[rescue] RFA: firewall

Mark T. Valites valites at geneseo.edu
Mon Jan 10 16:27:17 CST 2005

On Mon, 10 Jan 2005, Jochen Kunz wrote:

> On Mon, 10 Jan 2005 16:47:26 -0500
> Phil Stracchino <alaric at caerllewys.net> wrote:
> > > The OpenBSD driver for hme does not perform well under a load.
> [...]
> > Yup, I've run into this problem myself trying to use a Classic as a
> > firewall.  I had an le and a hme in the box, and I was actually
> > getting three times as much throughput through the le as I was through
> > the hme.
> NetBSD has no problems with hme(4). At least I didn't see any on my U10.
> NetBSD-current comes with ipf and pf from OpenBSD, so if you don't like
> ipf 4.x that comes with NetBSD-2.0... If you are going with NetBSD-2.0
> remember to update to the latest release-2.0 kernel due to a sparc64 VM
> bug in 2.0.

I've heard the hme card doesn't play too well in OpenBSD, but have never
seen any specifics - does anyone have any more details on the problems
with the hme cards in OpenBSD? I've been running 3.4 with pf at home for a
while and for the most part see zero problems, with the exception of one
site. At this site, ssh connections to machines there require me to first
ssh in, then quit my ssh session and ssh in again - otherwise the first
ssh session hangs. http requests from this site render partially, then
require a reload.

Mark T. Valites
Unix Systems Analyst
Computing & Information Technology
SUNY Geneseo
>--))> >--))>

More information about the rescue mailing list