Dragonfly Routers
Bill Hacker
wbh at conducive.org
Tue Feb 19 16:44:39 PST 2008
Dave Hayes wrote:
Bill Hacker <wbh at conducive.org> writes:
Dave Hayes wrote:
Has anyone here tried to use DragonFly BSD as a router where the box had
more than 4 network interfaces? I'm wondering if too many network
interfaces on one machine would have performance issues?
What sort of hardware,
As yet unspecified hardware, which is why I am asking the list. :)
I seem to remember some very old idea that more than 4 network
interfaces on a PCI bus was a Bad Idea(tm).
The PCI bus itself needed a (originally DEC) chipset to 'bridge' each
group of four slots.
Some 'commodity' MB have more than four slots as much for positioning
'fat' cards, such as RAID or VGA with fans, but cannot assign full
resources to all of them at once.
ISTR the IBM specs once listed an RS/6000 as eing expandable to 53 PCI
slots, but doubt anyone has ever done it in anger.
Others cannot have but one or two PCI (Asus was notorious for this), as
they've used up the resources for onboard chipsets.
Many boards have the bridge chip (or function of same) to support
evergrowing arsenals of onboard stuff - but alos use it up 'onboard'.
Ergo *very few* available MB have user-available bridged PCI busses with
more than 4 fully-usable slots.
PCI-X and PCI-e are a whole 'nuther - even more complex - story, but
really fast interfaces (10 Gig-E) can stress the whole I/O
infrastucture, if not CPU and RAM.
I know conventional wisdom suggests specifying an application and
expected load, but in this particular case I don't really know
exact numbers in advance, I can only determine that the load is
on the scale of ~100 machines, and several gigE networks.
'..several GigE *networks*' ?
OS aside, even 'server-grade' or 'carrier grade' MB are not well-suited
to that. They place too many other demands on their I/O channels.
Go for bespoke hardware with fast backplane fabric. 40 GB/s and up, and
dedicated to nothing else but moving the data.
Buy medium to low-end, it is cheap enough to retire for better kit when
need be, and continues to drop in price as capability / functionality
increases. There are rooms full of obsolete high-cost gear all over the
place.
Look for those that do NOT run a *BSD or Linux OS. The closer to
bare-metalloid state-machine, the faster it will run and the less admin
work it will need.
I've run six pci-bus 10/100 NICs as an ipfw(1) bridging router under
FreeBSD 4.8, 1 GHz Celeron, 512 MB PC133 SDRAM with acceptable performance.
Ergo I wouldn't expect DragonFly to take a back seat relative to any of
the other *BSD's - or Linuces.
I'm not bridging, I'm actually routing...so that will take some of the
load off the idea. The downside is I'm routing gigE and I don't want too
much speed to be sacrificed.
Serious router/firewall kit is on a different 'Planet' (or Cisco, or ..)
and better served with an RTOS.
Perhaps. I don't have any data to confirm or deny this, though it seems
reasonable.
Check for reviews and actual benchmarks, whether you want/need multiple
in-built VPN, multiple segmenting et al.
Routing and firewalling is a specialty that has become a very
high-volume hardware/ASIC/RTOS field where any router a PC could at one
time match on speed has become so cheap and flexible off-the-shelf it is
no longer worth the bother to roll yer own *and maintain it* for any
serious throughput.
Bill
More information about the Users
mailing list