[ previous ] [ next ] [ threads ]
 From:  Eric Collins <eric at tawifi dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Experiences in 50+ user organizations?
 Date:  Thu, 24 Feb 2005 11:36:50 -0700
David Statman wrote:

>We're looking at using m0n0wall at our company.  We currently have around 50
>users internally, although we could end up at 60-70 users by the end of the
>year.  I'd like to hear from others who use m0n0wall in similarly-sized
>organizations, particularly with respect to whether or not you've
>experienced any performance issues.  My boss is a little skittish about
>relying on open source software (however good it may be) for our firewall.
>More info...We host a website with ASP pages that query a SQL database.  So
>far, the number of simultaneous connections to our website has remained
>under 100.  We also have an Exchange server and an FTP server.  About 15
>remote users connect to us via Terminal server.  We also have a VPN tunnel
>established with one of our business partners.
>Thanks in advance to any who share their experiences,
>David Statman
>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch

Currently our company offers high speed internet (5mb per user) to the 
building tenants where our datacenter is located, in all we have around 
120 clients using this network which all lies behind a single m0n0wall 
system. It never blinks, I have had 1 lockup in the last 3 months which 
turned out to be a flakey power supply. The system typically on a busy 
day pushes 7-15Mbps without problems. Hardware is a P4 3.2 with 1024mb 
ram and Intel Pro NICs.

We also use it to protect our server farms, some run in DMZ (bridged) 
others run in the LAN with port forwards. On our main server rack we 
have each server with 2 NICs one NIC is connected to the filtered bridge 
DMZ side for public services (web mail dns..etc) the other NIC is 
connected to the LAN side where we provide VPN access for our employees 
to access and maintain the servers over an encrypted channel. This setup 
so far has served us great its been  rock solid. Hardware for these 
setups is a P4 3.2 with 1024mb ram and Intel Pro NICs.

As for performance issues, all I can say is use good hardware, it make 
one heck of a difference when pushing the Mbps around. I personally 
wouldnt use a wrap or soekris board for what we have setup because of 
the throughput we need, so we went with high end. Which was probably the 
best thing we did when building the systems. We tested other hardware 
setups and went with the highest performer we found (we went on the side 
of overkill, instead of "just enough").

Hope these details help,

Eric Collins
Sr Network Administrator

Downtown Tucson WiFi Network