pfSense의 HW 용량???
pfSense는 오래전에 개발된 것이라 Xeon 이전의 PCI-x가 나오기전의 장비에서 돌았습니다.
램이 256mb에 클럭속도 700mhz...뭐 그런.
실 사용자들의 경험을 들어보니, atom box에서도 200mbps 이상 처리 가능하다고 합니다.
참조.
https://doc.pfsense.org/index.php/Hardware_requirements#Hardware_Sizing
High Throughput Environments
In environments where extremely high throughput through several interfaces is required, especially with gigabit interfaces, PCI bus speed must be taken into account. When using multiple interfaces in the same system, the bandwidth of the PCI bus can easily become a bottleneck. Most typical motherboards only have one or two PCI buses, and each can run an absolute maximum of 133 MBps, or 1064 Mbps. That's less than one gigabit interface can transfer. PCI-X can transfer up to 1056 MBps, or about 8.25 Gbps.
PCIe (PCI Express) offer significantly higher bandwidth than traditional PCI and PCI-X slots. PCIe 1.0 offers a bandwidth of 250MB/sec per lane, while PCIe 2.0 doubles that to 500MB/sec per lane, while PCIe 3.0 offers a staggering 985MB/sec per lane although as of winter 2013 there are no PCI 3.0 NICs on the market. Most single and multi-port NICs (both integrated and add-on PCIe cards) are connected via an x4 (four lane PCIe) offering plenty bus headroom to saturate multiple gigabit links. Both single and dual port 10gbit adaptors are typically PCI-e x8.
If you need sustained gigabit throughput at wire speed, you will want a server-class motherboard with PCIe or PCI-X slots with matching PCIe/PCI-X NIC's. You'll also need a 2.8+ GHz CPU.
High Throughput Environments
In environments where extremely high throughput through several interfaces is required, especially with gigabit interfaces, PCI bus speed must be taken into account. When using multiple interfaces in the same system, the bandwidth of the PCI bus can easily become a bottleneck. Most typical motherboards only have one or two PCI buses, and each can run an absolute maximum of 133 MBps, or 1064 Mbps. That's less than one gigabit interface can transfer. PCI-X can transfer up to 1056 MBps, or about 8.25 Gbps.
PCIe (PCI Express) offer significantly higher bandwidth than traditional PCI and PCI-X slots. PCIe 1.0 offers a bandwidth of 250MB/sec per lane, while PCIe 2.0 doubles that to 500MB/sec per lane, while PCIe 3.0 offers a staggering 985MB/sec per lane although as of winter 2013 there are no PCI 3.0 NICs on the market. Most single and multi-port NICs (both integrated and add-on PCIe cards) are connected via an x4 (four lane PCIe) offering plenty bus headroom to saturate multiple gigabit links. Both single and dual port 10gbit adaptors are typically PCI-e x8.
If you need sustained gigabit throughput at wire speed, you will want a server-class motherboard with PCIe or PCI-X slots with matching PCIe/PCI-X NIC's. You'll also need a 2.8+ GHz CPU.
http://www.firewallhardware.it/en/pfsense_selection_and_sizing.html
201-500 Mbps No less than 1.0 GHz CPU Dual Core
A 266 MHz CPU will max out at around 4 Mbps of IPsec throughput, a 500 MHz CPU can push 10-15 Mbps of IPsec, and relatively new server hardware (Xeon 800 FSB and newer) deployments are pushing over 100 Mbps with plenty of capacity to spare.
솔리게이트 정도의 장비에 pfSense를 올리면 500mbps 이상 무난한 것 같습니다.
201-500 Mbps No less than 1.0 GHz CPU Dual Core
A 266 MHz CPU will max out at around 4 Mbps of IPsec throughput, a 500 MHz CPU can push 10-15 Mbps of IPsec, and relatively new server hardware (Xeon 800 FSB and newer) deployments are pushing over 100 Mbps with plenty of capacity to spare.
솔리게이트 정도의 장비에 pfSense를 올리면 500mbps 이상 무난한 것 같습니다.
http://pfsensesetup.com/pfsense-hardware-requirements/
앞의 자료를 조금 더 정리한 것 입니다...
실사용자들중에는 atom으로도 200mbps는 처리한다고 하니 Xeon 계열이면 500mbps는 무난할 것 같습니다.
앞의 자료를 조금 더 정리한 것 입니다...
실사용자들중에는 atom으로도 200mbps는 처리한다고 하니 Xeon 계열이면 500mbps는 무난할 것 같습니다.
- to be continue -
ªÀº±Û Àϼö·Ï ½ÅÁßÇÏ°Ô.