[103329] in North American Network Operators' Group
Re: 10GE router resource
daemon@ATHENA.MIT.EDU (Aaron Glenn)
Tue Mar 25 22:14:23 2008
Date: Tue, 25 Mar 2008 19:13:24 -0700
From: "Aaron Glenn" <aaron.glenn@gmail.com>
To: nanog@nanog.org
In-Reply-To: <4116134.186351206494157370.JavaMail.root@protozoa>
Errors-To: owner-nanog@merit.edu
On Tue, Mar 25, 2008 at 6:15 PM, Patrick Clochesy <patrick@chegg.com> wrote:
> Very interesting study I had not seen, and a bummer. That really puts a
> cramp in my advocation of our CARP+pf load balancers/firewalls/gateways.
> Than again, what's a PIX box capable of?
I'd rather tweak a whitebox than pay through the nose for a PIX.
> I also had to switch to OpenBSD as there was a fatal crash with the bridge
> device in FreeBSD when used with my paticular OpenVPN/CARP/pf combination.
>
> AFAIK pf/forwarding only takes place on one core and wouldn't take advantage
> of the other 3 cores, correct?
Correct. There has been some great speed and efficiency improvements
in pf and other networking parts of OpenBSD; though from anecdotal
evidence, 10GbE is not ready for 'primetime' (for certain definitions
of 'primetime').
actually I'll just skip making an ass out of myself and hope henning@
chimes in, since I believe he reads NANOG as well.
aaron.glenn
