[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: CPU for firewall machine?



On Thu, Aug 10, 2000 at 04:07:12PM -0700, Nate Campi wrote:
> On Thu, 10 Aug 2000, Nathan E Norman wrote:
> 
> > 
> > On Thu, Aug 10, 2000 at 04:53:13PM -0400, Paul Reavis wrote:
> > > I would have some concern about full speed 10MB routing on a 486, but
> > > every time I've checked `top` or similar during heavy routing the CPU
> > > has been loafing. Is `top` a good indicator of this, or is it only
> > > tracking non-kernel processes?
> > 
> > CPU is not the issue here.  Speed of the ISA bus is an issue;
> > available RAM would be the other ...
> > 
> 
> While we're at it (not to state the obvious ;) remember that scsi
> disk(s) will ease the load on your processor as well.

This is a firewall. It should run as few services as possible. Once
the thing boots up, the only disk activity should be for syslog. Save
the SCSI disks for real servers, imo.

As for RAM, 12-16MB should be sufficient. My poor little 486SX/25
only has 8MB and is a bit painful to use. Nevertheless, it masqs
my traffic nicely. And it doesn't need to swap anything to disk,
since neither do I sit at it's console and use it, nor does it
run any services.

The only additional wrinkle in the network in question is the third
interface.

-- 
Luca Filipozzi
[dpkg] We are the apt. Resistance is futile. You will be packaged.



Reply to: