nanog mailing list archives
Re: Requirements for IPv6 Firewalls
From: David Newman <dnewman () networktest com>
Date: Thu, 17 Apr 2014 08:26:03 -0700
On 4/17/14, 5:51 AM, Dobbins, Roland wrote:
- packets per second - Firewall Level - Hosts levelThis is getting into QoS territory . . .- packet size informationConcur - packet-length.
The use of RFC 2544-esque metrics for firewall performance testing mostly benefits ill-informed or unscrupulous firewall marketeers, who send 1500-byte UDP packets and then brag about excellent performance. For firewalls handling TCP traffic, upper-layer traffic metrics such as HTTP object size, concurrent connection capacity, and connection setup rate are a lot more meaningful. The RFC 2544/2889 approach is OK if you only ever use your firewall as a router or a switch. The performance of a firewall used as an L2-L7 device should be measured with L2-L7 traffic. dn
Current thread:
- Requirements for IPv6 Firewalls Fernando Gont (Apr 17)
- RE: Requirements for IPv6 Firewalls Dustin Jurman (Apr 17)
- Re: Requirements for IPv6 Firewalls Dobbins, Roland (Apr 17)
- Re: Requirements for IPv6 Firewalls David Newman (Apr 17)
- Re: Requirements for IPv6 Firewalls Dobbins, Roland (Apr 17)
- Re: Requirements for IPv6 Firewalls Fernando Gont (Apr 17)
- RE: Requirements for IPv6 Firewalls Dustin Jurman (Apr 17)
- Re: Requirements for IPv6 Firewalls Dobbins, Roland (Apr 17)
- Re: Requirements for IPv6 Firewalls Dobbins, Roland (Apr 17)
- RE: Requirements for IPv6 Firewalls Dustin Jurman (Apr 17)
- Re: Requirements for IPv6 Firewalls Fernando Gont (Apr 17)
- Re: Requirements for IPv6 Firewalls William Herrin (Apr 17)
- Re: Requirements for IPv6 Firewalls Eugeniu Patrascu (Apr 17)
- Re: Requirements for IPv6 Firewalls William Herrin (Apr 17)
- Re: Requirements for IPv6 Firewalls Valdis . Kletnieks (Apr 17)