On Mon, Dec 03, 2007 at 08:03:20PM +0100, Peter Teunissen wrote: > On 3-dec-2007, at 7:25, Ron Johnson wrote: > >On 12/02/07 22:22, John Schmidt wrote: > >>I have a 15K Mbs connection (up/down) to my house (fiber to the > >>home). > >> > >>I have a Buffalo router that connects to my WAN and then one of the > >>LAN ports on this router connects to my IPCOP firewall that is > >>running on a PII -- 400 MHz box with 64 MB of RAM. > >> > >>When I do a speed test from my box behind my IPCOP firewall, I get > >>about 10K Mbs up/down. > >> > >>If I move the connection to one of the Buffalo router LAN > >>connections, I get the advertised 15K Mbs up/down speed. > >> > >>So routing traffic thru the IPCOP firewall slows things down quite > >>a bit. Is this to be expected? > > > >It is if IPCOP puts a load on the CPU or starts swapping memory. > > > >Does it? > > > >> I was thinking of changing the firewall to a > >>debian box running shorewall, and was wondering if I could tweak the > >>firewall/ router to not slow things down appreciably like the ipcop > >>box is doing. > > > > FWIW, you could try m0n0wall instead, it runs fine on my FW with 64MB > & 450mhz PII. I get 10MB/sec throughput without full load on the cpu. >
Or OpenBSD. Has a much smaller memory footprint (means less swapping) than linux and perhaps faster as well. Also, since its a firewall, OpenBSD is supposed to be the most secure firewall to which regular people have access. Doug. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
