Hello,
I would like to ask your opinion on what kind of PC hardware (CPU,
motherboard, RAM, FastEthernet card) would be suitable for
the following task:
- stateful packet filtering on Linux
- 155Mbit/s bandwidth
I know the full duplex FastEthernet is not equivalent to STM1, but
unfortunately the Gigabit Ethernet or ATM are not possible alternatives
on the firewall machine. Therefore the good FastEthernet cards are quite
important.
Also, what is the best way to test the throughput of a hardware
doing stateful packet firewall in a test environment? How could one
generate "real" TCP/UDP traffic? Is there a better way than to setup
thousands of echo services "inside" and connect them from "outside",
for example? How can one measure the bottlenecks on the firewall, i.e
the limit of what hardware component (slow CPU, slow bus, not enough RAM,
slow/scrappy Ethernet card, etc) is reached at the current traffic?
Is there any ready to use software available for the testing?
Thank you any help,
Jozsef Kadlecsik
-
E-mail : [EMAIL PROTECTED], [EMAIL PROTECTED]
WWW-Home: http://www.kfki.hu/~kadlec
Address : KFKI Research Institute for Particle and Nuclear Physics
H-1525 Budapest 114, POB. 49, Hungary
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
