firewall performance question

Hello,

Here at the office I am thinking of kicking the current cisco router out
of the window after 10 years. We have a 10 MBit line and need a good
firewall/router/masquerader to get access to the net.

Wil a 2400MHz xeon with 1 gig memory and scsi discs be enough to route
500 employees using OSPF?

Thanks
ramses

In comp.os.linux.networking Ramses v. p. <(E-Mail Removed)>:
> Hello,

> Here at the office I am thinking of kicking the current cisco router out
> of the window after 10 years. We have a 10 MBit line and need a good
> firewall/router/masquerader to get access to the net.

> Wil a 2400MHz xeon with 1 gig memory and scsi discs be enough to route
> 500 employees using OSPF?

Completely OTT the box, a much slower box should be able to
handle this easily, in runlevel 3.

I'd run squid in addition on the box, to speed up internet
access for users.

--
Michael Heiming (X-PGP-Sig > GPG-Key ID: EDD27B94)
mail: echo (E-Mail Removed) | perl -pe 'y/a-z/n-za-m/'
#bofh excuse 84: Someone is standing on the ethernet cable,
causing a kink in the cable

On 2004-12-10, Ramses v. p. <(E-Mail Removed)> wrote:
>
> Wil a 2400MHz xeon with 1 gig memory and scsi discs be enough to route
> 500 employees using OSPF?
>
arf! And you plan on using the SCSI disks for what?

We have had in the past a box half the speed routing (BGP though) a
customer base at least an order of magnitude higher than that!

One thing I will suggest now, do *not* use connection tracking at all, no
stateful firewalls must take place; unless you _really_ know what you are
doing.

Cheers

Alex

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Ramses v. p. wrote:

> Here at the office I am thinking of kicking the current cisco router out
> of the window after 10 years. We have a 10 MBit line and need a good
> firewall/router/masquerader to get access to the net.
>
> Wil a 2400MHz xeon with 1 gig memory and scsi discs be enough to route
> 500 employees using OSPF?

If it will be only firewall, then no need to SCSI disks.

I don't know how much memory would tke 500 users, but I do believe 1 gig is
more than enough.

About horsepower... I have a samll router, doing firewall and NAT. When I
run the backup of the server it crosses the fireall, and is NATed. I can
make about 70 - 80 Mbit/s, sustained (it's a fast ethernet) with rsync. The
hardware is a K6 2 350, with 64 MB RAM.

[]s

- --
Newsgroups Shiva: Aprecie com moderação
www.shiva.eti.br

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFBu/Ee977gajvh3yYRAvGFAJ448FHCU+/HeXc+T9B3dA5+3fO47QCeMIAP
0iddhKMU9WTl8U//LZnRHi4=
=3f0c
-----END PGP SIGNATURE-----