Re: 10Gb and 40Gb equipment available
On Thu, Feb 16, 2017 at 10:42:21AM -0500, Thor Lancelot Simon wrote: > NetBSD has received a donation of 10Gb Ethernet switches (Arista 7124S or SX > and 7050). > > We will use some of these switches in our own infrastructure but are > offering others for long-term use by developers interested in using them to > work on NetBSD-related projects. > > An immediately obvious project would be porting of additional 10Gb card > drivers, such as those for Broadcom, Solarflare, or Mellanox cards. I > can supply cards and cabling for this purpose. I should note that another obvious project would be support for link-layer encryption (MACsec) in our kernel. I haven't used it on these switches but according to the datasheet, it is supported. The Linux kernel and many Windows drivers support this and it is becoming an increasingly common protocol for protecting LAN and WAN traffic (particularly in light of the recent slew of vulnerabilities in IKE implementations and consequent nervousness about IPsec on WAN links). This should be a fairly simple task starting with the existing code for encryption on wireless networks. Strictly speaking, since this could be tested card-to-card there is no need for a switch with MACsec support to do this work, but we would be more than happy to supply one of these switches to an interested and capable developer as a reference peer for the protocol(s) (encryption and key negotiation). -- Thor Lancelot Simon t...@panix.com Cry, the beloved country, for the unborn child that is the inheritor of our fear. -Alan Paton
10Gb and 40Gb equipment available
NetBSD has received a donation of 10Gb Ethernet switches (Arista 7124S or SX and 7050). We will use some of these switches in our own infrastructure but are offering others for long-term use by developers interested in using them to work on NetBSD-related projects. An immediately obvious project would be porting of additional 10Gb card drivers, such as those for Broadcom, Solarflare, or Mellanox cards. I can supply cards and cabling for this purpose. These are low-latency switches with a fairly rich L2 and L3 feature set (though lacking newer features such as VXLAN encapsulation). They run Linux as the control plane OS and user-provided code on the control plane is expressly supported. A few features perhaps of note to NetBSD developers include MACsec support, port mirroring over GRE, rapid, multiple, and per-VLAN spanning-tree, equal cost multipath routing, and multichassis link aggregation ("MLAG"). The 7050 switches have 40Gb ports. I have a *limited* quantity of 40Gb adapters and cabling available which we can provide to developers who demonstrate a serious interest in working on 40Gb card drivers and related stack features (e.g. large receive). The adapters are Solarflare and Mellanox, and suitable-licensed FreeBSD drivers are available as a starting point. The switch software is EOL by Arista and has some open security issues which mean that the control plane should *not* be exposed to untrusted networks. This should not be a problem for development work. Please let me know before the end of February if you want hardware from this donation, and why. -- Thor Lancelot Simon t...@panix.com Cry, the beloved country, for the unborn child that is the inheritor of our fear. -Alan Paton
Re: RFC: L2TPv3 interface
Hi, On 2017/02/07 14:01, Kengo NAKAHARA wrote: > On 2017/01/20 21:26, Kengo NAKAHARA wrote: >> At first, here is updated patches. >> >> http://netbsd.org/~knakahara/if-l2tp-2/01-accept-ifname-include-digit.patch >>http://netbsd.org/~knakahara/if-l2tp-2/02-if-l2tp.patch > > I rebase and add some fixes. Here is updated patch set and unified patch. > - patch set > http://netbsd.org/~knakahara/if-l2tp-3/if-l2tp-3.tgz > - unified patch > http://netbsd.org/~knakahara/if-l2tp-3/if-l2tp-3.patch > > Could you comment this patch set? If there is no objection, I will commit > this patch set after a few days or weeks. I committed it. Thanks, -- // Internet Initiative Japan Inc. Device Engineering Section, IoT Platform Development Department, Network Division, Technology Unit Kengo NAKAHARA