2

i am looking for x86 or arm based device to use as linux router/firewall. It schould have

  • 2 or more gigabit ethernet ports
  • enough processing power to filter a gigabit of traffic
  • about 512 MB of RAM
  • consume at maximum 60 watts
  • fit in to 19 inch server rack (1 RU)

I already took a look on some related questions, but i didn't found a device matching most of my requierements.

Recommondation?

steve
  • 123
  • 3
  • it'll be interesting to see the answers. i think you'll hit the bottleneck in terms of packets/sec. adding on the top of packet forwarding long-ish firewall rules will make things even worse. – pQd Jan 23 '11 at 12:07

3 Answers3

3

I've been using a couple of Dell PowerEdge R210s for firewalling and routing for the last year, and have just installed 4 more. I've used OpenBSD rather than Linux, but have had no complaints about the performance. When configured with a Xeon L-class CPU, the consumption (according to Dell) is 68W, so slightly over your limit , but not far off.

hmallett
  • 2,455
  • 14
  • 26
1

We use two NFR7500:

  • 5 Gigabit Ethernet ports
  • 1.5 GHz VIA C7
  • 1 GB DDR2 667
  • 1U format and 55 W

Gentoo(2.6.32,Squid,iptables,NAT,OpenVPN and PBR) 120 Mbps limit(then packet loss). Without services 900 Mbps and 40% CPU idle.

SuperServer 5015A-EHF-D525 with Vyatta(NAT,VPN,firewall,webproxy) up to 300 Mpbs. But power 200W.

pQd
  • 29,981
  • 6
  • 66
  • 109
osdyng
  • 1,922
  • 1
  • 13
  • 10
0

Why don't you get a consumer grade router and then run DDWRT on it? I believe Netgear makes some model with more ram and more flash storage so you can do just this.

I run DDWRT on the WNR3500v2 and it's performed flawlessly.

SpacemanSpiff
  • 8,753
  • 1
  • 24
  • 35
  • I just noticed your "rackmount" requirement. I will agree with hmallet, how about an R210 with Smoothwall or some other firewall based linux distribution? – SpacemanSpiff Jan 23 '11 at 15:33
  • 1
    I think there is no consumer grade router, that really can route/filter gigabit traffic. – steve Jan 23 '11 at 16:28
  • Perhaps... mine has gigabit ports, but most of that traffic is staying in the ASIC for the switch. I kinda figured if he was too cheap to buy a real device he probably doesn't have any serious traffic :) – SpacemanSpiff Jan 24 '11 at 00:36