Firewall Wizards mailing list archives
Re: Nokia interview questions
From: Peter Lukas <plukas () oss uswest net>
Date: Thu, 27 Sep 2001 11:28:45 -0500 (CDT)
On Wed, 26 Sep 2001 hesselsp () ashaman dhs org wrote:
On Tue, 25 Sep 2001 black () galaxy silvren com wrote: Ouch. I haven't met a vendor that made a product that could stand up to the bandwidth very well.... except for Juniper. I guess that ~200mb/s is reasonable for a gig card. My guess would be the only reason why they came out with this is because you can buy gig cards for linux and solaris. More of a marketing thing really. How many free PCI slots on a nokia? mb/pci slot might be another reason.
Whether or not there are any free slots on a Nokia (i'd assume no more than four) is not going to help you since so much as sneaking a peek inside the box will void your warranty. As for gigE cards in PC's, it seems a little silly unless you're placing the adapter into a 64-bit PCI slot (a 32-bit standard PCI slot would be a bottleneck). A better option would be to take a QuadFastE and drop it into bridging mode (a linux system can do this quite easily). You'd then be able to run 2 100Meg full interfaces on one IP. It'd be a relatively cheap way to get better performance without taking the plunge to gigE (new card, new switch, etc). Once again though, you could try this on a Nokia, but don't think about getting any support for it. Also, if it's this kind of speed you're after, you may want to up the ante on hardware, etc.
Well, the way I have always looked at it is, an over powered firewall will likely have better latencies, less jitter, and less packet loss when dealing with reasonable speeds. Then again, I have never done a "normal" firewall install. Most people don't care too much about these things... it seems. I guess that people don't put firewalls between their engineers and accounting.... so all you ever deal with is internet connection. A T1 or something. Not Fast Ethernet.... or worse. I did ask Checkpoint over and over again about which network card they used in linux... or what rule base they used... I don't remember now if I ever got an answer.
Typically, they benchmark with a 100-rule policy, and the bandwidth clogger matching on the last rule. I would imagine that their GigE card was the Netgear (a low-cost, Linux supported GigE). As with any benchmark, theirs represented an unrealistic scenario reproduced across mismatched hardware. I suppose treno, tcpblast and ttcp would have attempted to give a more real-world scenario for a lab test. Peter _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Nokia interview questions Subba Rao (Sep 24)
- Re: Nokia interview questions Andrew Huffer (Sep 25)
- Re: Nokia interview questions Peter Lukas (Sep 25)
- Re: Nokia interview questions black (Sep 26)
- Re: Nokia interview questions Peter Lukas (Sep 26)
- Re: Nokia interview questions hesselsp (Sep 28)
- Re: Nokia interview questions Peter Lukas (Sep 28)
- Re: Nokia interview questions black (Sep 26)
- Re: Nokia interview questions hermit1 (Sep 25)
- Re: Nokia interview questions Joe Dauncey (Sep 25)
- Re: Nokia interview questions Oscar Wahlberg (Sep 25)