Hi Adam
On Wed, 2005-08-31 at 19:47 +0100, Mr. Adam Allen. wrote:
I did a fair amount of benchmarking with Linux (needed a very low cost traffic generator).
Performance with a cheap Realtek card wasn't much more than 40Mbps on a 1Ghz athlon (CPU usage at 99 %). On a P4 2.4Ghz with and a 3Com it was possible to saturate a 100 Mbits LAN (CPU usage was around 30 %).
I'm not familair enough to judge the quality of the broadcom cards, but a better quality card maay be worth a try.
I'm hoping they are OK, we were using a brand new dual NIC'd HP Proliant, taken out the box that morning. Broadcom cards cant be all bad, Apple use Broadcom NICs in their G5 machines.
It may be less resource intensive to bridge the ports (assuming you can still hook Snort in-line that is).
I had the same thought this morning, I'll try that out when I get to work on monday.
Thanks
Chris