Sun, 24 Jun 2001 01:14:07 +0200 (CEST)
On Sat, 23 Jun 2001, Bill Gradwohl wrote:
> This is a bit open ended, but ...
> I'm looking for some estimates on the bandwidth any given hardware
> platform is capable of handling when a box is configured strictly as a
> Said another way, can a Pentium 120 w/64M RAM handle a T1's
> worth of traffic with lets say 50 iptables statements active? How about
> 200 iptables statements? Can a P-II 400 handle the traffic between
> PRIVATE and PUBLIC when both are 100MBPS segments as in a departmental
> firewall situation?
I'm running iptables on a p120/32mb ram with 4 10mbit-Ethernets, driving
a 2mbit Uplink, about 5000 rules installed, but each packet is only going
through max about 200 (most rules are only for traffic-accounting).
Loading the ruleset is endless, but using it I'm getting full bandwith on
all interfaces. (2mbit full-duplex to the outside and 10mbit dmz<->lan or
But this is only the link for our club-rooms and gets very little load
outside my tests (we've got only 3gb/month free traffic).
The Internet treats censorship as a routing problem, and routes around it.
(John Gilmore on http://www.cygnus.com/~gnu/)