Reply To: Zeroshell + IPP2P on an ISP

Forums Network Management ZeroShell Zeroshell + IPP2P on an ISP Reply To: Zeroshell + IPP2P on an ISP


I haven’t experience with L7-Filter, IPP2P and a throughput greater than 100Mbit/S. In this condition I use a dual Pentium 3 1000MHz with 1GB of RAM and the load average is very low. But actually the problem when you use the layer 7 filter (the same for IPP2P) is the number of new connections per second and not the throughput, because these netfilter modules examine only a few packets of the initial connection. The rest of connection traffic is classified by using the connection tracking which doesn’t need of much CPU power, but only of RAM to store information about the connections.
I think the best solution is to use a multicore CPU of the last generation with at least 1GB of RAM.
I haven’t tried these filters in a MPLS environment, but in any case they work at IP layer and I don’t think MPLS can be a problem at that level.