[SDBUG] OpenBSD on Dell issues ?

Michael J McCafferty mike at m5computersecurity.com
Fri Aug 3 15:12:34 PDT 2007 

Ben,
	I followed the link to a few other links and I am sold on ditching the
PCI/PCI-X cards for the PCIe network cards and the improvements in
OpenBSD which will increase the performance of any system doing PF.

Thanks !
Mike


On Thu, 2007-08-02 at 20:32 -0700, Ben Lovett wrote:
> On Thu, Aug 02, 2007 at 01:55:00PM -0700, Michael J McCafferty wrote:
> > All,
> > 	I am am on the verge of pulling the trigger on a hardware buy for some
> > new firewalls to run OpenBSD 4.1, PF, CARP, pfsync. As we have discussed
> > at the SDBUG meetings in the past, I have issues with interrupts on the
> > CPU when the packets per second get high.
> > 	I am replacing the current hardware within 2 weeks. The current system
> > was installed when it was expected to handle 10 to 20 Mbps peak and
> > about 2 to 5Mbps average. I now need a setup that can handle 20 to
> > 50Mbps average now, with peaks to 200Mbps and future growth to several
> > hundred Mbps peak at which time I assume that unless there is some major
> > advance in servers/PCs/x86_64 architecture, I will have to go to ASIC
> > based devices (ie: Netscreens, etc) and not be able to use my beloved
> > PF. But I digress... what I really need to know is:
> 
> I still believe you can do this with OpenBSD .. Get good NIC's, such
> as em(4), bge(4), bnx(4) ..
> 
> > 	Is anyone currently running OpenBSD on Dell 1950s with the SAS 5/i
> > SATA/SAS controller ? Any problems ? The Dell dude I spoke to said there
> > may be issues with FreeBSD and the disk controller.. but that he only
> > heard that some place and has no details on that. Or shall I use the
> > PERC 5/i controller instead ?
> 
> I haven't run anything such as this (but I wish .. colo box is
> aging, and a 1950 or 2950 would do the trick nicely). I'd suggest
> the mfi(4) (the PERC 5/i) over mpi(4).
> 
> > 	Is anyone using Intel PCIe Gig NICs ? I have been using the dual-port
> > Intel GigE NICs for PCI/PCI-X, but not PCIe. Any known issues ?
> > 	The system comes with Dual Embedded Broadcom NetXtreme II 5708 Gigabit
> > interfaces. Will these be usable under OpenBSD 4.1 ? 
> 
> As Can said, the above card is supported by bnx(4). According to
> someone I know, and whose opinion I trust, HW is great, but he believes
> the driver needs work.
> 
> I'd second the opinion that you should run 4.2-beta, atleast until
> 4.2 is released. During the last hackathon there were numerous
> improvements made to the stack, improving performance dramatically.
> See http://www.undeadly.org/cgi?action=article&sid=20070528213858
> for more information.
> 
> > 	A beer for useful input ! Say, isn't there a meeting tonight ?
> 
> I wish I was there tonight.. Have fun!
> 
> Ben
> _______________________________________________
> SDBUG mailing list
> SDBUG at sdbug.org
> http://lists.sdbug.org/mailman/listinfo/sdbug
-- 
************************************************************
Michael J. McCafferty
Principal, Security Engineer
M5 Hosting
http://www.m5hosting.com

You can have your own custom Dedicated Server up and running today !
RedHat Enterprise, CentOS, Fedora, Debian, OpenBSD, FreeBSD, and more
************************************************************

More information about the SDBUG mailing list