Re: ipfilter(4) needs maintainer
>
> I have been very stubborn IPFW user for very long time, but finally gave up
> in favor of PF. Nothing like that ever since. I am also not convinced IPFW
> is any faster than PF.
Hi Daniel,
I know that measuring PPS for a firewall is not enought for comparing
firewall performance (rfc3511 details lot's of the parameters, but on
my small&dirty bench lab with an old server
(one core Intel Pentium4 3.00GHz with a dual NIC 82546GB connected to
the PCI-X Bus) I've got theses differences (value are in Kpps, small
packet size) on FreeBSD 9.1:
- forwarding-only: 405 Kpps
- IPFW enabled: 320 Kpps
- PF enabled: 274 Kpps
IPFW was configured with only one line: add 3000 allow ip from any to any
And PF with one line too: pass
=> On this simple test, IPFW is "faster" than PF regarding the forwarding rate.
But without "ipfwsync" feature, IPFW is useless for our use case...
Regards,
Olivier
_______________________________________________
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 47 之 74 篇):