[CentOS] Theoretical Firewall Specs?

Giles Coochey giles at coochey.net
Wed Jan 18 04:36:39 EST 2012


On Wed, January 18, 2012 00:52, John R Pierce wrote:
>
> I'd expect with a firewall-centric OS distribution like pfSense, a dual
> core 2-3Ghz I3 could easily keep up with gigE and quite complex rule
> sets, several network zones.  No storage requirements at all, unless you
> plan on keeping your logging local on the firewall.   to maintain gigE
> throughput you'll want to use server grade NICs and not cheap desktop
> ones.  If you're using a lot of VPN encryption, more and/or faster CPU
> cores would be useful.  a few 100MB of ram is plenty for 100s of 1000s
> of concurrent connections, so unless you're doing other ram intensive
> stuff like Snort or NetTop, 1GB ram would be plenty.
>
pfsense will generally run just fine without any swapping with 160Mb of
memory. I'd recommend no more than 256Mb.



More information about the CentOS mailing list