[CentOS] Optimizing CentOS for gigabit firewall
Chan Chung Hang Christopher
christopher.chan at bradbury.edu.hkSun Dec 20 15:22:41 UTC 2009
- Previous message: [CentOS] Optimizing CentOS for gigabit firewall
- Next message: [CentOS] Optimizing CentOS for gigabit firewall
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Les Mikesell wrote: > Timo Schoeler wrote: >>> What about NetBSD? I heard that NetBSD has the best network stack out >>> there. Maybe NetBSD with pf is the best choice? >> NetBSD is a very nice OS, I personally like it most (out of all BSDs out >> there); however, as can be read on >> >> http://www.netbsd.org/docs/network/pf.html >> >> there's the 'usual lag': OpenBSD implements feature X in 4.6, wait some >> time to see it implemented elsewhere. >> >> One of the biggest strengths of OpenBSD is that it's really a completely >> rounded piece of work. Keep it that way. pf will perform best on >> OpenBSD, with all the nice features it has. > > Has anyone used Firewall Builder to create a complex set of iptables > rules? Or compared performance where it built the same thing for > linux/iptables and bsd/pf? > Are you joking? That piece of crap just puts everything into one single chain. I never EVER use Firewall Builder after I saw the results the first time. For a BRIDGING firewall, there is absolutely NO WAY that Linux/netfilter can keep up with OpenBSD/pf. I doubt that Linux/netfilter can even reach half the performance of OpenBSD/pf.
- Previous message: [CentOS] Optimizing CentOS for gigabit firewall
- Next message: [CentOS] Optimizing CentOS for gigabit firewall
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list