Re: [fw-wiz] Info Request: Looking for alternatives in HA/Load balancing firewallsthat are also scalable and modular. . .

On Mon, 10 Apr 2006, Devdas Bhagat wrote:

On 07/04/06 16:52 -0700, David Lang wrote:
<snip>

5TB/day is a sustained 60MB/sec (1 1/2 DS-3's or so), given that you have
a lot of peaks it's reasonable to say that your peak traffic is 2-3x that
value. you are still talking about ~200Mb/sec of traffic.

Try 20-30x. 2MB is a _large_ email. I assume that the OP is already
optimising by recipient domain(s) and hosts with multi-recipient
messages. If the OP is lucky enough that the load can be distributed
evenly, that would be a fairly rare case.

Typical bulk mail traffic goes as one injection to a few thousand
recipients, and then it fans out. Your sending speed is typically
limited by the speed at which the remote host can accept mail, or by the
pipe between the two of you. However, with multiple parallel messages,
the choke is generally the network itself.


this is comfortably handled with a P-III intel platform (a Nokia 740
appliance is this amount of power)

Sun has a checkpoint appliance that is Opteron based (defaults to 1.4GHz
processors, you can upgrade it) for about $30K. this is a very moderate
box by today's standard, but would handle the type of bandwidth
requirements you are talking about trivially

We have multiple OC's coming in, bandwidth isn't the immediate worry, it's
throughput. . .

again I need to ask for definitions. the best overall throughput is
generally achieved by spreading the load evenly and running things at max
capacity all the time. bandwidth requirements better represent your peak
requirements, but I think what you are looking for is responsivness (or
low latency). Even with that you should keep in mind that Internet use

For mail delivery, the issue is throughput. Latencies are generally
counted in minutes (or hours). Think B52 full of DVDs.

but if you can accept latencies of hours then you have a lot of leeway to spread your peaks out and your peak bandwidth can be far closer to your average bandwidth, so your statement that the peak is 20-30x the average doesn't sound reasonable.

what am I missing here?

David Lang


--
There are two ways of constructing a software design. One way is to make it so simple that there are obviously no deficiencies. And the other way is to make it so complicated that there are no obvious deficiencies.
-- C.A.R. Hoare

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxx
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Relevant Pages

  • Re: Tiscali and the Fair Use Policy?
    ... > Tiscali, advising me that I am breaking the rules of the Fair Usage Policy ... Since the introduction of the FUP, I have taken every possible step ... > to ensure my bandwidth is at controlled sufficiently between tiscali's FUP ... >>during peak periods and is affecting the service that we provide to other ...
    (uk.telecom.broadband)
  • Re: MIL-STD-461
    ... so putting a peak detector it will ... > measurement bandwidth that shall be used at any test frequency. ... consider a sine wave with a 2 V peak to peak amplitude. ... > also has a Peak amplitude of 1 volt, and an RMS value of 0.707 volts. ...
    (sci.engr.electrical.compliance)
  • Re: FIR Hilbert transformers
    ... after applying absolute value to the analytical signal. ... >> than about 1/4 of the bandwidth of the original signal. ... > it matters little how narrow the modulation bandwidth. ... > of the samples will be even within 90% of the peak is too ...
    (comp.dsp)
  • Re: FIR Hilbert transformers
    ... making it more likely that one of them will be near the peak. ... in the resulting time series as it does when applied to ... than about 1/4 of the bandwidth of the original signal. ... it matters little how narrow the modulation bandwidth. ...
    (comp.dsp)
  • Re: MIL-STD-461
    ... so putting a peak detector it will ... measurement bandwidth that shall be used at any test frequency. ... consider a sine wave with a 2 V peak to peak amplitude. ...
    (sci.engr.electrical.compliance)