On Tue, Apr 02, 2002 at 11:31:30AM +0530, Mehul Vora wrote: > does linux switch packets at wire speed while using netfilter to do stateful > firewalling?
No. BTW, what wire speeds do you have in mind? 64kbit/s, 100mbit/s, 10gbit/s? And on what hardware platform (processor, I/O busses). Probably the 'No' will change when you tell us. Gratuitious General Advise: any switching or routing facility with internal queues transmits packets up to some maximum packet rate saturating the I/O busses or CPU. If the aggregate outgoing "wire speed" packet rate, however that is defined, does not exceed the maximum CPU/IO saturating packet rate, the system can be said to do "wire speed switching". By varying the parameters I ask in the first paragraph above, over the range of currently supported Linux systems, I'm sure that you will find a 'Yes' solution for a two-ports-only situation at 1gbit/s speeds, and you will find that 10gbit/s is not yet available. best regards Patrick
