DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD General

OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below.

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 15th May 2008
gunderwood gunderwood is offline
New User
 
Join Date: May 2008
Posts: 2
Thanked 0 Times in 0 Posts
Default Firewall Hardware Questions

I am new to OpenBSD and am interested in building a firewall. I have read some books and searched the Internet, but still have some questions about my hardware.

I want to filter on several GbE zones at once, but my traffic is very bursty. Very little average traffic (Mb/sec range) and then the occasional multi-GB transfers. I was planning on using several of the Intel Pro GbE dual or quad interface cards. My research showed some problems with the quad port cards. From what I could find, this is an out-standing issue; correct? For redundancy and extra bandwidth a total of 6-8 GbE ports with NIC teaming would be needed to filter 3-4 zones. If I can't use quad port adapters, then I will need multiple dual port adapters. My original spare computer would support this, but I am uncertain now after researching SMP support. Here is what I had in mind:

Asus P5W64 WS Professional, Intel C2D E6600, 2GB RAM, etc.

I was thinking this would be ideal with all the PCIe ports. I have a Spare Opteron 165, but MB is junk and it "only" has 512MB of RAM. I could use either one, but I liked the C2D because I already have a good MB, lots of RAM, and 4x PCIe slots. However, with SMP support being what it is, I feel like there maybe better uses for these machines and I should just pick up a UP Opteron, etc.

I should note that the reason for the beefy hardware when the average bandwidth is so little, is because when the multi-GB transfers happen they may be concurrent or should have very little impact on the other traffic (assuming there is spare bandwidth). Also in the near future, there are plans to add VPN support (probably 256bit AES, but uncertain atm). The firewall also will be working with an IDS and WAP.

So, the question is what would the ideal OpenBSD firewall hardware look like to filter 6-8 GbE ports? Should I use the hardware I have or pick something up for cheap?

I appreciate any help and would love to hear from someone who has done this. Thanks.
Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Hardware recommendation: what hardware to buy for my new FreeBSD desktop? Broodjegehaktmetmayo General Hardware 92 11th February 2009 10:43 PM
Is there a purpose for using pf if you have a hardware router/firewall? guitarscn OpenBSD Security 9 23rd January 2009 12:22 AM
upgrading/new hardware from 4.0 knasbas OpenBSD Installation and Upgrading 1 7th January 2009 02:55 AM
What Sun hardware do you have revzalot General Hardware 7 22nd August 2008 01:44 PM
hardware not working Terminal-Chaos FreeBSD General 2 29th May 2008 05:32 AM


All times are GMT. The time now is 10:09 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick