On 18/04/2011, at 1:07 PM, Rodrigo Mosconi wrote: > Hi all, > > I'm interested on some benchmarks, specially with network/PF. >
On the general performance: http://www.openbsd.org/faq/pf/perf.html > For example: > > What's the maximum bandwidth that a soekris (or alix) can handle safely as a > firewall? (with and without ipsec, how long the rule set are) Why limit yourself to (low-end) machines? Budget constraints? Space constraints? Or it might to cool to play with these devices? (I thought so too, but in the end easier to whack in an old Dell Optiplex - as is often recommended on this list.) > > Peter Hallin exposed a configuration that can handle near a 1Gbps on bridge > mode. Peter, how much traffic your new firewall handle? > > On the branded servers (Dell, HP, IBM, etc), how best traffic one firewall > can handle? Which goes fastest? Ford or Holden? What NICs are in those machines? > > These are some questions. What does "traffic" mean? Is your traffic the same as mine? > > Some of these information can help me to advocate OpenBSD based solution at > work, starting with firewall. Just as comment, some linuxes (argh) fw can't > handle as much as 100Mbps on Dells (R200 or R400). > pf is fast enough for me at my work. It might not be fast enough for you at your work. What are your requirements? > Thanks for any comments, > Probably not what you were after, but that's the repeated advice I see around here - only YOU can answer this question. And don't forget to read this (and buy the book) http://home.nuug.no/~peter/pf/en/ > Mosconi
