On Wed, 1 Apr 1998, Fred Leeflang wrote:
> In the company I work for, we're considering setting up a Linux
> firewall. I do have some experience with it, know how to create firewall
> rules and such, but I've never been in the opportunity to see how well
> Linux holds up as a firewall under high loads. The system we're thinking
Personally I would not use Linux to do NAT and packet filtering. Most
modern routers do NAT and packet filtering just fine (albeit at additional
expense) and generally have specialized hardware and software to do just
that at great speed. Linux would mostly be useful as a proxy host for the
remainder of tasks (e.g., as a HTTP web page cache). If you're using NAT
to run your internal network as a separate network, Linux makes a nice
"bastion host".
Not that it won't do it. I have a Linux host set up as a router between an
administrative network and a "regular" network at one school district (we
already had the host there, it was cheaper to plug in another network card
than buy a router and they were short on dollars) and it works fine. But
that's not under the kind of load you're talking about (the users on the
administrative network mostly just pull in an occasional web page). I
don't know what it'd do with that kind of load.
> about will have a 10Mbps incoming connection at max; We get direct
> ethernet connectivity from our ISP, our ISP itself has multiple T3's
> however, so most often the actual peakrate will be around multiple T3 (I
Not with a 10Mbps connection it won't be! (a T3 gets close to 5 times
that).
Eric Lee Green [EMAIL PROTECTED] Executive Consultants
Systems Specialist Educational Administration Solutions
"We believe Windows 95 is a walking antitrust violation" -- Bryan Sparks
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists
To unsubscribe: mail [EMAIL PROTECTED] with
"unsubscribe" as the Subject.
