On Fri, Jul 08, 2005 at 08:40:46PM -0500, Ryan wrote:> Has anyone benchmarked the throughput capabilities of shorewall? I''m > curious about what speeds it is capable of.Shorewall is just a configurator for Linux iptables, so instead you should look how the throughput of Linux in general. -Jason Martin -- Predicting the future of technology is fraud with peril! This message is PGP/MIME signed.
2005/7/8, Ryan <ryanag@zoominternet.net>:> Has anyone benchmarked the throughput capabilities of shorewall? I''m > curious about what speeds it is capable of. >performance is determined by your hardware capacity, shorewall is only a netfilter configuration tool. ------------------------------------------------------- This SF.Net email is sponsored by the ''Do More With Dual!'' webinar happening July 14 at 8am PDT/11am EDT. We invite you to explore the latest in dual core and dual graphics technology at this free one hour event hosted by HP, AMD, and NVIDIA. To register visit http://www.hp.com/go/dualwebinar
Ryan wrote:> Sorry, I should have been more specific. I thought there might be > soething different about the rules compiled by shorewall vs handwritten > ones. > > I was running an AMD XP 3200 / 3 COM NIC cards sharing my cable modem > with shorewall/iptables and several PCs and a vonage phone. I''ve > switched things so a SOHO US robotics is the main router, and the Vonage > phone plugs directly into it. Everyone notices a huge difference in call > quality for the better and I''m curious as to why.That''s interesting - what sort of device is the SOHO US robotics? -- Paul <http://paulgear.webhop.net> -- Did you know? Using HTML email rather than plain text is less efficient, taking anywhere from 2 to 20 times longer to download, and a corresponding amount more space on disk. Learn more about using email efficiently at <http://www.expita.com/nomime.html>.
Has anyone benchmarked the throughput capabilities of shorewall? I''m curious about what speeds it is capable of. ------------------------------------------------------- This SF.Net email is sponsored by the ''Do More With Dual!'' webinar happening July 14 at 8am PDT/11am EDT. We invite you to explore the latest in dual core and dual graphics technology at this free one hour event hosted by HP, AMD, and NVIDIA. To register visit http://www.hp.com/go/dualwebinar
> Sorry, I should have been more specific. I thought there might be > soething different about the rules compiled by shorewall vs handwritten > ones. > > I was running an AMD XP 3200 / 3 COM NIC cards sharing my cable modem > with shorewall/iptables and several PCs and a vonage phone. I''ve > switched things so a SOHO US robotics is the main router, and the Vonage > phone plugs directly into it. Everyone notices a huge difference in call > quality for the better and I''m curious as to why. >Have you tried configuring any Qos/Tos stuff on the shorewall box? http://www.shorewall.net/traffic_shaping.htm Jerry ------------------------------------------------------- This SF.Net email is sponsored by the ''Do More With Dual!'' webinar happening July 14 at 8am PDT/11am EDT. We invite you to explore the latest in dual core and dual graphics technology at this free one hour event hosted by HP, AMD, and NVIDIA. To register visit http://www.hp.com/go/dualwebinar
Sorry, I should have been more specific. I thought there might be soething different about the rules compiled by shorewall vs handwritten ones. I was running an AMD XP 3200 / 3 COM NIC cards sharing my cable modem with shorewall/iptables and several PCs and a vonage phone. I''ve switched things so a SOHO US robotics is the main router, and the Vonage phone plugs directly into it. Everyone notices a huge difference in call quality for the better and I''m curious as to why. On Fri, 2005-07-08 at 20:47 -0400, Cristian Rodriguez wrote:> 2005/7/8, Ryan <ryanag@zoominternet.net>: > > Has anyone benchmarked the throughput capabilities of shorewall? I''m > > curious about what speeds it is capable of. > > > > performance is determined by your hardware capacity, shorewall is only > a netfilter configuration tool. > > > ------------------------------------------------------- > This SF.Net email is sponsored by the ''Do More With Dual!'' webinar happening > July 14 at 8am PDT/11am EDT. We invite you to explore the latest in dual > core and dual graphics technology at this free one hour event hosted by HP, > AMD, and NVIDIA. To register visit http://www.hp.com/go/dualwebinar > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users >------------------------------------------------------- This SF.Net email is sponsored by the ''Do More With Dual!'' webinar happening July 14 at 8am PDT/11am EDT. We invite you to explore the latest in dual core and dual graphics technology at this free one hour event hosted by HP, AMD, and NVIDIA. To register visit http://www.hp.com/go/dualwebinar
Yes, oddly, QoS would always make things worse. I suspect the problem was I was/am using the machine running shorewall to download files, etc. I bet that if it was *just* my router/firewall I''d see much better throughput from the LAN. On Fri, 2005-07-08 at 21:00 -0500, Jerry Vonau wrote:> > > > Sorry, I should have been more specific. I thought there might be > > soething different about the rules compiled by shorewall vs handwritten > > ones. > > > > I was running an AMD XP 3200 / 3 COM NIC cards sharing my cable modem > > with shorewall/iptables and several PCs and a vonage phone. I''ve > > switched things so a SOHO US robotics is the main router, and the Vonage > > phone plugs directly into it. Everyone notices a huge difference in call > > quality for the better and I''m curious as to why. > > > > Have you tried configuring any Qos/Tos stuff on the shorewall box? > http://www.shorewall.net/traffic_shaping.htm > > Jerry > > > > > > ------------------------------------------------------- > This SF.Net email is sponsored by the ''Do More With Dual!'' webinar happening > July 14 at 8am PDT/11am EDT. We invite you to explore the latest in dual > core and dual graphics technology at this free one hour event hosted by HP, > AMD, and NVIDIA. To register visit http://www.hp.com/go/dualwebinar > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users >------------------------------------------------------- This SF.Net email is sponsored by the ''Do More With Dual!'' webinar happening July 14 at 8am PDT/11am EDT. We invite you to explore the latest in dual core and dual graphics technology at this free one hour event hosted by HP, AMD, and NVIDIA. To register visit http://www.hp.com/go/dualwebinar
Also keep in mind hardware designed for voice routing has a couple specific advantages over generic computers. First of all, most of the packet switching is usually done in ASICS (hardware) rather than having to pass through the processor. This is much more efficient, and a lot less likely to produce delay if you have multiple processes running on your firewall. Also, voice gateways usually have buffers specifically for voice traffic to eliminate costly jitter in voice conversations. Long story short, voice is very jitter and delay sensitive, so any multitasking or misconfigured qos will cost you on a generic machine. - Matt> -----Original Message----- > From: shorewall-users-admin@lists.sourceforge.net [mailto:shorewall-users- > admin@lists.sourceforge.net] On Behalf Of Ryan > Sent: Saturday, July 09, 2005 12:10 PM > To: shorewall-users@lists.sourceforge.net > Subject: Re: [Shorewall-users] throughput capbilities of shorewall > > Yes, oddly, QoS would always make things worse. > > I suspect the problem was I was/am using the machine running shorewall > to download files, etc. I bet that if it was *just* my router/firewall > I''d see much better throughput from the LAN. > > On Fri, 2005-07-08 at 21:00 -0500, Jerry Vonau wrote: > > > > > > > Sorry, I should have been more specific. I thought there might be > > > soething different about the rules compiled by shorewall vs > handwritten > > > ones. > > > > > > I was running an AMD XP 3200 / 3 COM NIC cards sharing my cable modem > > > with shorewall/iptables and several PCs and a vonage phone. I''ve > > > switched things so a SOHO US robotics is the main router, and the > Vonage > > > phone plugs directly into it. Everyone notices a huge difference in > call > > > quality for the better and I''m curious as to why. > > > > > > > Have you tried configuring any Qos/Tos stuff on the shorewall box? > > http://www.shorewall.net/traffic_shaping.htm > > > > Jerry > > > > > > > > > > > > ------------------------------------------------------- > > This SF.Net email is sponsored by the ''Do More With Dual!'' webinar > happening > > July 14 at 8am PDT/11am EDT. We invite you to explore the latest in dual > > core and dual graphics technology at this free one hour event hosted by > HP, > > AMD, and NVIDIA. To register visit http://www.hp.com/go/dualwebinar > > _______________________________________________ > > Shorewall-users mailing list > > Shorewall-users@lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/shorewall-users > > > > > > ------------------------------------------------------- > This SF.Net email is sponsored by the ''Do More With Dual!'' webinar > happening > July 14 at 8am PDT/11am EDT. We invite you to explore the latest in dual > core and dual graphics technology at this free one hour event hosted by > HP, > AMD, and NVIDIA. To register visit http://www.hp.com/go/dualwebinar > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users------------------------------------------------------- This SF.Net email is sponsored by the ''Do More With Dual!'' webinar happening July 14 at 8am PDT/11am EDT. We invite you to explore the latest in dual core and dual graphics technology at this free one hour event hosted by HP, AMD, and NVIDIA. To register visit http://www.hp.com/go/dualwebinar