Re: CPU for firewall machine?
Michael Meskes wrote:
>
> On Thu, Aug 10, 2000 at 04:35:36PM -0300, John Ackermann wrote:
> > I have a nice small box with a 486DX4/100 in it, and am wondering if that's
> > sufficient horsepower for this sort of application, or whether I should be
> > looking at a Pentium.
>
> For 10Mb it should be okay. They usually say to fill a 100Mb net you need at
> least a Pentium 200 with an PCI card. So you should be able to run your
> system with 1/10th of the speed.
>
> Anyway, will you use the netlink device? This is very slow, so might become
> a problem.
Actually you only need the PCI. I've both used a 486DX2-66 MB with PCI
and a P-100 PCI MB for my firewall. The IPCHAINS rules list is long,
about 100 entries. Each worked fine. I have 10/100 PCI NICs on each
link. It's a 3 NIC system with a DMZ for my web/DNS server. My DMZ
only talks at 10Mbps due to there only being a 10Mb HUB on it.
When setting up my firewall/router box I evicted the PCI graphics card
for an ISA one. I wanted the slot for the NIC. The disk on the box
is a lowly 100Mbyte IDE salvaged from a system I helped upgrade. I
have a stack of them laying around to use as replacements. I even
went as far as loading duplicates of my firewall setup on a couple of
them to serve as spares incase of failure.
As for the web server box, it got the better and larger hard disks,
but it's also a slow box. It all depends on how much dynamic content
you wish to dish out. My pages are mostly static. I can get by with
a wimpy system.
--
| Bryan Andersen | bryan@visi.com | http://softail.visi.com |
| Buzzwords are like annoying little flies that deserve to be swatted. |
| -Bryan Andersen |
Reply to: