Hi There, I recently suffered a serious hardware failure on one of my firewalls, (motherboard died), this machine was originally a redhat 9 box, on an Athlon 2200 with 512Megs RAM, this machine was doing the following jobs for a small network at a relatives house: Firewall (IPTABLES) Transparent proxy (squid) Sendmail smarthost IMAP mail server SAMBA file server IPSEC tunnel to my home. The only machines I had to replace it with were an Intel SC5000 chassis with twin PIII 1GHz CPUs on SCSI RAID (1 Gig RAM) and a compaq PII 450 (512Megs) software RAID on IDE 40Gig drives. So I installed Centos 4.2 on both, split the IMAP and SAMBA onto the SC5000 and put the firewall, Squid and sendmail smarthost on the Compaq. The system is connected to the net via a 2Meg Line. While each of these machines easily copes with the jobs they have to do, I have noticed (or rather my relative noticed and I agreed) that web browsing now has a high latency. i.e. you go to a new web page, there is a substantial pause, before the page starts to load (substantial a few seconds, whereas previously it was instant). DNS is all ok and working fine, there are no delays there. The DSL line shows very little latency from the net and outgoing from the lan. I note that squid uses a fair amout of CPU on the PII450 from time to time, but can't seem to get a handle on what is causing the delay. The only thing I can think of is that the PII450 running squid is just slow compared to the old Athlon box and I am reaping the "benefits" of that. I do find that hard to believe though, since the box isn't running X or anthing else extra. I also notice that sometimes some downloads, particularly large ones just seem to grind to a halt after a few megs, and sometimes then carry on a bit later if left, right up to full speed of the line. During this slowdown, the latency of the line even with large pings is fine, so I am sure the connection is good. Is Centos4.2 now so heavy that a PII450 is not enough for a transparent proxy and smarthost.... Any comments/ideas are welcome... Pete