[122328] in North American Network Operators' Group
Re: Linux Router distro's with dual stack capability
daemon@ATHENA.MIT.EDU (Marty Anstey)
Thu Feb 11 18:28:48 2010
Date: Thu, 11 Feb 2010 15:28:21 -0800
From: Marty Anstey <marty.anstey@sunwave.net>
To: William Pitcock <nenolod@systeminplace.net>
In-Reply-To: <1265926323.19057.12.camel@petrie.dereferenced.org>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
William Pitcock wrote:
> FreeBSD's network stack chokes up in DDoS attacks due to interrupt
> flooding. We used to use FreeBSD for firewalling and basic routing, but
> when noticing that we had horizontal scalability (e.g. a Celeron 667mhz
> performed nearly as well as a dual dual-core Xeon system when DDoS
> attacks happened), we switched to Vyatta, and generally have not looked
> back.
>
> William
>
>
Which version of FreeBSD and how much traffic/pps?
I believe that there has been significant improvements to the networking
stack in recent versions of FreeBSD, plus there are also a lot of sysctl
tunables which can significantly improve networking performance. I have
a hard time believing that the networking performance of recent versions
of FreeBSD would not be competitive in comparison to other unixes.
-M
