From: Carl Roberso (eb009f3ba410feff8837fdfb418db045mydsl.it)
Date: Sat Dec 01 2007 - 10:24:45 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi all!
I'm a newbie OpenBSD user, and I'm trying to put two "carped" OpenBSD 4.2
box between a dual 100Mbit/s WAN connection (two uplink providers).
OpenBSD boxes should Do various VLAN managing, routing (BGP) and
firewalling. I don't need "scrubbing" on all packets, for now.

I put in place two machines, with 1GB of RAM and a XP 2000+ CPU, running on
flashes (the / is on flash, but I'm logging to a dedicated machine, on a
dedicated NIC, fxp0).

So I have three 'em' NICs (one for my side, two for each ISP sides), one fxp
for logging and another fxp for CARP.

The system runs with stock OpenBSD 4.2 kernel: I tried to put intelligent PF
rules in order to get the lowest CPU utilization.

I don't have any CPU problem, but an impressive (vmstat -i) amount of
interrupts (something like 6000/s on external interfaces), and sometimes the
system drop packets, even when way less that 100Mbit/s of bandwidth and
trying on ISP hosts.

When I swap OpenBSD with a Cisco 12008, everything is fine (no packet
loss).. but of course the price tag is not really comparable :D

Can you give some hints on using OpenBSD in a medium demanding context like
this?

Thank you in advance.
--
View this message in context: http://www.nabble.com/OpenBSD-for-routing---firewalling-a-100Mbit-s-connection-tf4928708.html#a14106791
Sent from the openbsd user - misc mailing list archive at Nabble.com.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]