On 2020-06-23, Daniel Ouellet <dan...@presscom.net> wrote: > OpenBSD does run on some old Cisco routers, it's been done before. Sure > it's not officially supported nor does it support all the various > interfaces but it's known to work on some. > > I am trying to dig up a dmesg showing it too. > > Plus Cisco have some firewall type of device that are over price PC that > can run OpenBSD. > > Here is an example using the4 old Cisco IDS-4215 > > https://komlositech.wordpress.com/2018/12/30/revive-a-cisco-ids-into-a-capable-openbsd-firewall/ > > I was just curious as to what stage it might be now.
That's just someone reusing janky old hardware that is being thrown out, there is no particular effort to support it on the OpenBSD side. > I am not saying it make sense to do really power wise for sure. > > May be Juniper instead as Juniper is based on FreeBSD anyway and it's an > over price PC with specialize network cards. (; Ok more then that, but > you get the picture I think. they're devices with network forwarding ASICs that happen to use a FreeBSD system as the control plane (and are moving to Linux now but I digress).. networking on the control plane is really limited and only meant for management, beyond that you need to interface with the special hardware. >> On Tue, Jun 23, 2020 at 5:03 PM Daniel Ouellet <dan...@presscom.net> wrote: >>> >>> I also know there was effort and some Cisco router can run OpenBSD very >>> well, however I have no clue as to any of this stand now. Not really "effort" or "very well" ;) >>> I don't have a problem to use APU type or other Ubiquit for small >>> OpenBSD router, but I wonder about using Cisco instead. The only reason >>> is for may be more stability, most likely less performance for sure, but >>> less change to have corrupted reboot on power lost, etc. That is nonsense, "corrupted reboot on power lost" isn't down to the hardware, it's OS/configuration - running OpenBSD on such hardware won't help unless you make a custom system that avoids live writes to the storage devices or at least reduce the risk with sync mounts etc (see recent misc@ thread). >>> And sadly for some customers having what they see as computer as router >>> don't make them fell good, Now that is true ... >>> but seeing a Cisco box kind of wipe out the >>> impression. paint the chassis blue-green and put a sticker on it? ;) >>> I am not saying it's justify, but perception is sometime >>> everything, but if I have my say in it I want all my routers to be >>> OpenBSD as much as I can where the needs is not to multiple Gb in speed. >>> >>> So, any suggestion or updates as to what's now available and hopefully >>> in use now. Have a look through https://www.supermicro.com/en/products/embedded/servers / https://www.supermicro.com/en/products/embedded/rackmount and you'll find quite a few things that give the perception "solid custom network device" rather than either "repurposed server" or "cisco junk, well past it's sell-by date, <$100 on ebay" - things like these https://www.supermicro.com/en/products/system/1U/1019/SYS-1019D-FRN8TP.cfm https://www.supermicro.com/en/products/system/1U/5019/SYS-5019D-4C-FN8TP.cfm (some equipment from other vendors will fit the bill too, but supermicro is a lot easier to buy from than portwell etc). >>> I just have no clue if wireguard needs to be run, what can be achieve as >>> the CPU in all Cisco device is always under power, we all know that. Wireguard performance is pretty good even on relatively weak CPUs but the 20-year-old Celeron in that Cisco thing is ... well ... let's just say it's going to struggle to forward at 100Mb/s *without* encryption.
