On 2011-08-06, Stuart Henderson wrote: >> On 2011-08-05, System Administrator wrote: >> Looking to build a firewall for a fairly busy (25+mb) site. Hardware is >> Dell PE2850, 2 Xeon 64-bit CPUs, 4GB RAM, 6 em(4) interfaces. Software >> is primarily pf(4) and relayd(8). >> >> Not so long ago the recommendation was to use the i386 build for a >> slight perfomance and stability benefit. Is that still the case? What >> are the advantages and shortcomings of amd64? >> >> Thanks in advance. >> >> > >25Mb/s isn't much for the hardware you have. If you're really bothered >then benchmark/test it *in your setup* but either will probably work fine.
We run sustained 30 MBits/sec (with spikes up to 80-100 Mbits/sec) on a pair of Dell R200s with no problems. em0 at pci2 dev 0 function 0 "Intel PRO/1000 PT (82571EB)" rev 0x06: apic 2 int 16 (irq 15) em1 at pci2 dev 0 function 1 "Intel PRO/1000 PT (82571EB)" rev 0x06: apic 2 int 17 (irq 14) bge0 at pci3 dev 0 function 0 "Broadcom BCM5721" rev 0x21, BCM5750 C1 (0x4201): apic 2 int 16 (irq 15)\ brgphy0 at bge0 phy 1: BCM5750 10/100/1000baseT PHY, rev. 0 bge1 at pci4 dev 0 function 0 "Broadcom BCM5721" rev 0x21, BCM5750 C1 (0x4201): apic 2 int 17 (irq 14) brgphy1 at bge1 phy 1: BCM5750 10/100/1000baseT PHY, rev. 0 This is 4.9-RELEASE and i386 (box had i386 4.4 on already, prior to upgrade so I thought no need to install amd64 on it as it only has 2G of RAM on it. In addition, that box happily can do up to 200k packets/sec as well. I think a PE2850 with 4G of RAM for a firewall is overkill for 25 Megabits/s. Tom Tom
