the last time I checked out the guts of a Cisco PIX, I found that it was
nothing more than commodity PC hardware with an Intel processor. I
don't know if that's changed, or not. BSD is very good a pushing
packets around and the middle of 11Gbps is 5.5Gbps and that's not far
off the number he's looking for. Personally, I like the small
supermicro chassis for building firewalls. 1U X 14" deep with 2 1Gbps
interfaces. Grab a intel dual NIC and you have 4. The base model I saw
had a dual core and cost 579.00. Combine that with PFSense and you have
a very capable machine that'll handle lots and lots of packets.
--Curtis
Chris Buechler wrote:
On Fri, Dec 5, 2008 at 8:52 AM, Tim Korves <[EMAIL PROTECTED]> wrote:
Hi all,
we're searching for a reliable hardware basis to use as a pfSense firewall
with a maximum concurrent throughput of 6 Gigabits / second.
We were thinking of something like this hardware configuration:
- 2x Intel Xeon QuadCore Processors
- 4 or 8 GB of RAM
- QuadPort Intel Pro 1000 Ethernet NICs (PCIe x4)
- RAID 1 of SAS or SATA HDDs via 3Ware RAID Controller
What would you advise?
Commodity PC hardware of any type may not be able to push that. It's
not about Gbps, it's about pps and the kind of traffic you're pushing.
You're going to max out at probably 1 Mpps (million packets per
second). 1 Mpps of 64 byte frames is 488 Mbps. 1 Mpps of 1500 byte
frames is 11+ Gbps. You'll fall somewhere in the middle likely.
Stick with the quad core procs and the Intel cards. Anything over 4 GB
RAM isn't necessary.
But there isn't enough info here to tell you whether or not any
solution based on PC hardware is workable in your environment.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Commercial support available - https://portal.pfsense.org
