On Fri, 4 Jan 2002 18:42:13 -0800
"John Morris" <[EMAIL PROTECTED]> wrote:
> What are the current options for firewalls that can handle 1gb
throughput ?
> I've got a client that has a 1gb internet connection, (a major Univ),
and
> they want to firewall it, but haven't because they haven't found
anything
> that wouldn't impact the performance too much. I've seen firewalls
that
> advertise ~622mbps, but none that claim anything higher, but perhaps
I'm
> wrong. Or could you use a really hefty OpenBSD box with two gigabit
fiber
> cards ?
Are you going to go with a bridging firewall or a routing firewall, and
is it just going to filter or perhaps doing nat as well? I guess a nice
i386 box w/ 64bit 66mhz PCI slots could live up to that as pointed out
in a previous post. You might want to check up on
http://marc.theaimsgroup.com/?l=openbsd-misc&r=1&w=2 , there was a
discussion some months ago about 1000FX cards regarding their
performance.
Keep in mind that it's not really the volume of traffic that makes the
inpact (most likely only limited by your pci bus), but the amount of
packets that traverse the firewall.
// nick
