Re: [Fwbuilder-discussion] Maximum firewall packets throughput..
Brought to you by:
mikehorn
From: Luc P. <pau...@gm...> - 2011-06-02 17:15:35
|
2011/6/2 Lupe Christoph <lu...@lu...> > On Thursday, 2011-06-02 at 10:51:24 -0400, Luc Paulin wrote: > > Is anyone know how we can calculate the maximum packet throughput of a > > firewall. > > Our network is becoming very slow once in a while, and when that happen I > > notice that our firewall show an average of 155K to 160K packets/seconds > and > > therefore I suspect that we may be close to a limit, However I didn't > find > > any relevant information the number of packets iptables can handle.. > > I suppose iptables gets CPU-limited, it should not use any significant > amount of memory. It is possible that it is not capaple of using > multiple CPUs simultaneously, I don't know. > > So - what is the system CPU load on your firewall? > > The system load average is below 1 even during those peak period. The system hardware is a Dell r310 with Xeon Dual core and 4G ram Installed OS is Centos 5.5 The server has 2 quad intel nic card + the 2 onboard broadcom nic. Interface are bonded for redundancy and throughput. -- !!!!! ( o o ) --------------oOO----(_)----OOo-------------- Luc Paulin | paulinster(at)gmail.com |