|
||||||||||
Hi Charles, On Mon, Oct 23, 2006 at 03:09:46PM +0100, Charles Trevor wrote: > My question to the list is, if it turns out my fears are right, what is > the must cost effective way of getting 100mbit ish between LAN and DMZ? > I'm happy to buy a new 1u box if needs be, but would rather avoid the > expense if possible. Policy dictates new kit only, and I would tend to > buy HP DLs through inclination so I cant buy a no-name pc from ebay. I > wondered whether one of the bigger embedded systems, like one of the > mini ITX systems from VIA as sold by www.linitx.co.uk would do? I've done some minor testing of VIA hardware (PD and CL mainboards; newer boards like the EK boards should be substantially faster), and have found that, for simple routing and packet filtering on a 100Mbps network, the speed is effectively capped at the max ethernet wire speed. I measured approximately 85Mbps bi-directional throughput. The company I work for sells pre-built firewalls based on this hardware, with m0n0wall installed prior to ship: http://www.logicsupply.com/product_info.php/cPath/73/products_id/614 We use one of our own firewalls internally, as well, and have been very happy with the performance we've seen (although our network demands are not as high as the ones that you've mentioned). Hope you don't mind the plug. -Forest -- Forest Bond Computer Engineer Logic Supply, Inc. Phone: (802) 244-8302 Fax: (802) 244-7938 forest dot bond at logicsupply dot com www.logicsupply.com |