[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

real hardware router VS linux router

On Sat, Feb 21, 2009, Leen Besselink wrote:

> If you had to choose, it's probably smarted to go with OpenBSD, it has a
> lot better integration of packet filter, bgpd-daemon, ospf, vrrp-like, etc.

If you'd like a hope in hell of handling higher packet rates, where
"higher packet rates" is "more than an NPE-200", then evaluate all of the
open source operating systems before making that choice. Evaluate means
"build test rig and test", not "read blog articles about how cool OpenBSD + PF
is and how it worked for one person who bothered to write a glowing review."

Too often do I come across people who have setup OpenBSD + PF, put it into
production, then wonder why things perform craptastically after a couple
hundred megabits. Convert to FreeBSD + PF, or Linux + iptables; this mostly
goes away.

(Same with Linux and freeBSD with big firewall rulesets, because they followed
blog posts and didn't bother reading the documentation..)