Faster Hardware, Better response time?
Will having better hardware provide a faster firewall response time? I understand pfsense will perform fine on a small single core server with 512MB of RAM.
My question is about response time. Will having better hardware result in faster response time with pfSense? I know we are talking microseconds, but aren't we all aim for ultimate performance?
Thanks in advance for your help.
But will it improve your user experience? Maybe.
If you consider delay introduced by the firewall for, for instance, loading a web page it going to be a very small percentage of the total time.
marcelloc last edited by
If your current hardware has a high CPU load, then upgrade will increase firewall throwput.
valnar last edited by
Many many years ago, I used a Cisco 2621 as a firewall (RISC 50Mhz CPU) and "upgraded" to a lowly Sonicwall SOHO2 with a 133Mhz CPU. Granted there are architecture & OS differences, but the Sonicwall was noticeably snappier. Neither taxed my 4Mb Internet connection from a total throughput standpoint, but the Sonicwall brought up web pages faster. I couldn't point my finger at any one particular aspect in the chain (DNS lookup, NAT, ACK responses, etc).
So yes, CPU does matter, although after a certain point, it probably doesn't make a difference. When comparing a 33Mhz device to a 200Mhz though, it'll be noticeable.
How fast you get the packets "on the wire" also makes a difference, which is why we all harp on getting Intel NIC's in this forum. They simply do it faster and more reliably than others.
As long as you have adequately sized hardware for your connection speed, the difference in end to end latency between say a 500 MHz ALIX and a quad core Xeon server is trivial. The majority of the Internet will be 30-80 ms from you or more depending on your physical location, microsecond differences don't have any noticeable impact.