DrTCP
Yours truly
Premium,ExMod 1999-04
join:1999-11-09
Round Rock, TX
| reply to okaven
Re: SPI feature
okaven: I am glad to see you guys participating in this discussion.
The following are accurate descriptions of SPI (as I have referred in the reference thread above).
»www.avolio.com/apgw+spf.html
»rr.sans.org/firewall/anatomy.php
Linksys routers do not have the overhead of any packet filters that Netgear and ZyXEL routers have (by the way Netgear RT311/RT314/RP114/RP334/RO318/MR314 are all based on ZyXEL's ZyNOS - modified by Netgear, others are based on SonicWall). So, Linksys is benefiting from the lack of meaningful packet filtering capabilities. Secondly, an SPI firewall has more to do as opposed to one that simply does packet filters and much more against the one that does not
have specific filtering and just relying on the NAT. So, comparing NAT only router with one that has packet filter capabilities and even SPI is not a fair comparison.
Finally, you tests seems to placed extra importance on small packet performance whereas for bulk transfers large packet performance is what really matters. Over there Netgear is either as fast or faster than Linksys and advantage of 64 byte packets is not that important. Also, test environment is very important. WAN port of Netgear routers is half-duplex only. If would not like bi-directional artificial small packet performance tests. In real life most packets are large packets and small ACK packets do not consume much bandwidth.
Another test that is conducted by Tolly group.
»www.2wire.com/products/pdfs/tolly_hp0501.pdf
Alas, on this test Linksys performed poorly on large packets. |
