Hi, We're going to be doing some network restructuring, splitting our internal network into 2 separate IP networks (192.168.1.0 and 192.168.2.0). We currently have a Microsoft ISA firewall for our whole network (since it's just 1 ip network right now, 192.168.0.0). I've suggested replacing the ISA firewall with an OpenBSD machine with 3 NICs, to handle both routing between the two internet networks, and firewall out to the internet. It will just be a static route between the two internal networks, in addition to whatever routing is necessary for firewall/NAT (I'm not sure on this?).
As far as the firewall is concerned, I don't think it will be a problem as far as performance goes (our internet connect is 2mbit, which shouldn't be hard to saturate). For the internal routing though, what kind of hardware would we need to keep the 2 gigabit networks connected at a decent speed? We're looking at a p4 with a gig of ram - does that sound like it'll be a bottleneck? I figured that OpenBSD would lower the requirements for our firewall machine (less bloat) as well as increase security. Sorry if this is too general or vague a question - I did some searching on the archives and could only find references to performance of IPSec implementations, which we won't be using Thanks, I appreciate any responses/links/feedback, Peter L.
