[pfSense] 10GbE performance?
Greg Hennessy
Greg.Hennessy at nviz.net
Mon Sep 19 19:09:02 EDT 2011
The biggest baddest ASA was a HPAQ DL-585 with a new paint job :-)
http://bradreese.com/blog/2-22-2011.htm
Not my first or indeed second or third choice of firewall for any requirement.
There are lies, damned lies and cisco benchmarks.
I have a sneaky suspicion that if the ASA was set on fire with a Breakingpoint, the real world pps/forwarding figures would be a fraction of what Crisco claim they are.....
And the least said about Chokepoint benchmarks the better...
http://blog.lachmann.org/?p=1071
________________________________________
From: list-bounces at lists.pfsense.org [list-bounces at lists.pfsense.org] On Behalf Of Chris Buechler [cmb at pfsense.org]
Sent: 20 September 2011 08:24
To: pfSense support and discussion
Subject: Re: [pfSense] 10GbE performance?
On Mon, Sep 19, 2011 at 5:58 PM, Greg Hennessy <Greg.Hennessy at nviz.net> wrote:
> That depends on what type and distribution of traffic is being firewalled, I've replaced Pix 535s in the Past with PF on FreeBSD with much obvious performance improvements all round.
>
This.
> However no software firewall I know of will handle 10gigE @ at high rate small packet level.
>
For that matter I'm not aware of any commercial firewall that can do
10 Gb of entirely small packets. The biggest, baddest ASA, which costs
as much as a house, can't. It will roughly do 3-4 times the pps rate
of the fastest general purpose server hardware with a general purpose
OS that you can get though.
_______________________________________________
List mailing list
List at lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list
More information about the List
mailing list