Possible Duplicate:
Can you help me with my capacity planning?
What are the hardware performance requirements to set up a PFsense firewall on my gigabit Ethernet network? Is high-performance server hardware required?
Asked
Active
Viewed 554 times
1
Utenosalus
- 11
- 2
-
3PPS is actually much more important to specify than throughout. – EEAA Dec 08 '12 at 17:11
-
1Gigabit Ethernet Network? You rall have gigabit internet uplink? – TomTom Dec 08 '12 at 18:50
1 Answers
5
Things to consider:
The processors built into expensive purpose-built firewall appliances are generally quite anemic; firewall vendors sell expensive software and hype, not hardware. Of course, one way to protect proprietary software is to sell it with hardware included, and that is what firewall vendors do.
LAN traffic ordinarily does not traverse your firewall. If you have a 50Mbps internet connection connected to a 1 Gbps LAN, you can size your firewall for 50Mbps. Don't bother sizing your firewall for wire-speed operation on a gigabit link unless you actually have a gigabit internet connection (which, in 2012, is unlikely unless you're in Kansas City or Chattanooga).
The PFsense documentation specifies CPU requirements for different levels of throughput:
- 10-20 Mbps - No less than 266 MHz CPU
- 21-50 Mbps - No less than 500 MHz CPU
- 51-200 Mbps - No less than 1.0 GHz CPU
- 201-500 Mbps - Server class hardware with PCI-X or PCI-e network adapters, or newer desktop hardware with PCI-e network adapters. No less than 2.0 GHz CPU.
- 501+ Mbps - Server class hardware with PCI-X or PCI-e network adapters. No less than 3.0 GHz CPU.
Skyhawk
- 14,200
- 4
- 53
- 95
-
to 1: Check Mikrotik, Cloud Core router - that thing has a 36 core processor for I think 16 ports or so. I would not call that thing anemic ;) Yo uare generally right, though. – TomTom Dec 08 '12 at 18:51
-
I have 1Gbps internet up-link via fiber and i need simple router for 200+ users who uses torrents a lot. – Utenosalus Dec 08 '12 at 22:26