So anywhere I look for router performance on OpenBSD, all the benchmarks
are on small lines or old machines. I also see mentions of people using
it in large scale installations, which is what I'm looking to do. I
thought I'd ask here and see what people have done.
I have 2 GigE lines from different providers balanced via BGP with full
routes from both providers. Currently, these are running through a
Linux/Quagga/Iptables router/firewall with a P4 3.2 GHz. The distro is
Gentoo, and we've stripped it down quite a bit.
We're pushing streaming video, so it's almost all outbound traffic by
about a 30:1 factor, and our average packet size is quite large - around
1200 bytes. At the moment, when we hit about 350Mbps, the router gets
to ~30% CPU usage, and it appears that we stop being able to pass all
the traffic at full speed. I don't see packet loss, but our traffic
graph flattens a good bit. At those rates, we also start to see
crashing, but we haven't been able to figure out the exact cause of
those either.
So, long story short, I need a new router. We've looked at Cisco, etc.
and for what we're doing, it looks like we need a carrier class router.
I can get a decked out 12008 for about $8k, but I'd rather not spend
that much, or use the 2 feet of rack space.
I've used OpenBSD/PF for firewalls in the past, and loved them, so I'd
like to use it for a router if it can handle what we need. Basically, I
need to be able to saturate both of those GigE lines. I'm willing to
buy the brand-newest hardware - the PCI express bus should be able to do
2.5 Gbps, but I can't find anything that says I can push that much
through software.
I was also looking at the Intel I/O Accelerator, but I didn't see if
there was OpenBSD support for it. I'm sure if there is, that would help
get me to be able to push the traffic I want to.
A long explanation, but I'm just hoping someone could give me some
insight here.
Alex Thurlow
Technical Director
Blastro, Inc.
