<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Firewall Wizards: RE: RE: High Speed Firewalls

RE: RE: High Speed Firewalls

From: David Newman <dnewman_at_networktest.com>
Date: Mon, 13 Mar 2000 20:05:45 -0500

>
> > Cars slow down when approaching and toll booth speed up going
> away from it,
> > and that affects their "throughput." Ditto packets traversing firewalls.
>
> Not if the acceleration lanes are wide enough: 20 lanes of
> traffic moving at
> 10 MPH has the same throughput as 5 lanes of traffic moving at 40 MPH.
> Similarly, a "full speed" firewall may need to have several NICs
> on each side.
> Parallelism solves many throughput problems, but rarely benefits latency
> (except for reduced queue length).

Eh? Here the analogy breaks. Regardless of the number of lanes, ALL the
cars/packets were going 65 mph before they hit the toll booth/firewall. You
need a hell of a lot of parallelism to make up for that.

dn
Received on Mar 21 2000

This message: [ Message body ]
Next message: Jim Seymour: "Re: Building T.REX (was: RE: Linux Proxy Server ?)"
Previous message: Stephen P. Berry: "Re: FreeBSD Traffic Monitor / Drawbridge Question"
In reply to: Crispin Cowan: "Re: RE: High Speed Firewalls"
Next in thread: Crispin Cowan: "Re: RE: High Speed Firewalls"
Reply: Crispin Cowan: "Re: RE: High Speed Firewalls"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]