[pfSense] What's are highest speeds your setup has seen?
Chris Buechler
cmb at pfsense.org
Fri Mar 2 22:25:02 EST 2012
On Fri, Mar 2, 2012 at 9:28 PM, Mehma Sarja <mehmasarja at gmail.com> wrote:
>
> I am thinking of a RFP from an un-named country with current BW of 85 Gbps.
> They are looking for a system to handle 100 Gbps. I have a gut feeling that
> this stream needs to be split and filtered that way.
Yes if it truly has to be firewalled. There isn't a commercial or open
source firewall in existence today that can do 100 Gb. With the
biggest and baddest commercial firewalls you *may* get 20 Gbps in real
world throughput at best, and that'll cost you into 6 figures USD up
front plus 5 figures annually in support per firewall. Carrier-grade
filtering is not a good fit for general purpose server hardware or
operating systems. For that matter, firewalling traffic at
carrier-grade rates is very difficult to accomplish at all. Unless you
have extensive experience deploying carrier-grade firewalling, I
seriously doubt you would get any consideration. Whoever is putting
out the RFP likely realizes that's a very specialized and difficult
space. My guess is Cisco or Juniper will win that and no one else has
any hope.
> I am also wondering how
> the Great Firewall might be setup.
>
Good question, I presume it's probably split up into numerous ingress
and egress points and may not statefully filter at all. Doubt if
you'll find many if any details on how that works though.
More information about the List
mailing list