--sL6C4NKiX4lxOdwh
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, May 24, 2007 at 08:49:34AM -0400, Louis Guillaume wrote:
> Hi,
>=20
> I'm considering upgrading my Internet service. Probably to something
> like 20M down 5M up and was wondering:
>=20
> Will my Soekris 4501/NetBSD/ipfilter firewall be able to handle the
> traffic and routing?

Sure.

> At what point will ipfilter begin to choke?

It depends a whole lot on the kind of traffic.  For instancem if I have
a couple bittorrents downloads, it gets into that weird state where
everything works except that a non-interactive connection to _some_
ssh servers (cvs.n.o being one of them) gets stuck after several data
packets are exchanged.  It recovers without problem once the bt
downloads are ended.

Of course, it's an old IPFilter, the one in 2.0.2, your vintage may
vary.

> Are there any other limitations I should be aware of?

Well, the 4501 in itself will be the limitation, but it does the job
well for me.

--=20
Quentin Garnier - cube@cubidou.net - cube@NetBSD.org
"You could have made it, spitting out benchmarks
Owe it to yourself not to fail"
Amplifico, Spitting Out Benchmarks, Hometakes Vol. 2, 2005.

--sL6C4NKiX4lxOdwh
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (NetBSD)

iQEVAwUBRlXPjNgoQloHrPnoAQJ/EAgArLNCrHUtWgaNhYgZfEmqaMw+lRIK7f4e
JKjIfTs3BRjrXal/ezdS72t2G6k65oSyoxO4nHvST/8L9SiNWXRAuKVHelptvVK3
44xx5lpjfmJiw4ydSOGy0z+3H/LzKDh6Pq3lyIO0a9odvl19LZPPqHXQrmWD3NKy
9XYt/93yyoLSAW8nOUFtJNHb25rnYm62UouNt36gcE1N1kGyovU/luO/PfTPcpUA
Caqzx5WoL5HFweTWeZn1/BHKQTnfRHnD7BBezTfaPfW4CXjIo6XWf2UfF1J3M5vG
bjwf6W+MKDQAUnvrV+gV81n40ZC9dXY0ppIQtTgKZkhahBjLNRjDXA==
=cTvn
-----END PGP SIGNATURE-----

--sL6C4NKiX4lxOdwh--