Re: Debian routers + firewalls for large ISP?

--On September 25, 2007 8:32:57 PM -0400 "N.E.S.T. Solutions" <nest_consulting@yahoo.ca> wrote:

Hi all,

I'm looking for experts advice about possible firewalling with debian.
needing to serve a very heavy load of clients/bandwidth and I'm not sure
it is do-able with Linux based OSs and today's machine, due to my test

Here's the specs:

1) Serving video + audio streaming only, clustered environment pushing
the stuff
2) 10GB/second sustained bandwidth, 40GB/second peaks (long peaks,
sometimes hours), growing fast

You can't. PCs do not have the busses. Go with Juniper, or, Cisco. PCs also can't process that many PPS. It requires hardware based switching. Also with that much traffic I'd say go with a real router like a Juniper (or...Cisco. I don't like Cisco much for routing anymore, too many times I've had them completely collapse under Dos/DDoS or simply high PPS or high flow rates).

BTW, $$$ for required hardware is not an issue... so if you suggest
pricey stuff, I don't care.

I'd look at Juniper with an ASPIC II in that case. An M20 atleast. M10/M10i would be too small for your projected loads. M20/40e or an M120 with appropriate PICs and atleast 1, possibly 2 ASPIC's. Each port on a Juni is wire rate. They don't do oversubscription. Which is part of the reason why they cost more.

