|
||||||||
On Sat, Jul 17, 2010 at 9:50 PM, Nathaniel B. Lyon <nate dot lyon at nfldwifi dot net> wrote: > Hello, > > We are looking for an appliance to install m0n0wall onto. We are aware that there are current appliances that can be purchased, but were kind of wanting something more under the hood in terms of CPU speed and memory. > > Right now with our current firewall we are averaging roughly 400Mbps, peaking at just under 600Mbps. We feel our current firewall is nearing its > end of life. Any hardware recommendations? We'd like to stay away from server based/PC based options so we can achieve wire speed. You have that backwards - you'll need server class hardware to get gigabit wire speed. There are some appliances that can achieve gigabit wire speed or close to it, ones that basically put a server class board inside of an appliance type chassis, such as Nexcom. An average HP/Dell/whatever server is no different and quite a bit cheaper. "Appliance" is nothing more than a form factor really, it's all x86 hardware. Also you'll almost certainly need a custom built m0n0wall image, ipfilter's state table size is hard coded at compile time, default is 30000. At that kind of throughput you're likely over 100,000 states. |