On 2010-02-12, Graham Allan al...@physics.umn.edu wrote:
I wonder if it's a viable option simply to run an active-active carp/pf
pair, since the pfsync changes in 4.6?
Active/active works well, and allows traffic to pass in situations where
before it simply wasn't possible, but there are
On Sat, 13 Feb 2010, Martin Schrvder wrote:
2010/2/12 Diana Eichert deich...@wrench.com:
own. http://www.tilera.com/ , specifically one's based on the
TILEPro64 . Though cost wise they are a bit higher end than commodity
Nice. Although it probably doesn't run OpenBSD. :-)
yeah, boots
* Alexander Shikoff minot...@crete.org.ua [2010-02-12 08:06]:
Every OS can have it's vulnerabilities. OpenBSD is very secure, but I'm sure
it cannot route (even without pf) 10Gbit/s traffic.
you have no idea, obviously.
interesting how much fuzz my graphics card bullshit caused. it was
On Thu, 11 Feb 2010, Claudio Jeker wrote:
Henning, I told you, we should not talk about unfinsihed projects.
We planned to announce this in exactly 7 weeks. Anyway, to late, the cat
is out of the bag.
So Henning and Oga are working at offloading pf into the graphic card
cores by using the DRI
On Thu, 11 Feb 2010, Claudio Jeker wrote:
Henning, I told you, we should not talk about unfinsihed projects.
We planned to announce this in exactly 7 weeks. Anyway, to late, the cat
is out of the bag.
So Henning and Oga are working at offloading pf into the graphic card
cores by using the DRI
On Fri, Feb 12, 2010 at 2:52 PM, Diana Eichert deich...@wrench.com wrote:
On Thu, 11 Feb 2010, Claudio Jeker wrote:
Henning, I told you, we should not talk about unfinsihed projects.
We planned to announce this in exactly 7 weeks. Anyway, to late, the cat
is out of the bag.
So Henning and
On Fri, 12 Feb 2010 14:59 +0100, Bret Lambert bret.lamb...@gmail.com
wrote:
On Fri, Feb 12, 2010 at 2:52 PM, Diana Eichert deich...@wrench.com
wrote:
On Thu, 11 Feb 2010, Claudio Jeker wrote:
Henning, I told you, we should not talk about unfinsihed projects.
We planned to announce this
On Fri, 12 Feb 2010, Brad Tilley wrote:
The rumor is that they are using CUDA on Nvidia graphics cards with
advanced object oriented C++ and it is so fast that several developers
are considering switching from C to C++ even for the kernel, after
migrating to ZFS and replacing Perl in base with
On Thu, Feb 11, 2010 at 08:46:22PM +0100, Henning Brauer wrote:
* Diana Eichert deich...@wrench.com [2010-02-11 17:02]:
yes, people run firewalls on 10G circuits
I am not aware of anyone filtering at 10G who is using off the shelf
hardware, with open source O/S.
I know of some.
I know there was some facetious comments regarding use of video cards
but there are commercially avaiable cards that allow you to roll your
own. http://www.tilera.com/ , specifically one's based on the
TILEPro64 . Though cost wise they are a bit higher end than commodity
hardware.
diana
2010/2/12 Diana Eichert deich...@wrench.com:
I know there was some facetious comments regarding use of video cards
but there are commercially avaiable cards that allow you to roll your
own. http://www.tilera.com/ , specifically one's based on the
TILEPro64 . Though cost wise they are a bit
On Fri, Feb 12, 2010 at 09:13:38AM -0500, Brad Tilley wrote:
The rumor is that they are using CUDA on Nvidia graphics cards with
advanced object oriented C++ and it is so fast that several developers
are considering switching from C to C++ even for the kernel, after
migrating to ZFS and
On Wed, 10 Feb 2010, Mike Williams wrote:
Really, nobody firewalls at multi-Gbps?
yes, people run firewalls on 10G circuits
I am not aware of anyone filtering at 10G who is using off the shelf
hardware, with open source O/S.
Large enterprises use either commercial firewalls, for example
* Diana Eichert deich...@wrench.com [2010-02-11 17:02]:
On Wed, 10 Feb 2010, Mike Williams wrote:
Really, nobody firewalls at multi-Gbps?
yes, people run firewalls on 10G circuits
I am not aware of anyone filtering at 10G who is using off the shelf
hardware, with open source O/S.
I
Alcatel-Lucent do a AA-ISA card plugin module for their 7750 range of
routers. Which enables you to do filtering at 50GB (and scale it up to
800GB) per 12U router.
Having recently investigated this segment for work. Allot,
Sonicwall(which is a Linux Variant) and a few others are running FOSS
On Wed, Feb 10, 2010 at 07:57:44PM +, Mike Williams wrote:
Really, nobody firewalls at multi-Gbps?
I know some folks at NASA that use OpenBSD firewalls that would make
your head spin. And yes, that means multi-Gbps.
--
Jason Dixon
DixonGroup Consulting
http://www.dixongroup.net/
On Thu, 11 Feb 2010 15:26:18 -0500
Jason Dixon ja...@dixongroup.net wrote:
On Wed, Feb 10, 2010 at 07:57:44PM +, Mike Williams wrote:
Really, nobody firewalls at multi-Gbps?
I know some folks at NASA that use OpenBSD firewalls that would make
your head spin. And yes, that means
On 2/11/10 2:46 PM, Henning Brauer wrote:
disk i/o is irrelevant. you will need a very very very fast opengl
capable graphics card with loads of memory of course.
???
I am sure I am missing something big here, but Fast Video Card with
OpenGL for router? Are you trying to look live every
Daniel Ouellet wrote:
On 2/11/10 2:46 PM, Henning Brauer wrote:
disk i/o is irrelevant. you will need a very very very fast opengl
capable graphics card with loads of memory of course.
???
I am sure I am missing something big here, but Fast Video Card with
OpenGL for router? Are you
On Thu, Feb 11, 2010 at 03:07:28PM -0500, Daniel Ouellet wrote:
On 2/11/10 2:46 PM, Henning Brauer wrote:
disk i/o is irrelevant. you will need a very very very fast opengl
capable graphics card with loads of memory of course.
???
I am sure I am missing something big here, but Fast Video
--- On Thu, 2/11/10, Claudio Jeker cje...@diehard.n-r-g.com wrote:
From: Claudio Jeker cje...@diehard.n-r-g.com
Subject: Re: routing and pf at 10Gbps
To: misc@openbsd.org
Received: Thursday, February 11, 2010, 5:24 PM
On Thu, Feb 11, 2010 at 03:07:28PM
-0500, Daniel Ouellet wrote:
On 2/11
On Thu, 2010-02-11 at 23:24 +0100, Claudio Jeker wrote:
So Henning and Oga are working at offloading pf into the graphic card
cores by using the DRI interface. The shader will evaluate the ruleset
and packets in parallel and use the graphic memory for the state table.
Additionally if the speed
On Thursday 11 February 2010 19:46:22 Henning Brauer wrote:
yes, people run firewalls on 10G circuits
I am not aware of anyone filtering at 10G who is using off the shelf
hardware, with open source O/S.
I know of some.
Thanks very much guys, much useful information.
I'll be sure to
On Thursday 11 February 2010 22:24:46 Claudio Jeker wrote:
Henning, I told you, we should not talk about unfinsihed projects.
We planned to announce this in exactly 7 weeks. Anyway, to late, the cat
is out of the bag.
OpenBSD is going to rock in April!
--
Mike Williams
On 11 Feb 2010 at 23:15, Dirk Mast wrote:
Daniel Ouellet wrote:
On 2/11/10 2:46 PM, Henning Brauer wrote:
disk i/o is irrelevant. you will need a very very very fast
opengl
capable graphics card with loads of memory of course.
???
I am sure I am missing something big here, but
On 22:56, Thu 11 Feb 10, Mike Williams wrote:
On Thursday 11 February 2010 19:46:22 Henning Brauer wrote:
yes, people run firewalls on 10G circuits
I am not aware of anyone filtering at 10G who is using off the shelf
hardware, with open source O/S.
I know of some.
Thanks very
On Fri, Feb 12, 2010 at 9:48 AM, System Administrator ad...@bitwise.net wrote:
On 11 Feb 2010 at 23:15, Dirk Mast wrote:
Daniel Ouellet wrote:
On 2/11/10 2:46 PM, Henning Brauer wrote:
disk i/o is irrelevant. you will need a very very very fast
opengl
capable graphics card with loads of
On 12 Feb 2010 at 11:44, Aaron Mason wrote:
On Fri, Feb 12, 2010 at 9:48 AM, System Administrator
ad...@bitwise.net wrote:
On 11 Feb 2010 at 23:15, Dirk Mast wrote:
Daniel Ouellet wrote:
On 2/11/10 2:46 PM, Henning Brauer wrote:
disk i/o is irrelevant. you will need a very very
On Fri, Jan 22, 2010 at 08:12:29PM +, Mike Williams wrote:
Hey all,
I was hoping there are some heavy PF users here, who wouldn't mind sharing
some of their experiences?
So I've watched Hennings talk about PF performance, read the PDF, but I
haven't actually seen anyone saying they
Performance, cheapness, quality. You should choose only two of these.
Do not play with totally-software routers, buy Juniper.
http://praetorianprefect.com/archives/2010/01/juniper-kernel-crash-scapy-code/
On 12/02/2010, at 11:24 AM, Claudio Jeker wrote:
On Thu, Feb 11, 2010 at 03:07:28PM -0500, Daniel Ouellet wrote:
On 2/11/10 2:46 PM, Henning Brauer wrote:
disk i/o is irrelevant. you will need a very very very fast opengl
capable graphics card with loads of memory of course.
???
I am sure
On Thu, Feb 11, 2010 at 10:41:04PM -0800, Bryan Irvine wrote:
Performance, cheapness, quality. You should choose only two of these.
Do not play with totally-software routers, buy Juniper.
http://praetorianprefect.com/archives/2010/01/juniper-kernel-crash-scapy-code/
Really, nobody firewalls at multi-Gbps?
Or have I contravened some convention, in my questions, or wording?
On Friday 22 January 2010 23:55:45 Mike Williams wrote:
I missed two bits of information...
Routing. With only one upstream routing device these would only have one
route, maybe two
Mike Williams wrote:
Really, nobody firewalls at multi-Gbps?
anybody who does firewall at high bandwidth / pps is unlikely to provide
this information freely. also note that you've not made an effort to do
any tests and share them, so it is not surprising that others are not
sharing
On 16:26, Wed 10 Feb 10, Jacob Yocom-Piatt wrote:
Mike Williams wrote:
Really, nobody firewalls at multi-Gbps?
anybody who does firewall at high bandwidth / pps is unlikely to
provide this information freely. also note that you've not made an
effort to do any tests and share them, so it
Hey all,
I was hoping there are some heavy PF users here, who wouldn't mind sharing
some of their experiences?
So I've watched Hennings talk about PF performance, read the PDF, but I
haven't actually seen anyone saying they can, and do, PF at 10Gbps.
Can it?
If so, what actual hardware can? Or
I missed two bits of information...
Routing. With only one upstream routing device these would only have one
route, maybe two (internet, and internal).
A bit of mental gymnastics, ok a calculator, gives something like 400 Kpps.
Which, if my assumptions on packet sizes is right, isn't mind
37 matches
Mail list logo
