From owner-freebsd-questions@FreeBSD.ORG Thu Jan 8 07:23:11 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4743F16A4CE for ; Thu, 8 Jan 2004 07:23:11 -0800 (PST) Received: from mail1.acecape.com (mail1.acecape.com [66.114.74.12]) by mx1.FreeBSD.org (Postfix) with ESMTP id 28A5B43D45 for ; Thu, 8 Jan 2004 07:23:10 -0800 (PST) (envelope-from lists@natserv.com) Received: from p65-147.acedsl.com (p65-147.acedsl.com [66.114.65.147]) by mail1.acecape.com (8.12.10/8.12.10) with ESMTP id i08FN9TI017019; Thu, 8 Jan 2004 10:23:09 -0500 Date: Thu, 8 Jan 2004 10:25:33 +0000 (GMT) From: Francisco Reyes X-X-Sender: fran@zoraida.natserv.net To: Wayne Pascoe In-Reply-To: <20040108150955.GC9720@marvin.penguinpowered.org> Message-ID: <20040108102025.R61355@zoraida.natserv.net> References: <20040107173058.GB6217@marvin.penguinpowered.org> <20040107185650.GA6981@marvin.penguinpowered.org> <20040108150955.GC9720@marvin.penguinpowered.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: Wayne Pascoe cc: freebsd-questions@freebsd.org Subject: Re: Hardware requirements for firewall X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 Jan 2004 15:23:11 -0000 On Thu, 8 Jan 2004, Wayne Pascoe wrote: > > Another alternative.. prepare both machines. Have the better machine ready > > to do an able to be connected/switched to at a moments notice. Put the > > slower machine on at the slowest day. Monitor it closely as traffic grows. > > That's probably the way forward, yes. Thanks. Also go over the kernel and disable anything you don't need. I have never needed to squeeze every cycle of performance out of a machine, but it should help to reduce un necessary programs from been run. You may also try to find from others which firewall is more efficient if ipfw or ipf. Also find from others who have had firewalls on busy networks how rules order may possible have an impact in performance. Best of luck in this project..