Thanks for the answers! Yes, it's a single physical machine running Debian (OpenBSD is not an option for my friends, and I don't know anything about virtualization in OpenBSD, just that there isn't a native support).
Answering to Tomas: 1) This is the host (physical machine) http://www.hetzner.de/hosting/produkte_rootserver/ex40 2) I'm going to test it, but I wanted some advices about it's performance and if it will fit our our needs, so that way I won't loose any time setting it up. 3) As far as I know now, the more common type of traffic will be: HTTP/S, VPN, Owncloud and bittorrent sync, VoIP and XMPP. 4) We only have a single physical machine, and they 3 of them (we are 5) never used OpenBSD, and they are not exactly "excited" about using it. 2014-04-11 7:18 GMT+02:00 Tomas Bodzar <tomas.bod...@gmail.com>: > > > > On Fri, Apr 11, 2014 at 1:35 AM, Sinosuke Noara < > capitan.shinc...@gmail.com> wrote: > >> Hi guys, >> >> I've rented a virtual private server with some friends and we would like >> to >> deploy a firewall. I suggested packet filter and OpenBSD because I have it >> at home, but really don't know about the performace of the OpenBSD packet >> filter into a virtual machine. The idea is to have some (6-9) different >> virtual machines running at the same time, 2 of then (apart from the >> firewall) will have a lot of incoming traffic and at least 1 will have a >> lot of outgoing network traffic, so my mates are thinking that PF into a >> virtual machine running OpenBSD is not going to have a good performance, >> maybe because (as far as I know) PF can't work using more than one core. >> >> Any of you have some experience about this? Could you give me some info >> about performance or some nice arguments to convince them? >> >> Thanks in advance! >> >> Excuse my english, but I don't practice it regularly. >> > > 1) You don't mention which VPS are you planning to use > 2) PF can handle a lot of traffic just fine, but you must test in YOUR > scenario > 3) You don't mention expected amount of traffic and type of that traffic > 4) Why exactly are your friends against it? Maybe they don't know OpenBSD > well, maybe VPS doesn't support OpenBSD and so on
