Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 29 Mar 1999 17:57:15 -0700
From:      Wes Peters <wes@softweyr.com>
To:        Mike Thompson <miket@dnai.com>
Cc:        Craig Metz <cmetz@inner.net>, Mike Tancsa <mike@sentex.net>, freebsd-net@FreeBSD.ORG
Subject:   Re: FreeBSD as a router
Message-ID:  <3700216B.D9C090D8@softweyr.com>
References:  <Your message of "Sat, 27 Mar 1999 21:40:24 GMT."             <36fd12fb.3761327633@mail.sentex.net> <4.1.19990329115145.00a62ab0@mail.dnai.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
Mike Thompson wrote:
> 
> At 04:59 PM 3/27/99 -0500, Craig Metz wrote:
> >  What really matters here is the application.
> >
> >If the original poster was thinking about using FreeBSD-based
> >commidity PCs for the core routers of a large ISP...
> 
> Sorry, I should have defined high-capacity better.  I would like to
> isolate a half-dozen FreeBSD servers running a custom distributed
> web application behind a router/firewall.  This is to increase
> security for intra-machine communication.  At our co-location
> facility we have a 100Mb ethernet tap to a Cisco switch/router
> combination isolating our systems on a VPN. 

And what throughput do you have coming into the other side of the Cisco?
In other words, what kind of total throughput from the outside world
to your servers do you expect to see?  Does this router have a 100 Mb/s
connection to the external network, whatever that is?

> My question is about
> whether FreeBSD can keep up as a router (with a few firewall rules)
> between two 100Mb ethernet networks on decent hardware such as 2 PCI
> NICs and a 450 MHz PII.  From the responses it sounds like it can.

Probably can.  If your real throughput is less than 100 Mb/s, then it
almost certainly can.  Firewall performance probably won't keep up
with 100 Mb/s unless you have VERY few rules, but it might be adequate
depending on what your REAL throughput requirements are.

> I am interested in using FreeBSD as the router/firewall because it
> is easy to configure and I don't have to learn something new on
> top everything else I am doing.
> 
> Thanks to everyone for their responses.

Best of luck.  

-- 
             Where am I, and what am I doing in this handbasket?

Wes Peters                                                     +1.801.915.2061
Softweyr LLC                                                  wes@softweyr.com


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3700216B.D9C090D8>