SUMMARY:firewall1 on solaris X86

From: ganeshan (ganeshan@gcs.com.au)
Date: Tue May 19 1998 - 21:06:12 CDT


Hi every body,

Sorry for the delayed summary being posted as our we were still testing for
any possible failure, which has
not happened so far. ( its 7 days since firewall was put on production
after installing all the recommended
patches for solaris X86( ver 2.5.1)

The fix was installing all the recommeded patches for 2.5.1 and that has
solved the problem

Thanks a lot all who gave other pointers to check, the details of which are
included.

Now to the original problem:
Has anybody come across or know to have used firewall 1 sucessfully on
> Solaris X86. One of our customer is experiencing problems (
> the system hangs for about a minute) during peak traffic.
> Does installing all the recommended including security fixes help in
> fixing this problem.
PC configuration

pentium 133 Mhz 64MB ram with enough swap and disk space

Replies and suggestions received:
----------------
I haven't used FW1 on a x86 machine, but I remember we've had a similar
problem a while ago. The problem on our site was, that the interfaces
weren't configured properly :-(

The cisco thought it was running on a full-duplex ethernet and the SUN
thought it was running on a half-duplex ethernet. That's why I propose
that you check with netstat if you have errors or not on your
interfaces.....

Christophe Colle <christophe.colle@telenet.be
--------------------
I'm running fat, dumb & happy on a 233MHz x86 box with FW-1.
What is the bandwidth of the pipe coming from the 'Net?
What does sar & top show is happening on the system at
the time of the "hangs"?

Charlie Mengler
Charlie Mengler charliem@anchorchips.com
------------
Yes, I use Firewall-1 on an x86 box quite successfully - without any
hangs.
I'm doing NAT too. What kind of pc is hosting this ? How much memory
and how much swap ?
Regards,
Matt Reynolds

--
Matt Reynolds               matt@aztek-eng.com
------------
I had Solstice Firewall 2.0 for x86 setup on a Toshiba 430CDT laptop for
demo purposes.  I found it was very slow due to the fact that the PCMCIA bus
is not very fast for transferring data.

If the customer is using an ISA or an EISA bus for there network cards, it can cause some delays, especially when a lot of traffic occurs. The best thing to do if x86 is the only solution is to ensure that the PCI bus is used for both NIC cards and that the NIC cards are of top quality. ie. 3Com. Also make sure that you have a lot of RAM. For example Solstice Firewall 2.0 recommends at least 64MB of RAM. Of course, the more the better. Marco Greene <cmgreene@netcom.ca

----------------- ---------------------------------------------------------------------------- - Ganeshan Srinivasan, Graphics Computer Systems, 97 Highbury Road, Burwood,Vic3125 phone:98888522 fax:98888511 ganeshan@gcs.com.au website: http://www.gcs.com.au



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:12:40 CDT