On Mon, May 08, 2006 at 02:43:38PM -0500, Jacob Yocom-Piatt wrote: > this raises another question i've had on my mind for quite some time: > what, if any, are the advantages of doing pppoe using openbsd, as > opposed to using a hardware router of some sort?
You get to use OpenBSD as your sole firewall rather than relying on a cut down Linux install or VxWorks with no real memory management. Take note of the bug in the SPI of Netgear routers which caused the modem to drop its connection. What other bugs lurk in some propriority software. Advantages being all those security enhancement which come along with with OpenBSD. If it's a firewall and you don't need to rely on ports then it might be worth enabling guard pages. Check malloc(3) for details. Since enabling it by default would break far too many 3rd party ports. If you have a block of IPs then having one firewall can save you wasting IPs. I'm sure there's some scrub ttl hack you could do to hide the second firewall. In my opinion the OpenBSD kernel pppoe device is very reliable and far better than the average cheap consumer ADSL modem/router. Since there were complaints of no real docs in Google on using the kernel land pppoe driver for a pppoa connection with a bridged ADSL modem doing the ATM work. I have recently written http://compsoc.dur.ac.uk/~djw/pppoa.html on the matter. A word of warning is that I've only just thrown it together, but may be useful to others who can't get their firewall to do what they want it to do. I'm not opposed to feedback, as long as it's constructive ;) Dan
