have hardware on the
way, I am not opposed to doing something different.
I don't know about FreeBSD, but changing from OpenBSD 4.1 to 4.2 in some
tests made an astonishing difference w.r.t. handling lots and lots of
small packets per second. From that p.o.v. it's like a new operating system.
See this discussion thread, especially the part with the SOLVED tag:
http://thread.gmane.org/gmane.os.openbsd.misc/129858
Does the "em" driver do interrupt mitigation ?
I would like to know the answer to that question myself.
--
Florin Andrei
http://florin.myip.org/
