[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: CPU for firewall machine?



Michael Meskes wrote:
> 
> On Thu, Aug 10, 2000 at 04:35:36PM -0300, John Ackermann wrote:
> > I have a nice small box with a 486DX4/100 in it, and am wondering if that's
> > sufficient horsepower for this sort of application, or whether I should be
> > looking at a Pentium.
> 
> For 10Mb it should be okay. They usually say to fill a 100Mb net you need at
> least a Pentium 200 with an PCI card. So you should be able to run your
> system with 1/10th of the speed.
> 
> Anyway, will you use the netlink device? This is very slow, so might become
> a problem.

Actually you only need the PCI.  I've both used a 486DX2-66 MB with PCI 
and a P-100 PCI MB for my firewall.  The IPCHAINS rules list is long, 
about 100 entries.  Each worked fine.  I have 10/100 PCI NICs on each 
link.  It's a 3 NIC system with a DMZ for my web/DNS server.  My DMZ 
only talks at 10Mbps due to there only being a 10Mb HUB on it.

When setting up my firewall/router box I evicted the PCI graphics card 
for an ISA one.  I wanted the slot for the NIC.  The disk on the box 
is a lowly 100Mbyte IDE salvaged from a system I helped upgrade.  I 
have a stack of them laying around to use as replacements.  I even 
went as far as loading duplicates of my firewall setup on a couple of 
them to serve as spares incase of failure.

As for the web server box, it got the better and larger hard disks, 
but it's also a slow box.  It all depends on how much dynamic content
you wish to dish out.  My pages are mostly static.  I can get by with
a wimpy system.

-- 
|  Bryan Andersen   |   bryan@visi.com   |   http://softail.visi.com   |
| Buzzwords are like annoying little flies that deserve to be swatted. |
|   -Bryan Andersen                                                    |



Reply to: