free hit counter
I've experimented with a number of different hardware platforms, and summarized my results below.

CPU

Performance-wise, the Intel Core2 Duo clearly outperforms similar offerings from AMD. It is also highly amenable to overclocking: I run an e4300, rated at 1.8 Ghz, stable at 3.6 Ghz using the Thermaltake Ultra-120 Extreme air cooler.

Ethernet Cards

I tried out a number of GigE cards, ranging from 10$ Gigabit Ethernet cards from Newegg, to server-grade NICs. The low-end cards have poor performance, especially with small sized packets. I was disappointed in the PCI-X based Intel server adapters. On the PCI-E side, the PCI-E Broadcom SysKonnect card, and Marvell-based NICs on the nVIDIA 680i motherboard did not offer acceptable performance. The Intel Pro/1000 PT Dual Port PCI-E x4 (82571 chipset) was by far the best card; it had very high transmit rates, and its support for polling modes that reduce CPU load dramatically seems to be much better that its competitors. I bought mine on ebay for $50 a card.

Motherboards

Azinix does not require video or audio, so some of the high-end boards for Core2 Duo are overkill. I had good success overclocking the EVGA nVIDIA 680i board. I also tried a cheaper board based, the Gigabyte GA-965P-DS3, based on the Intel 965 chipset. The CPU overclocked well, but the PCI-E bus did not. I was initially excited about the nVIDIA nForce Professional boards for AMD Opteron CPUs, which advertise a direct connection from the CPU to the NIC through hypertransport. I tried out the Tyan 3400 ATX Server motherboard; however, Azinix performance on this platform did not stand out.

Performance

The amount of traffic Azinix can sustain is heavily dependent on the workload as well the as the ruleset.

On my platform (3.6 Ghz C2D, Intel 82571 dual port NIC, EVGA 680i) I had no trouble handling full Gigabit Ethernet, on a representative rule set of 3000 rules.

For example, lots of short packets require more work than a fewer long ones, because of the constant overhead per-packet. Complex rules, which involve lots of checks of the relative positioning of strings, or regular expression checks, slow down performance. I do not have concrete numbers for this. It's not clear what the value of finding worst case inputs is, since we care about the average case.

Note that a C2D-based Azinix appliance can be easily built for under $500; compare this with the 6-figure prices for commercial networking gear from Cisco, Juniper, etc.

I have no experience with non x86/Linux platforms. I'd be very interested in seeing how other hardware platforms (Niagara, Power), and operating systems (BSD, Solaris) perform.