On Thu, 9 Feb 2006, chefren wrote: SNIP > Lets put in the OpenBSD plug first: Yes OpenBSD is fully supported with the > FT-x > card.
The Metanetworks 10G card is supported by an OpenBSD driver. The only OpenBSD version directly supported is 3.7, it was the current version when we purchased it. SNIP > Disclaimer: I didn't know anything of metanetworks > http://www.metanetworks.org/ > and their products before I saw the link on this list a few hours ago. Up to a > minute ago I never heard of Endace http://www.endace.com/ . > > Claimer: I work for IDD http://idd.nl/ and know a thing or two of our card > and > if if I don't know it I can ask people here about the last details. and I didn't know anything of the IDD cards until this thread began. Have you talked to the people at AMS-IX about your cards? I was familiar with the predesessors to the endace card OC3MON, OC12MON from my days playing with ATM. SNIP > http://www.metanetworks.org/products.html > http://www.endace.com/images/E2DAG6.2Lge.jpg > http://idd.nl/ft/pci.jpg > > As probably anyone here can see on the pictures there is a big difference > between the cards. The IDD card has large memory banks which seem to lack on > the > other cards (I might be wrong on this, couldn't see the back of the cards on > the > pictures.). The MTP cards are designed to filter out "bad" packets, that includes up to Jumbo sized frames, at line rate. I seem to recall Livio made an offer to the tcpdump workers list to move some of libpcap onto the card. Right now it can process SNORT rules, load them onto the card and filter traffic. The API is available to developers if you are interested in the card. > Other differences I see: Metanetworks claims Jumbo frames, we don't (don't > know > if that's a hard limit, no customer has ever asked for it). As far as I see > the > Endace card and our card only monitor, we do repeat a retimed to Sonet specs > optical signal. Metaworks claims to be able to "Filter out viruses and worms > with approximately 1 5s latency" and "wirespeed URI decoding" I cannot take > that > seriously without further specifications. [(URI as being "URL" like http:// ? > And where? also from compressed http streams too?] No I believe he meant URI, reference RFC3986. Livio's original design is to filter on signatures, using available SNORT rules. However since the design is based on an FPGA and the API is available you are not limited to filtering based on SNORT rules. SNIP > <end of plug, I will donate if something serious comes from this> I'm just the humble consumer of the MTP-10G, to be honest had I known of the existense of your company's product a year ago I would have contacted you. diana Past hissy-fits are not a predictor of future hissy-fits. Nick Holland(06 Dec 2005) To announce that there must be no criticism of the president, or that we are to stand by the president, right or wrong, is not only unpatriotic and servile, but is morally treasonable to the American public. - Theodore Roosevelt(1918)
