[fw-wiz] RE: High Speed Firewalls

David Newman dnewman@networktest.com
Mon, 13 Mar 2000 20:05:45 -0500


>
> > Cars slow down when approaching and toll booth speed up going
> away from it,
> > and that affects their "throughput." Ditto packets traversing firewalls.
>
> Not if the acceleration lanes are wide enough:  20 lanes of
> traffic moving at
> 10 MPH has the same throughput as 5 lanes of traffic moving at 40 MPH.
> Similarly, a "full speed" firewall may need to have several NICs
> on each side.
> Parallelism solves many throughput problems, but rarely benefits latency
> (except for reduced queue length).

Eh? Here the analogy breaks. Regardless of the number of lanes, ALL the
cars/packets were going 65 mph before they hit the toll booth/firewall. You
need a hell of a lot of parallelism to make up for that.

dn