William Pitcock wrote:
FreeBSD's network stack chokes up in DDoS attacks due to interrupt flooding. We used to use FreeBSD for firewalling and basic routing, but when noticing that we had horizontal scalability (e.g. a Celeron 667mhz performed nearly as well as a dual dual-core Xeon system when DDoS attacks happened), we switched to Vyatta, and generally have not looked back.
William
Which version of FreeBSD and how much traffic/pps? I believe that there has been significant improvements to the networking stack in recent versions of FreeBSD, plus there are also a lot of sysctl tunables which can significantly improve networking performance. I have a hard time believing that the networking performance of recent versions of FreeBSD would not be competitive in comparison to other unixes. -M