I am reviewing an architecture where a TIS Gauntlet (version 3.2a) is
employed in a rather significant packet filter role which I suspect it
is not really designed for. The platform is a SPARC Ultra 170e. I am
concerned that bandwidth degregation will be significant if I employ
over 50 filter lines on "inside" and "outside" interfaces.
Q1: Does anyone know of any empirical data showing the relationship
between number of filter lines and throughput?
(I am aware of data depicting a throughput drop off when more than 48
connections are maintained, however, this is a performance issue
concerning only the application proxy - not the packet filter)
Q2: Has anyone employed multiple Gauntlet's in parallel with them
running OSPF (gated) in an effort to increase performance? I am trying
to determine that if a Gauntlet is overburdened with the processing
associated with packet filtering a large number of packets, that the
"network" will be aware of this and cause OSPF load balancing to occur.
I lack the background in the details of how the OS kernel would process
these packets (Gauntlet compiles the packet filter lines in the OS
kernel).
Thanks in advance
rwm
Follow-Ups:
|
|
