Re: Voice Server comunication

[Ian Greenhoe <ihgreenman@gmail.com>]

On Wed, 2005-11-30 at 09:02 +0000, Simon Farnsworth wrote:
> On Wednesday 30 November 2005 00:47, André wrote:
> > Hello using servers like a teamspeak server can carry lot of udp traffic
> > in a case where I would have a policy rule (INPUT) to drop all incoming
> > traffic and in the INPUT Policy only allowing with certain rules some
> > udp ports related to the server like 25008 could a pentium celereon ...
> >
> > Intel(R) Celeron(R) CPU 1.70GHz
> >
> > Handle all traffic for like 10 servers maybe 10 clients per server,
> > maybe less without packet loss or problems affecting the service ?
> >
> Depends on the packet rate and data rates. As a reference point, a 486DX2-66 
> was able to handle saturation traffic in both directions using two NE2000 ISA 
> cards on 512KBit/s down, 256KBit/s up ADSL, at just over 10,000 packets per 
> second, without struggling. These things don't scale linearly, but unless 
> your network connection is much faster, the CPU's unlikely to be a 
> bottleneck.

It also depends on the type of packet processing/NIDS that you are
doing.  For example:  Snort, unless tuned, can easily eat a *lot* of CPU
on the firewall and cause substantial degradation of service.  (This is
not saying that Snort is a bad product -- just that it needs to be
deployed with caution on live network boxes, like any other NIDS.)  

However, in this case, provided you are only using specific port(s), if
should be fairly easy to tell most NIDS to ignore traffic over that
port.

-Ian