<div dir="ltr"><br><div class="gmail_extra"><br><br><div class="gmail_quote">On Wed, Aug 21, 2013 at 10:55 AM, k simon <span dir="ltr"><<a href="mailto:chio1990@gmail.com" target="_blank">chio1990@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word"><div>Hi, Sepherosa,</div><div> Thanks for your reply. I'm glad to know Multi FIB probably will be supported in the next release cycle, did you have some plan about support flow cache, npf or smp friendly pf, and per-cpu <span style="color:rgb(61,61,61);font-family:Arial,sans-serif;font-size:13px;line-height:18px">statistics,</span> netflow/ipfix etc. As a router box, we </div>
</div></blockquote><div><br></div><div>I am not quite sure about what "flow cache" you mean (pf something?). We support ipflow, which is used by fast forwarding and it is lockless MPSAFE.<br><br></div><div>Mbuf, IPv4 and TCP statistics had been per-cpu even before I joined DragonFly. UDP, interface stats and address stats have been per-cpu for nearly half a year. As far as I have measured, per-cpu stats do improve forwarding performance a lot.<br>
<br></div><div>Other guys are working on pf or npf; I am currently not involved.<br></div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word">
<div>need a platform with "<span style="color:rgb(61,61,61);font-family:Arial,sans-serif;font-size:13px;line-height:18px">integrated </span>solution" . Maybe write a roadmap is a good start. I would like to test dfly BSD with real traffic when the next version released</div>
</div></blockquote><div><br></div>When multiple routing table is done, I will post to users@.<br><br></div><div class="gmail_quote">Best Regards,<br>sephe<br></div><div class="gmail_quote"> <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div style="word-wrap:break-word"><div>.</div><div><br></div><div>Best Regards,</div><div>Simon</div><div><br></div><br><div><div>在 2013-8-20,下午6:43, Sepherosa Ziehau 写道:</div><div><div class="h5"><br><blockquote type="cite">
<div dir="ltr"><br><div class="gmail_extra"><br><br><div class="gmail_quote">On Tue, Aug 20, 2013 at 4:37 PM, k simon <span dir="ltr"><<a href="mailto:chio1990@gmail.com" target="_blank">chio1990@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><br><div style="word-wrap:break-word">Hi,list:<div><br></div><div> I have some linux router/NAT box, each can serve 500-600Kpps traffic. Last week, I observed the ddos attack, it report ipt_netflow sendbuffer overlimit and cpu usage high. So I took a look at BSD family. I've tested freebsd a bit, it have trouble with polling and NIC‘s multi queues, and it have high context switch.</div>
<div> I've searched some posts about dfly's ifpoll and ifq etc. I really appreciate it. but I can't <span style="color:rgb(61,61,61);font-family:Arial,sans-serif;font-size:13px;line-height:18px">determine dfly BSD support multi RIB, ng_netflow, smp friendly pf, flow etc. And the BIRD route suite can support policy routing and worked fine on </span></div>
</div></blockquote><div><br></div><div>Multiple routing table is not supported yet, it probably will be added in the next release cycle, if I or others could find enough time. Netgraph is under BGL, which means it is bad for performance. ipfw is lockless MPSAFE, pf is still under one token (which also causes performance issue). Basic BIRD functionality should just work (no policy routing, since it requires multiple routing table support).<br>
</div><div><br></div><div>Best Regards,<br>sephe<br></div></div></div></div>
</blockquote></div></div></div><br></div></blockquote></div><br><br clear="all"><br>-- <br>Tomorrow Will Never Die
</div></div>