Graham Johnston wrote:
> With the current discuss of "Performance of CentOS as a NAT gateway", I
> am curious how many people out there are using CentOS as a
> Router/Firewall in an enterprise or service provider environment. For
> myself I am not really concerned about NAT just a stateful firewall.
Our firewall runs on CentOS 5, x86_64.
It runs on a HP Workstation with dual core Xeon 5140 2.33 GHz.
Intel dual 82571EB NIC, one NIC for the external (we have 1 Gbit
internet connection), and one NIC for the internal connections
(two VLANs, one with DMZ other with ~250 machines). No NAT.
This is of course not a big setup, but the CentOS/Fedora mirror
in the DMZ does give some traffic.
The iptables setup has 119 rules.
No problems whatsoever with performance.
I've made a kickstart configuration for the firewall.
If we get a hardware crash on the fw, we can take another
machine and get it up running as a new firewill
within a few minutes (the most timeconsuming is formatting
the root partition). This is quite a nice setup.
Mogens
--
Mogens Kjaer, Carlsberg A/S, Computer Department
Gamle Carlsberg Vej 10, DK-2500 Valby, Denmark
Phone: +45 33 27 53 25, Fax: +45 33 27 47 08
Email: mk@xxxxxx Homepage: http://www.crc.dk
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
