[SDBUG] OpenBSD on Dell issues ?

Can Erkin Acar canacar at gmail.com
Thu Aug 16 00:30:19 PDT 2007 

On 8/13/07, Michael J McCafferty <mike at m5computersecurity.com> wrote:
> Well... I got the hardware, and the results are in:

Nice, and good results. There is a problem with your extrapolation
calculations though. The peak theoretical bandwidth of PCI (32 bit) is
about 128MB/sec which is equivalent to 1Gb/s, so you will not be able
to reach 1.4Gb using 32 bit slots. It is probably ok though, since the
interrupts are the real problem that limit the pps rate, usually at a
much lower bandwidth with small packets. And this is what matters with
DoS attacks.

For a good overview of PCI technologies you can have a look at:
http://arstechnica.com/articles/paedia/hardware/pcie.ars/1


> I have a more complete spreadsheet, but here are the highlights:
>
[snip]
>         I think it is relevant to note that interrupts were handled by a single
> core of the dual core CPUs in each case.

Yes, only userland benefits from multiple processors at the moment.

>         What I have learned from this is that when it comes to PCIe or PCI-X
> and 133MHz 64-bit vs. 32-bit PCI... it's not really that relevant for
> x86/x86_64/amd64 firewalls with OpenBSD. The bottleneck is hardware
> interrupts to the CPU. I actually already knew that the interrupts were
> the bottleneck, but what I didn't know was how 1333MHz FSB vs. 1066MHz
> FSB, or 32-bit PCI vs. PCIe, or OpenBSD 3.8, OpenBSD 4.1 or the latest
> snapshot would affect the final performance. Of course I also didn't
> know the difference between Xeon 5130 and Core2 Duo E6600 for interrupts
> either.
>         There is one faster model of CPU available for the Dell system. The
> 3GHz Woodcrest CPU is about $500 MORE than the CPU tested, each. *If* it
> scales linearly, this would bring the performance to ~2Gbps and
> 400,000pps. This is still 100,000pps short of my desire to handle over
> 500,000pps (about 48Mbps of 12Byte UDP packets, a relatively small DDoS
> attack). Really, I'd like to be able to handle 100Mbps+ of 12Byte
> packets, but I realize a million pps is pretty steep.
>
>         Why oh why won't someone smarter than me work on device polling for
> OpenBSD ? Or is that even the solution ?

I dont claim to be an expert, but claudio@ says polling is not the
solution (it may actually increase latency). A good network card and a
good matching driver would probably perform much better.

Some developers are working on improving the network performance.
There are also several 10Gb card drivers being worked on, so we really
aim to support higher speeds. The latest profiling and tuning effort
at the last hackathon was a start.


Enjoy your new setup :)

Can

More information about the SDBUG mailing list