21 Dec
2009
21 Dec
'09
9:20 a.m.
Pasi Kärkkäinen wrote:
Some months ago there was discussions about 10 gbit performance with Linux. Some guys were pushing over 70 Gbit/sec through a single linux box.
Not sure if firewalling was enabled.. most probably not.
what I see consistently with iptables is people writing far too many rules and trying to micromanage traffic when the kernel already knows what its doing. try to keep it super simple.
***BSD's pf rules are just much simpler, it takes far fewer of them to do what you need to do.