dragonflybsd router

Sepherosa Ziehau sepherosa at gmail.com
Tue Aug 20 03:43:53 PDT 2013


On Tue, Aug 20, 2013 at 4:37 PM, k simon <chio1990 at gmail.com> wrote:

>
> Hi,list:
>
>     I have some linux router/NAT box, each can serve 500-600Kpps traffic.
> Last week, I observed the ddos attack, it report ipt_netflow sendbuffer
> overlimit and cpu usage high. So I took a look at BSD family. I've tested
> freebsd a bit, it have trouble with polling and NIC‘s multi queues, and it
> have high context switch.
>     I've searched some posts about dfly's ifpoll  and ifq etc. I really
> appreciate it. but I can't determine dfly BSD support multi RIB,
> ng_netflow,  smp friendly pf, flow  etc. And the BIRD route suite can
> support policy routing and worked fine on
>

Multiple routing table is not supported yet, it probably will be added in
the next release cycle, if I or others could find enough time.  Netgraph is
under BGL, which means it is bad for performance.  ipfw is lockless MPSAFE,
pf is still under one token (which also causes performance issue).  Basic
BIRD functionality should just work (no policy routing, since it requires
multiple routing table support).

Best Regards,
sephe
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dragonflybsd.org/pipermail/users/attachments/20130820/f37ffbd8/attachment-0002.html>


More information about the Users mailing list