On 4.X based versions, yes. We are faster than 6.X versions of m0n0wall.
That partially remains to be seen. I measured around 15% faster on a
4801, but then later 3-5% slower on a Xeon 2.0 GHz. It's roughly equal
with routing and NAT.
But not with bridging. The if_bridge that we use measures drastically
slower than the old bridge that m0n0wall (even 1.3) still uses.
On a Xeon 2.0 GHz:
http://pfsense.org/~cmb/graphs/6.2-bridge.png
(and another illustration that polling in 6.x is *seriously* broken)
m0n0wall 1.3 can push almost twice as much traffic when bridging, though
they're roughly equal in similar NAT and routing tests.
But, I still wouldn't let performance be the primary differentiator in
most circumstances even with bridging. You mentioned 500 Mb, I could
push roughly 500 Mb through my test box, which is much slower than a
PE860, with either one. So look at the other features and functionality
and choose based on that.
One major consideration with the kind of state load you're talking about
is with m0n0wall you would have to build a custom image because its
state table size is 30,000 and you can't change it without recompiling
the kernel (ipfilter limitation). Depending on your level of familiarity
with FreeBSD, that could be a very time consuming endeavor. With
pfsense, it's a simple GUI option to immediately increase it, not even a
reboot required.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
