All firewalls are going to slow the connection down, as they will increase the RTT, just passing the traffic in one interface and out another will add delay - even with no rules etc. It's the PPS that is the killer with firewalls, personally I'm a fan of OpenBSD + PF if you want something for multiple servers, or m0n0wall (We use these for individual customers).
|