[CentOS] Theoretical Firewall Specs?

Giles Coochey giles at coochey.net
Wed Jan 18 09:36:39 UTC 2012

On Wed, January 18, 2012 00:52, John R Pierce wrote:
> I'd expect with a firewall-centric OS distribution like pfSense, a dual
> core 2-3Ghz I3 could easily keep up with gigE and quite complex rule
> sets, several network zones.  No storage requirements at all, unless you
> plan on keeping your logging local on the firewall.   to maintain gigE
> throughput you'll want to use server grade NICs and not cheap desktop
> ones.  If you're using a lot of VPN encryption, more and/or faster CPU
> cores would be useful.  a few 100MB of ram is plenty for 100s of 1000s
> of concurrent connections, so unless you're doing other ram intensive
> stuff like Snort or NetTop, 1GB ram would be plenty.
pfsense will generally run just fine without any swapping with 160Mb of
memory. I'd recommend no more than 256Mb.

More information about the CentOS mailing list