> >Josh wrote: > >>Hello there. > >> > >>We have a bunch of obsd firewalls, 8 at the moment, all working nice > >>and so forth. But we > >>need to add about another 4 in there for new connections and > >>networks, which means more > >>machines to find room for. > >> > >>So basically I have been asked to investigate running all these > >>firewalls in two big boxes, with lots > >>of NIC's, with a bunch of openbsd vritual machines on them. One main > >>box for the primary firewalls, > >>one for the secondary. Each virtual machine getting its own physical > >>NIC. > >> > >>Personally I dont really like the idea, I can see things going wrong, > >>lots of stuff balancing on a > >>guest os and box.
I don't understand the logic of having multiple firewalls on one box. If one box can handle the throughput requirements of all the NICs, why not just one big firewall? Doug.
