[Soekris] net4801 bridging firewalls benchmarks results
Jason Dixon
jason at dixongroup.net
Sat Oct 8 17:54:02 UTC 2005
On Oct 8, 2005, at 12:34 PM, Giovanni Faglioni wrote:
> Hi everyone.
>
> We have just completed a serie of benchmarks
> that we think may be of iterest to this list.
>
> We tested the capability of forwarding L2 traffic
> while filtering at L3 (+) on several net4801s,
> with and without the optional lan1621 and lan1641
> boards. The results were not gratly affected by the
> presence (or use) of the PCI ethernet vs the internal
> ones. (maybe a 10% + or - in the worst cases)
I like the idea of your tests, but why not throw up a page with
complete results? Showing the throughput of the various systems with
firewall enabled, but no filter rules, doesn't really give any useful
information. If you're not going to use any filter rules, then at
least have the packet filters disabled. On the other hand, I would
be interested in seeing some numbers with "basic" real-life examples
(say, traffic inbound to a DMZ... or traffic outbound from a LAN).
If you'd like any assistance with test cases, I'd be happy to help.
P.S. I'm very impressed/skeptical of the FreeBSD 4.9 wire-speed
results.
P.P.S. I'm not surprised by the OpenBSD speeds; I believe the
OpenBSD sis driver still has issues. I have no evidence to back this
up, just anecdotal evidence (the maxxed out irq's, for one).
--
Jason Dixon
DixonGroup Consulting
http://www.dixongroup.net
More information about the Soekris-tech
mailing list