[ previous ] [ next ] [ threads ]
 
 From:  Jim Thompson <jim at netgate dot com>
 To:  "Sancho2k.net Lists" <lists at sancho2k dot net>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] OpenBSD Packet Filter in m0n0wall?
 Date:  Wed, 30 Mar 2005 16:42:13 -1000 
Sancho2k.net Lists wrote:

>Jim Thompson wrote:
>  
>
>>Sancho2k.net Lists wrote:
>>
>>    
>>
>>>It seems to me that OpenBSD is just screaming for someone to pick up the
>>>initiative and produce a nice embedded systems project a la m0n0wall.
>>>It's small, secure, and no-nonsense.
>>>
>>>Granted, these applications have been designed to be portable and will
>>>all be available in FreeBSD, but there is something to be said for
>>>running on the native platform at times.
>>> 
>>>
>>>      
>>>
>>Last I checked, openbsd suffered in terms of performance compared to
>>FreeBSD and NetBSD.
>>    
>>
>
>In certian areas and applications, performance hits were recognized. In
>many of those areas, changes have been made to the tree that offer
>dramatic improvement. In other areas, performance hits were shown using
>methodologies that had little basis in "real life" usage results.
>  
>
The nice thing about *BSD is that you can look in at least 2 other trees 
for a fix or different way to do it,
and you can (easily) run at least two other operating systems on the 
same hardware to determine if you've hit the wall on hardware, of if the 
software/OS has some shortcoming.

So its only goodness that all three can borrow, or at least look over 
each other's shoulders. (To say nothing of linux.)

>At any rate, I'm not sure what sort of screaming performance you expect
>to see on most embedded platforms (WRAP and Soekris come to mind) that
>you'll see go beyond what OpenBSD can provide. They just don't have the
>hardware specs to drive the system to that point. I would say for the
>greater majority of users, no serious user of OpenBSD will complain
>about real world performance shortfalls. Those few who do will certainly
>use another platform anyway.
>  
>
I'm currently (as in right now) running m0n0 (1.2b6) on a 1GHz / 512MB 
VIA box that has 4 built-in Ethernets (those aren't switch ports, 
they're actual PCI Ethernet chips on the PCI bus.) Oh yeah, its 
(currently) got an 802.11g card in it, and boots from a CF slot. :-)

Behind that, I've got a 1U 2.8GHz P4 appliance coming with 3 GigE and 3 
10/100 ports. It also boots from a CF card.

Soekris has some crunchier boxes coming out as well. Dismissing 
performance issued because m0n0wall is typically used on low-end 
embedded hardware (where such issues aren't as visible) is a poor argument.

The WRAP/Soekris 48xx/45xx boards have their place. They're inexpensive, 
and deal with the realities of serial BIOS, etc quite well. I doubt 
anyone expects to be able to forward through them at wire-speed.

OpenBSD, NetBSD and FreeBSD bring different mindsets to the table. I'd 
not bother with NetBSD except for the

OpenBSD's "security uber alles" was originally a fine thing. Now its 
essentially marketing hype, since the playing field on that front is 
essentially level. Performance will soon level out, except where 
FreeBSD's VM continues to dominate on Intel hardware (and then only for 
applications that are sensitive to VM performance issues.)

OpenBSD's legacy challenge remains the issues encountered when dealing 
with Theo, and the wireless HAL damage.

YMMV.