Falk Husemann wrote: > Hello misc! > We're using OpenBSD on our Hardware since 2003 and have run our Firewall > on OpenBSD since that time too (always following -STABLE). > > Now the box i once built for that purpose has broken down and I'm in > need of a replacement I'll assemble myself again. The box serves a > squid, a pf (with 2 and 1/2 pages DinA4 ruleset), named and httpd-SSL > > The hardware will be on the low to medium end (budget 400-600 EURO). > > > > Which processor architecture is faster for firewalling purposes? pf runs > in kernelspace AFAIK, so will dual-core be useless? AMD64? Pentium 4? > > > I thought about buying 2GB+ of RAM and running parts of the system from > RAM (tmp, squid-cache). Is this possible on OpenBSD? A quick google > search did not turn up anything. > > > A quick hint would be sufficent, I don't want to get on someones wick, > but theres no information about firewall hardware and obsd on the net. > > > > Thanks in advance, > Falk > >
My home firewall is serving 4-5 machines, 2 of them full-time connected to the internet. And 3 others sometimes are connected. I run apache, dhcpd, named, openvpn, webmin, ifstated, plus some others things. I do have a one and half pages of rules. But the better part, my hardware: CPU: Pentium 133 Mem: 64MB EDO Two 10Mbit ethernet cards: An ep(4) based card and an ne(4) based card. It stays 80% idle most of the time (not counting when i download the last lost episode using torrents and dht :)) So, unless you have a huge amount of traffic, i recommend buying a good machine for yourself and using the one you have for the firewall. My 3 cents, -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Snike Tecnologia em Informatica 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85 [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]