Actually, OpenBSD is slightly changing syntax over time, but the changes from a version to another are trivial and easy to implement. The bigest one I can remember was introduced in 4.7 with the changing of the redirection etc.
As for the configuration generation on pfSense - while most of the things on OpenBSD just work, working with another config rarely happens :) What I meant was that he can generate his config on pfSense so he'd have a general idea of what does he need, then rewrite it to work on OpenBSD - could be tricky, but not impossible. A good guide to PF (if not the best) is Peter Hansteen's 'The Book of PF', 2nd edition --> http://nostarch.com/pf2.htm @Chris, are you actually running on 127 degC? NS (now TI) do produce some tough hw! These are my temp stats on the 6501-50 with two WD HDDs in the box: $ sysctl | grep deg hw.sensors.cpu0.temp0=34.00 degC hw.sensors.cpu1.temp0=34.00 degC hw.sensors.acpitz0.temp0=43.00 degC (zone temperature) hw.sensors.acpitz1.temp0=43.00 degC (zone temperature) Best regards, Nikola Gyurov On Tue, Sep 10, 2013 at 9:17 PM, Christopher Hilton <ch...@vindaloo.com> wrote: > > On Sep 10, 2013, at 1:17 PM, Nikola Gyurov <ngyu...@gmail.com> wrote: > >> Hi, >> >> If you don't reqiure custom modifications all the time, no different >> user access to the interface etc. you could just create the pf.conf >> and use it on an OpenBSD installation (this is what I use, other BSDs >> may be fine too). It wouldn't need as much RAM as pfSense. >> >> However, this wouldn't help with the throughput limits. >> > > OpenBSD may or may not be a big help here. The OpenBSD team has done a lot of > work on pf since the version that's in pfsense was released. Some of the work > was performances based and that may be enough to get the job done on net4801 > hardware for you. More on that later. One big change was a pf.conf syntax > change regarding how NAT is handled which happened with OpenBSD 4.5. If you > are using NAT, I would _not_ count on a pfsense generated configuration to > work in OpenBSD 4.5+ > > Otherwise, the news if very good. If my research is correct the OpenBSD team > has gained big performance increases in both their network stack and pf many > of which aren't reflected in pfsense. According to this talk: > > youtube.com/watch?v=VNyBAcO2pIg [20:15] > > they roughly doubled the throughput of pf and their network stack from 28Mbit > / sec to 56Mbit / sec on "low end Soekris" hardware. They don't specify the > hardware beyond "low end Soekris" but when they say low end I assume that > they mean a 45xx or a 48xx. I myself have tested 55xx and 65xx hardware and > find that you can achieve 80 ~ 90 Mbit/sec with OpenBSD on the net5501 with > the standard 100Mbit/s vr interfaces. To go faster you'll need to install a > good Gigabit NIC in the net5501's PCI slot. The net5501 will keep up with the > traffic but in this configuration, with a dual intel em PCI NICs I get lot's > of heat. If the high heat bothers you, save yourself some time and opt for > the net6501 or go for a rack mount chassis and plan on adding a fan. > > $ sysctl -a | grep deg > hw.sensors.nsclpcsio0.temp0=92.00 degC (Remote) > hw.sensors.nsclpcsio0.temp1=127.00 degC (Remote) > hw.sensors.nsclpcsio0.temp2=70.00 degC (Local) > > Hope this helps, > > -- Chris > _______________________________________________ Soekris-tech mailing list Soekris-tech@lists.soekris.com http://lists.soekris.com/mailman/listinfo/soekris-tech
