All this discussion of firewall performance is very interesting, but I
think people are forgetting that there is more to performance than mere
throughput. In particular, we should talk about robustness.
This is where Intel-based solutions fall on their face compared to
commercial workstations. Ask yourself this question - if I were to go
yank the power cord out of the wall, what sort of shape would the system
be in when I restarted it?
We got a hard lesson in this recently due to a freak power failure. An
entire rack of Unix machines lost power. Three RS/6000s of various
models all came back up perfectly as soon as power was restored. Two
SPARC 20 machines didn't fare quite so well... their internal drives
were fine, but their external drives were horked. And the PC running
Linux? It took 15 minutes to get its filesystems back into a runnable
The reason for this isn't software, it's hardware. The power supplies
are designed to protect not only the hardware, but also the filesystems.
When a power failure happens, the power supply notifies the operating
system kernel, which immediately initiates a clean shutdown. The power
supply has enough onboard capacitance to run the machine for the several
seconds needed to at least sync the drives.
PC hardware doesn't have this sort of support. Remember, it was
designed with the DOS FAT filesystem in mind, which isn't sensitive to
system states the way UNIX filesystems are. So whenever power is lost,
the system loses state and the filesystems get horked.
* David Stagner david_stagner @
* National Computer Systems vox 319 354 9200 *
* Operations - Iowa City, IA fax 319 339 6555 *
* Unix programmer Internet administrator *
* I do not speak for NCS, of course. *