Firewall Wizards mailing list archives

Re: FW-1 throughput question

From: Darren Reed <darrenr () reed wattle id au>
Date: Sat, 13 May 2000 23:38:35 +1000 (EST)

In some email I received from Aaron Turner, sie wrote:


The part of the Solaris kernel that routes packets (FW-1 is a router) is
single threaded.  Hence, max throughput is determined more by the speed of
the CPU than the number of CPU's.  Two CPU's is probably the sweet spot in
terms of price/performance for sites needing a lot of throughput.  (The
other CPU would be dedicated to other OS/Firewall tasks such as logging.)


Hmmm.  What makes you believe it is single threaded ?  I've not seen any
evidence which would support that theory.  I've definately seen crashes
where there have been numerous threads coming up through hmeread().  One
CPU per interface.

Darren

Current thread:

FW-1 throughput question Randy Garbrick (May 05)
- Re: FW-1 throughput question Aaron Turner (May 12)
  - Re: FW-1 throughput question Darren Reed (May 15)
    - Re: FW-1 throughput question Dameon D. Welch-Abernathy (May 17)
    - Re: FW-1 throughput question Darren Reed (May 17)
    - Re: FW-1 throughput question Dameon D. Welch-Abernathy (May 17)
    - Re: FW-1 throughput question Darren Reed (May 17)
    - Re: FW-1 throughput question Dameon D. Welch-Abernathy (May 17)
    - Re: FW-1 throughput question Darren Reed (May 17)
    - Re: FW-1 throughput question Aaron Turner (May 19)
    - Re: FW-1 throughput question Ryan Russell (May 19)
    - Re: FW-1 throughput question Shaun Moran (May 21)
    - Re: FW-1 throughput question Aaron Turner (May 19)

(Thread continues...)