So how does LBU perform? The Linux kernel was built around networking, so it is highly efficient at handling network traffic. The "Why Use LRP FAQ" gives a general idea of what to expect, performance-wise, and there's also a great review here of an earlier version's performance. But how did LBU perform on my hardware?
To find out, I used several utilities including Qcheck and Netperf. Basically, the answer is that LBU can easily exceed the performance limits of most network hardware. Using Qcheck from a PII400 desktop system, testing throughput across the LBU firewall (the one running on the PII 500) to a server in the dmz zone, I recorded a tcp throughput speed of 62.5Mbps. Using Qcheck from a P4 2.66GHz machine, across the firewall to the same server, I recorded a tcp throughput of 93.023Mbps.
The results gave me the impression that the limiting factor in those tests could be the ability of the desktop system to spew out packets with Qcheck. So using Netperf, I set up 3 systems to blast everything they had across the firewall to my dmz zone server simultaneously. Amazingly, I recorded 57.2Mbps, 20.56Mbps, and 18.16Mbps on the 3 machines, which adds up to 95.92Mbps. But, you say the network cards are rated at 100Mbps? That's true, but in real life the practical limits of 100BaseTX Ethernet are generally considered to be somewhere between 60 and 95 percent of that, depending on hardware, protocols, and who you talk to.
On my other LBU firewall, the one running on the P100 with the 10BaseT card, I used the same Netperf technique and saw 2.4Mbps, 3.52Mbps, and 1.04Mbps, for a total of 6.96Mbps, not bad for 10BaseT, and probably the limit of what that network card will do. The bottom line here is that with LBU running on both of these firewall platforms, the limiting factor is not the software.
As far as stability is concerned, I've been running versions of LEAF-Bering for several years now, many times on hardware that most folks would throw out, and I've yet to see it crash, hang up, or need rebooting unless there was a problem somewhere else. A LBU firewall is basically like an appliance - once it's installed and properly configured, you can pretty much unplug the monitor and keyboard and forget about it.