[CentOS] Optimizing CentOS for gigabit firewall
John R Pierce
pierce at hogranch.com
Mon Dec 21 09:20:27 UTC 2009
Pasi Kärkkäinen wrote:
> Some months ago there was discussions about 10 gbit performance with
> Linux. Some guys were pushing over 70 Gbit/sec through a single linux
> box.
>
> Not sure if firewalling was enabled.. most probably not.
>
what I see consistently with iptables is people writing far too many
rules and trying to micromanage traffic when the kernel already knows
what its doing.
try to keep it super simple.
***BSD's pf rules are just much simpler, it takes far fewer of them to
do what you need to do.
More information about the CentOS
mailing list