Hello Michelle,
> Am 2004-05-03 14:51:10, schrieb Peter Mueller: > > >With good NICs (eepro100 etc.) and not too many iptables > rules you will max > >around 20mbit/sec. A good rule of thumb is 5 cycles per > megabit. This > >limit actually applies to all Linux servers, not just leaf. > > > >P > > Are you sure ? > > I run a HP Vectra XA 5/200mmx with 32 MB and have 4 x 3Com > 3C905B and 2 x 3c509B. > > I have one USB-Modem connected to the USB-Port and two other > Ethernet-Modem-Router to the two 3c509B. > > The 10MBit Nics are for my publicnet, privatenet, securenet and > wavenet (Proxim Tsunami MP.11a). > > I can transfer without any problem around 5 MByte/Second between > the publicnet (ftp/web-server) and the privatenet (workstation) > > My old Router (LRP 2.9.4) had done around 30 MBits on a 486dx4/100 > with 5 nics 3c509B > > So I think, you can have realy more on a P1/100
It's a rule of thumb, not a book of law :-). I did some testing for a T1 IPSEC gateway and had my results confirmed by the FreeSWAN performance guide (http://www.freeswan.org/freeswan_trees/freeswan-2.06/doc/performance.html). It is only my result from one machine, but it was confirmed by a fairly popular project so I still feel confident that it is reasonable.
The bottom line is it depends on your PCI bus, network drivers, and especially your network cards. Also, firewall rules can play a part here. I must admit I'm surprised to hear a 486 - admittedly one of the faster ones - was able to get above 20mbit/s with ISA (3c509b) cards! Maybe there is some truth to 3com cards using less CPU. I have always preferred eepro100's but maybe that was premature..
My own router (DMZ to LAN) experience is closer to Michelle's than to Peter's. That's with an old, 166 MHz Pentium, a 2.4.x kernel, a bespoke ruleset (not Shorewall or any of the less popular stock alternatives), and no encryption.
But the more important thing to note is that the two of you are probably looking at quite different configurations. Michelle's setups almost surely use simpler rulesets than Peter's, and the added load of IPSec in Peter's case will also slow throughput ... by a lot if the advice from the IPSec site he cites is to be believed.
Applied to "all Linux servers", 20 Mbps is not even a plausible "rule of thumb". I routinely see 60 Mbps on big (multi-gigabyte) LAN-to-LAN transfers (ftp, scp, and samba) between pairs of Linux servers (equipment varies, but typically either a 1 GHz P3 or a 1.7 GHz Celeron, usually cheap, "flavor-of-the-week" tulip NICs).
A couple of other details ...
both my memory and 3Com's Website say that the 3c509b NIC is a 10 Mbps NIC. So I suspect a typo in Michelle's report that she got 30 Mbps throughput using them ... unless she meant the combined throughput of the 4 in her LRP router. Similarly, the "5 Mbyte" (40 Mbps) transfer she reports between two nets using 3c509bs is a bit hard to understand.
a T-1 has a top speed of 1.544 Mbps, making it hard for me to understand how a connection over it could test the throughput limit of a 10 Mbps NIC, let alone a 100 Mbps NIC.
-------------------------------------------------------
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
