>How many processes are involved with TIS's toolkit TELNET proxy?
>
>One
>
>or
>
>One per connected user.
>
>Important question for planning for a VERY LARGE firewall...
One per connected user.
It's a relatively "lightweight" process, however, since
all it does is copy bytes.
>Oh, how much memory per connected user as well.
This is pretty architecture dependent. Make sure your firewall
system is configured with a lot of file descriptors if you're running
a VERY LARGE firewall. Note too that you can use multiple machines,
just use some kind of DNS shuffling records to provide a virtual
address for "tn-gw.your.organization"
That's if you're really worried about performance. My experience
as an experimental computer scientist(*) would lead me to suggest that
you profile your expected performance and be prepared to add hardware
only when it looks like you need it. If, for example, you're connected
via a T1 line, there's a pretty high likelihood that your traffic will
tend to bottleneck at the T1 before it bottlenecks at the user processes
running on the firewall machine. You may get some flogging due to context
switching, etc, but just about any RISC machine out there nowadays can
handle a full-bore T1 feed while it's picking its toes.
mjr.
(* experimental computer scientists prefer to bash on things and see
if they break, rather than to worry about if things run in O(N) or
whatever time) :)
Follow-Ups:
|
|
