I agree with the comments about linux/software vs commercial/hardware firewalls. From my experience with hardware firewalls, the linux kernel seems to me more flexible and feature rich in many cases.
I'm curious if anyone on the list has any similar comments regarding lvs load balancing vs hardware solutions. LVS-NAT doesn't scale as well as LVS-DR, of course, but don't most hardware load balancers do NAT just the same? Also, any opinions on hardware ssl acceleration? Poking around, I've found that you can buy a system with a via cpu with the padlock extension (which openssl supports), or a $2000+ pci card, or a hardware load balancer and pay for the $2000+ pci card add-in which most of them offer. /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
