[ previous ] [ next ] [ threads ]
 From:  "William Fulton" <wfulton at thirdhatch dot com>
 To:  "Frederick Page" <fpage at thebetteros dot oche dot de>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] OpenBSD for m0n0wall?
 Date:  Wed, 30 Mar 2005 18:23:14 -0800
It would stand to reason that the embedded space will increase
performance specs as the tools that run on them become more power
hungry.  The AMD Geode GX1 processors are available up to 333 MHz which
is a bit of a jump in performance.  I think we will see faster boards


> -----Original Message-----
> From: Frederick Page [mailto:fpage at thebetteros dot oche dot de]
> Sent: Wednesday, March 30, 2005 5:33 PM
> To: m0n0wall at lists dot m0n0 dot ch
> Subject: Re: [m0n0wall] OpenBSD for m0n0wall?
> Hallo Sancho2k.net,
> Sancho2k.net Lists schrieb am 29. March 2005:
> >I'd like to see a project of the same kind as m0n0wall spring up on
> >OpenBSD.
> There might be a reason why all those pf guys have OBSD and why
> features like CARP, pfsync and other pf related stuff all come from
> OBSD. For a secure platform the flavour of BSD should really be a
> nobrainer.
> >pf is featureful, secure, slim, and unencumbered.
> I hear you. Nice choice of words ;)
> We are currently in a difficult position: m0n0wall is primarily
> designed for embedded PCs like the WRAP and Soekris. The current
> software brings that hardware to it's limits on nowadays usual
> bandwidths. Chris Buechler told us, that his Soekris net4501 is maxed
> out at about 3 mBit. He can forget about OpenVPN, IPSec and the other
> features ...
> It's not hard to see that we are walking towards a problem, bandwidths
> tend to increase more and more. E.g. Swedish users have 10 mBit SDSL
> (20 mBit total bandwidth) for 39 Euro/month.
> >pfsync and CARP are no-brainers for a high-availability firewall
> >cluster.
> Let alone the ability to distribute the load amongst those cheap
> machines. So you'd even be set for future bandwidth increases.
> >It seems to me that OpenBSD is just screaming for someone to pick up
> >initiative and produce a nice embedded systems project a la m0n0wall.
> To me too. Those OS issues should be minor, there is the leap from
> ipfw/ipfilter to pf, but that one will have to be made anyway. The
> FBSD guys have now implemented pf, they will (as OBSD did already)
> deprecate the other tools.
> The developers had already seen, that FBSD 4.10 was dead. Now 5.3
> maxes out the embedded PCs (m0n0wall's primary platform).
> ipfw/ipfilter will also have to be replaced in the foreseeable future.
> >It's small, secure, and no-nonsense.
> That's the IMHO most important thing: no-nonsense.
> >Granted, these applications have been designed to be portable and
> >all be available in FreeBSD, but there is something to be said for
> >running on the native platform at times.
> They simply work and with no fuzz.
> Kind regards   Frederick
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch