Firewall performance

[growse]

I'm looking to put in a pfsense firewall / router at home to separate varrious networks. However, I'm a little concerned about network performance. All the networks (except the WAN) are gigabit and looking at the pfsense website, it suggests that to get 501Mbit+ I need enterprise-level hardware (3GHz CPU+).

How accurate is this? Is it really true that if I want to do simple packet filtering between gigabit networks at gigabit speeds, I need huge amounts of beefy hardware?

 

[AbsenceJam]

Sounds like nonsense to me to be honest, I've never had any hardware that I've used for this purpose have any problems. You'd have to be doing something completely ridiculous to need that much CPU.

 

[BillytheImpaler]

Maybe if it was doing some sort of funky deep packet inspection you'd need that much CPU time, but I doubt it'll impact you at all.

Since pfsense is Free you might as well give it a whack with what you've got now. Worst case scenario is that you have to try something else and that you've burned a CD for nothing.

 

[PCZ]

If your going to be using a PC running firewall software then you will have enough grunt.
Assumming of course it isn't some old p2 which should be in a land fill.

It's only when doing a lot of crypto stuff that the software only FW's fall down.

PC's have the advantage of large amounts of memory as well.

What will slow you down a bit is the nics on the PC.
Most consumer nics won't do anywhere near wire speed, cheap gig switches won't either.

If you want high throughput between your gig lans it's worthwile investing in some Intel pro 1000 cards.