* Diana Eichert <deich...@wrench.com> [2010-02-11 17:02]: > On Wed, 10 Feb 2010, Mike Williams wrote: > > >Really, nobody firewalls at multi-Gbps? > > yes, people run firewalls on 10G circuits > > I am not aware of anyone filtering at 10G who is using off the shelf > hardware, with open source O/S.
I know of some. I don't remember specifics, dunno wether anybody does linerate and with what kind of packet characteristics. for the OP, I think it has a fair chance to work out, given the hardware is picked right. there might be some experiments needed. basically you want the fastest single core possible (you'll get a multicore CPU and let the others idle), and, most importantly, fastest memory access possible, thus an architecture with fast caches - nehalem should beat core2 there, but i haven't tried yet. you want to run i386 instead of amd64 (this needs a re-check really, it's been long that we did that and amd64 changed a lot). good nics help a lot, but i dunno which 10G ones to use. bus bandwidth/latency etc should not make a difference here on any quite recent not crap hardware you can buy, disk i/o is irrelevant. you will need a very very very fast opengl capable graphics card with loads of memory of course. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting
