dragonflybsd router

Sepherosa Ziehau sepherosa at gmail.com
Mon Aug 26 02:45:43 PDT 2013 

On Wed, Aug 21, 2013 at 10:55 AM, k simon <chio1990 at gmail.com> wrote:

> Hi, Sepherosa,
>      Thanks for your reply.  I'm glad to know Multi FIB probably will be
> supported in the next release cycle, did you have some plan about support
> flow cache, npf or smp friendly pf, and per-cpu statistics, netflow/ipfix
> etc. As a router box, we
>

I am not quite sure about what "flow cache" you mean (pf something?).  We
support ipflow, which is used by fast forwarding and it is lockless MPSAFE.

Mbuf, IPv4 and TCP statistics had been per-cpu even before I joined
DragonFly.  UDP, interface stats and address stats have been per-cpu for
nearly half a year.  As far as I have measured, per-cpu stats do improve
forwarding performance a lot.

Other guys are working on pf or npf; I am currently not involved.


> need a platform with "integrated solution" . Maybe write a roadmap is a
> good start.  I would like to test dfly BSD with real traffic when the next
> version released
>

When multiple routing table is done, I will post to users at .

Best Regards,
sephe

>
> .
>
> Best Regards,
> Simon
>
>
> 在 2013-8-20,下午6:43, Sepherosa Ziehau 写道:
>
>
>
>
> On Tue, Aug 20, 2013 at 4:37 PM, k simon <chio1990 at gmail.com> wrote:
>
>>
>> Hi,list:
>>
>>     I have some linux router/NAT box, each can serve 500-600Kpps traffic.
>> Last week, I observed the ddos attack, it report ipt_netflow sendbuffer
>> overlimit and cpu usage high. So I took a look at BSD family. I've tested
>> freebsd a bit, it have trouble with polling and NIC‘s multi queues, and it
>> have high context switch.
>>     I've searched some posts about dfly's ifpoll  and ifq etc. I really
>> appreciate it. but I can't determine dfly BSD support multi RIB,
>> ng_netflow,  smp friendly pf, flow  etc. And the BIRD route suite can
>> support policy routing and worked fine on
>>
>
> Multiple routing table is not supported yet, it probably will be added in
> the next release cycle, if I or others could find enough time.  Netgraph is
> under BGL, which means it is bad for performance.  ipfw is lockless MPSAFE,
> pf is still under one token (which also causes performance issue).  Basic
> BIRD functionality should just work (no policy routing, since it requires
> multiple routing table support).
>
> Best Regards,
> sephe
>
>
>


-- 
Tomorrow Will Never Die
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dragonflybsd.org/pipermail/users/attachments/20130826/a13f9a95/attachment-0013.html>

More information about the Users mailing list