|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: 3.6 squid/pf performance tested
From: MikeM (zlists
mgm51.com)
Date: Fri Jan 28 2005 - 08:39:36 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 1/27/2005 at 11:16 AM Karsten McMinn wrote:
|I've returned to misc. Passing on some information for those that deem
|it useful. I've been using OpenBSD since 2.9 for many things. I also
|use it in the enterprise for services at an ISP also. Recently we had
|a small domain attract a very large scale ddos. I nominated
|OpenBSD+squid/pf for the job. Stripped kernel, squid compiled
|transparent with a large amount of file descriptors, 2nics running in
|bridge mode, separate webserver behind one of the nics.
|
|[snip]
|
|This machine is a old dell optiplex recovered to do a job where
|iptables and the best of cisco ios firewall features couldnt keep up.
=============
Can you give more info on the box that ran iptables (CPU, memory), and what
model cisco firewalls couldn't keep up?
Thanks.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]