[ previous ] [ next ] [ threads ]
 From:  Frederick Page <fpage at thebetteros dot oche dot de>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] 1.2b6 lock-ups ....
 Date:  Fri, 4 Mar 2005 20:50:13 +0100
Hallo Christian,

Christian Rohmann schrieb am 03. March 2005:

>I just used b6 for about 12 hrs and in between 10 of them m0n0 froze twice.
>Does any1 here have similar troubles?

I also had to report several freezes of m0n0 1.2b2 and above. To me
this seems to be related to traffic (thus indirectly to uptime). My
network is heavily utilized, have about 400-600 GB/month traffic on
the WAN interface.

With 1.2b5 and 1.2b6 (FreeBSD 5.3) it got even worse.

My hardware is a Soekris net 4801, when I reboot it say every 2 days,
it runs rock-stable.

Although I have no way of knowing, I have a gut-feeling that an OS
like OpenBSD is more suited to a router/security platform. OpenBSD
also has lesser weight and (IMHO) appears more stable than FreeBSD in
general. (I evaluated FreeBSD but switched to OpenBSD for my server).

Although m0n0wall is a great product, I am not convinced that FreeBSD
is the ideal platform. To me FBSD is going into the same direction
Linux has already gone. Old unix virtues like stability are sacrificed
on the altar of new features, new drivers, new hardware. Meaning the
demands of mass markets are met :-(

I also bought a WRAP and will test that one too, although I do not
believe there are hardware problems that will make m0n0 freeze after 7
to 11 days. That came down to one freeze every 3-4 days since using
1.2b5 (now b6).

Considering things like pf and CARP make me want OpenBSD, my server
has 170 days uptime by now (and also is heavily utilized) and what
better OS for a security platform, than the world's safest OS?

I am currently thinking of setting that up myself (of course without
the nice web GUI) on the WRAP/Soekris, the constant reboots every 2
days really are not worthy of a unixoid OS. Even my previous Debian
router (Kernel 2.4) was much more stable than that. However the 1.1
was much, much better regarding stability, but that one does not have
the features of the 1.2 series :-(

Please note, that this is not a rant, neither an attempt of FUD. I do
not wish to diminish the merits of the m0n0 developers and their
absolutely great work. I personally feel that switching to FBSD 5.x
(which had LOTS of issues already!) was not the ideal choice.

Although declared stable, the recent bugs with Traffic Shaper, NAT,
PPTP, etc. show impressively in which direction FBSD is going. And
that's the reason why I think the pfsense project is useless. Why they
choose to use pf on an inferiour platform (where pf was neither
developed on, nor developed for) is beyond me.

And since m0n0wall is primarily developed for embedded machines,
driver issues should be of no importance.

Anyway, that's just my $ 0.02

Regards   Frederick