From owner-freebsd-questions Thu Oct 3 10:27:42 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E235A37B401 for ; Thu, 3 Oct 2002 10:27:40 -0700 (PDT) Received: from post.inweb.co.uk (post.inweb.co.uk [213.210.47.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id A7C9743E4A for ; Thu, 3 Oct 2002 10:27:39 -0700 (PDT) (envelope-from freebsd-questions@jonze.com) Received: from daedalus.info-plc.com ([213.210.24.162]) by post.inweb.co.uk (8.12.3/8.12.3/Debian -4) with ESMTP id g93HRPcc009020 for ; Thu, 3 Oct 2002 18:27:25 +0100 Received: from daedalus.info-plc.com (localhost.info-plc.com [127.0.0.1]) by daedalus.info-plc.com (8.12.3/8.12.3) with ESMTP id g93HRdXu035953 for ; Thu, 3 Oct 2002 18:27:39 +0100 (BST) (envelope-from freebsd-questions@jonze.com) Received: (from richard@localhost) by daedalus.info-plc.com (8.12.3/8.12.3/Submit) id g93HRcKc035952 for freebsd-questions@FreeBSD.ORG; Thu, 3 Oct 2002 18:27:38 +0100 (BST) X-Authentication-Warning: daedalus.info-plc.com: richard set sender to freebsd-questions@jonze.com using -f Date: Thu, 3 Oct 2002 18:27:38 +0100 From: Richard Jones To: freebsd-questions@FreeBSD.ORG Subject: Re: advise on gateway-setup Message-ID: <20021003182738.A35863@daedalus.info-plc.com> References: <20021002160429.GC96783@deter.dk> <3D9BEDAF.6080606@401.cx> <20021003104748.GA99335@deter.dk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20021003104748.GA99335@deter.dk>; from vchit-list@deter.dk on Thu, Oct 03, 2002 at 12:47:48PM +0200 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Thu, Oct 03, 2002 at 12:47:48PM +0200, Morten Grunnet Buhl wrote: > Thanks everyone. > To summon what I have been told. I need a fair amount of RAM, medium CPU, reliable > disk (RAID of some sort), and cooling - you can never get enough. > This pretty much what I expected - but I must admit its nice to hear > some production-case-stories. Hmmm, I'm not too sure what you're trying to deploy here. I would start by saying that a router/firewall traditionally has very low requirements compared with other computing tasks (gaming, development). In our office here, rather than buy a dedicated firewall router, I built a Linux and then FreeBSD machine for a firewall. It's a P100 with 48M RAM and a 1Gb HDD. It's load average rises slightly above zero when I log in and otherwise not at all. It services about 30 people with a 1Mb link, and mixed 10Mb, 100Mb internal service subnets. If *all* you are doing is routing and firewalling, then you will not need so much RAM, the processor speed will depend to some degree the complexities of your firewall/NAT tables, and the speed of your network connections. Bear in mind though, before you starting splashing out on processors, that your PCI bus is limited in its bandwidth (33Mhz?). For resilience, I would recommend mirrored drives, but they need be no larger than your install - 1GB should do as you won't need source, X etc. They don't need to be fast either, once the firewall's up and running everything will sit in memory. > doing a fiber solution. So if anybody has some fiber specific Now this could make a big difference. Running several Gb NIC cards might start to test your PCI bus and possibly processor. Regards, Richard -- Richard Jones http://www.jonze.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message