Hi all! I'm a newbie OpenBSD user, and I'm trying to put two "carped" OpenBSD 4.2 box between a dual 100Mbit/s WAN connection (two uplink providers). OpenBSD boxes should Do various VLAN managing, routing (BGP) and firewalling. I don't need "scrubbing" on all packets, for now.
I put in place two machines, with 1GB of RAM and a XP 2000+ CPU, running on flashes (the / is on flash, but I'm logging to a dedicated machine, on a dedicated NIC, fxp0). So I have three 'em' NICs (one for my side, two for each ISP sides), one fxp for logging and another fxp for CARP. The system runs with stock OpenBSD 4.2 kernel: I tried to put intelligent PF rules in order to get the lowest CPU utilization. I don't have any CPU problem, but an impressive (vmstat -i) amount of interrupts (something like 6000/s on external interfaces), and sometimes the system drop packets, even when way less that 100Mbit/s of bandwidth and trying on ISP hosts. When I swap OpenBSD with a Cisco 12008, everything is fine (no packet loss).. but of course the price tag is not really comparable :D Can you give some hints on using OpenBSD in a medium demanding context like this? Thank you in advance. -- View this message in context: http://www.nabble.com/OpenBSD-for-routing---firewalling-a-100Mbit-s-connection-tf4928708.html#a14106791 Sent from the openbsd user - misc mailing list archive at Nabble.com.
