On Fri, Apr 06, 2007 at 02:54:03AM -0600, rc wrote: > Let us know if you get this working. I would love to run OpenBSD on > my switches. PF running at wire speed would be beyond awesome. >
Oh please. A managed switch is not even closely able to run PF especially those cheapo Linksys thingis with a massivly under powered ARM CPU with probably a hopping 64M RAM. Switching chips are built for switching packets. They read the mac header and managed switches the vlan header. Expensive Layer 3 switches will read the dest IP header. These infos are used to do a lookup in a CAM table and based on that result forwarding is done. The CPU will only see packets that can not be handled in HW (e.g. because there is no CAM entry). Even the most expensive Cisco/Foundry/Extreme switches have not the CPU power to route or filter packets. Sure you could use a good L3 switch chip and combine it with a modern CPU (amd64 or core 2 duo) but that's an other story. -- :wq Claudio > On 4/6/07, RedShift <[EMAIL PROTECTED]> wrote: > >Sam Fourman Jr. wrote: > >> On 4/5/07, Steve Shockley <[EMAIL PROTECTED]> wrote: > >>> Siju George wrote: > >>> > I wish somebody would design a simple hardware that has 24 or more NIC > >>> > ports ( and of course WiFi ) and processor than can install OpenBSD. > >>> > With PF then I could have a very inexpensive managed switch with ACLS > >>> > for all hosts on the network:-) > >>> > >>> The problem isn't just getting lots of ports on a device (usb could > >>> probably do that), it's getting lots of ports on a device and getting > >>> them all to run at full bandwidth. > >>> > >>> > >> I have been interested for quite some time in making a Switch with > >OpenBSD > >> See this post > >> http://archives.neohapsis.com/archives/openbsd/2007-03/2353.html > >> you may find this interesting > >> > >> Sam Fourman Jr. > >> > > > >I have already done this. In essence a switch is nothing more but a big > >bridge. Ofcourse, with a regular computer you are limited on how many > >ports you can use, and since a switch is made for this goal... > > > >http://www.uclinux.org/ is a collection of patches to run linux without > >an MMU. It does have some restrictions though. > > > >I've tried to analyze the original linksys firmware images, but it's > >just a big heap of binary code. In both images (it has a boot and a > >"software" image) the letters RNTP occur, which could be led to runtop. > >Does anyone know about this runtop software? > > > >Thanks, > > > >Glenn
