> >Josh wrote:
quoted text > >>Hello there.
> >>
> >>We have a bunch of obsd firewalls, 8 at the moment, all working nice
> >>and so forth. But we
> >>need to add about another 4 in there for new connections and
> >>networks, which means more
> >>machines to find room for.
> >>
> >>So basically I have been asked to investigate running all these
> >>firewalls in two big boxes, with lots
> >>of NIC's, with a bunch of openbsd vritual machines on them. One main
> >>box for the primary firewalls,
> >>one for the secondary. Each virtual machine getting its own physical
> >>NIC.
> >>
> >>Personally I dont really like the idea, I can see things going wrong,
> >>lots of stuff balancing on a
> >>guest os and box.
I don't understand the logic of having multiple firewalls on one box.
If one box can handle the throughput requirements of all the NICs, why
not just one big firewall?
Doug.
