_____ __ Windows users ___ _____ _____

Iakwbos Triantafillou ewsforos at styx.irc.gr
Tue Jul 13 20:42:01 EEST 2004 

Christos Ricudis wrote:

>On Tue, 13 Jul 2004 08:07:36 +0100
>Iakwbos Triantafillou <ewsforos at styx.irc.gr> wrote:
>
>  
>
>>Oso gia ta cisco, den mporeis na syggrineis kanena software me kapoio 
>>specialised (kai synithws optimised) hardware. Ta cisco einai > ftiagmena etsi wste na "shkwnoun" pollaplasia I/O apo osa tha 
>>epetrepe to "idio" hw se ena pc.
>>    
>>
>
>Oxi akribws. 
>
>H cisco kanei optimize to most common path - to most common path gia ena paketo einai na mpei apo ena interface, na ginei lookup se kapoio routing table, kai na bgei apo ena allo. Kala kanei kai to kanei etsi, giati ftiaxnei routers. 
>

Gia firewall milhse to palikari.  Ta PIX exoun hardware optimisation se 
polla parapanw shmeia. Including but not limited to vpn, crypto etc etc. 
(some via hw modules)


>To perissotero intelligence ekei peftei sta idia ta interfaces - gi ayto kai to na les ti 8a epetrepe "to idio" hardware se ena PC den einai aplws la8os, einai KAI malakia KAI la8os.
>

Einai lathos apo poia apopsh? Den sou eipa oti ena pc einai networking 
device. Sxoliazw omws th diafora se apodosh apo ena pc pou kanei 
firewalling (px me iptables) me ena specialised networking device. Kai 
pes mou oti den einai thema optimisation ki oti me ena P3 at 1Ghz me linux 
kai iptables tha exeis ayto to performance:

Specs apo PIX:

 Cleartext throughput: 1.7 Gbps

 Concurrent connections: 500,000

 168-bit 3DES IPsec VPN throughput: Up to 440 Mbps with VAC+ or 100 Mbps 
with VAC

 128-bit AES IPsec VPN throughput: Up to 535 Mbps with VAC+

 256-bit AES IPsec VPN throughput: Up to 440 Mbps with VAC+

 Simultaneous VPN tunnels: 2000

 Processor: 1-GHz Intel Pentium III Processor 



> 
>
>Ama ton baleis na kanei o,tidhpote poy bgazei to processing apo to common path, ton hpies. Rwta opoion prospa8hse na sthsei NBAR se under-specified hardware. 
>  
>

Sure thing. Alla pote milhsa gia under-specified hardware? Den sou eipa 
na baleis ena 1750 gia border router sto EDET na kanei routing kai 
firewalling kai tpt vlans me dynamic access lists klp.

>H8ikon Didagma : Epeidh sthsame ena 1750 de shmainei oti piasame kai ton CTO ths cisco apo t'arxidia.
>

Hthikon Didagma: "The problem with the world is stupidity. I don't say 
that there should be like a capital punishment or anything but why don't 
we just remove the warning labels from everything and let the problem 
solve itself?" (c) TM bash.org

More information about the Linux-greek-users mailing list