I've experimented with a number of different hardware platforms,
and summarized my results below.
Performance-wise, the Intel Core2 Duo clearly outperforms similar offerings from
AMD. It is also highly amenable to overclocking: I run an e4300, rated at 1.8 Ghz, stable
at 3.6 Ghz using the Thermaltake Ultra-120 Extreme air cooler.
I tried out a number of GigE cards, ranging from 10$ Gigabit Ethernet
cards from Newegg, to server-grade NICs.
The low-end cards have poor performance, especially with small sized packets.
I was disappointed in the PCI-X based Intel server adapters. On the PCI-E
side, the PCI-E Broadcom SysKonnect card, and Marvell-based NICs on the nVIDIA 680i motherboard
did not offer acceptable performance.
The Intel Pro/1000 PT Dual Port PCI-E x4 (82571 chipset) was by far the best card;
it had very high transmit rates, and its support for polling modes that reduce
CPU load dramatically seems to be much better that its competitors. I bought mine
on ebay for $50 a card.
Azinix does not require video or audio, so some of the
high-end boards for Core2 Duo are overkill. I had good success overclocking the
EVGA nVIDIA 680i board. I also tried a cheaper board based, the Gigabyte GA-965P-DS3,
based on the Intel 965 chipset. The CPU overclocked well, but the PCI-E bus did not.
I was initially excited about the nVIDIA nForce Professional boards for AMD Opteron CPUs,
which advertise a direct connection from the CPU to the NIC through hypertransport.
I tried out the Tyan 3400 ATX Server motherboard;
however, Azinix performance on this platform did not stand out.
The amount of traffic Azinix can sustain is heavily dependent
on the workload as well the as the ruleset.
On my platform (3.6 Ghz C2D, Intel 82571 dual port NIC, EVGA 680i)
I had no trouble handling full Gigabit Ethernet, on a representative
rule set of 3000 rules.
For example, lots of short packets require more work than a fewer long ones, because
of the constant overhead per-packet.
Complex rules, which involve lots of checks of the relative positioning
of strings, or regular expression checks, slow down performance. I do
not have concrete numbers for this. It's not clear what the
value of finding worst case inputs is, since we care about the average case.
Note that a C2D-based Azinix appliance can be easily built for under $500;
compare this with the 6-figure prices for commercial networking gear
from Cisco, Juniper, etc.
I have no experience with non x86/Linux
platforms. I'd be very interested in seeing how other hardware platforms (Niagara, Power),
and operating systems (BSD, Solaris) perform.