DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD General

OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 2 Weeks Ago
jjstorm jjstorm is offline
Shell Scout
 
Join Date: Nov 2014
Location: Buenos Aires, AR
Posts: 136
Default User rips OpenBSD as a router

In this article, a certain user claims OpenBSD inferiority to linux when used as router.

However, I would guess that his thoughts are formed from bias and being uninformed.


Quote:
A typical $50 consumer router running OpenWRT will do everything you want except traffic shaping. The cheap consumer stuff all uses slow single-core MIPS CPUs that can only do traffic shaping at tens of megabits and consequently cannot do QoS for a fast DOCSIS or fiber connection. Of course, even if you do go to the trouble of getting an Intel-powered router, you still wouldn't use OpenBSD (or anything other than Linux) for QoS.
Quote:
From a quick skim of the manpages and a few google searches, it looks like pf is a really poor substitute for tc. Without CoDel and friends, OpenBSD can at best implement half of a good QoS system.
Quote:
There's nothing to compare. OpenBSD just plain doesn't have any active queue management. They used to have RED in the altq module, but it's been removed and I haven't found any mention of any other form of support for any of the common AQM algorithms. If it supports anything more advanced than classifying packets into a fixed set of priority queues with fixed packet count limits, it's well-hidden. What functionality is exposed and advertised through their man pages is simply not enough to put together a fully functional QoS system, regardless of how efficient it is with CPU time. There isn't even the theoretical possibility of OpenBSD doing good QoS unless they've got a large amount of complexity hidden and misleadingly glossed over by their documentation. In this case, running a dumb algorithm arbitrarily fast can never compete with the smarter algorithms.
Quote:
Why should I expect OpenBSD to not suffer from the universal problems of overly large queues when they haven't documented any mitigation techniques? I can't even find out how to get OpenBSD to do ECN marking without the now-removed altq module.
Reply With Quote
  #2   (View Single Post)  
Old 2 Weeks Ago
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 5,023
Default

It's a year old comment from someone who formed an opinion based on some Internet searches. While I'm not going to defend or disparage the poster, I can state that QoS is a form of prioritization signaling, but prioritization is not the same thing as bandwidth shaping, even though the two are interrelated.

I can understand the poster's concern regarding "missing" altq knobs. But "always-on" priority queuing was added with OpenBSD 5.1, and the bandwidth shaping system that has been in place since OpenBSD 5.5 replaced altq and its variety of queuing mechanisms and its priority management knobs.

If you are at all concerned you may find Henning Brauer's 2012 presentation helpful. Slides. Video. And if you have detailed questions, you can reach him via Email directly. He's very nice.

Last edited by jggimi; 2 Weeks Ago at 04:13 PM. Reason: clarity
Reply With Quote
  #3   (View Single Post)  
Old 2 Weeks Ago
jjstorm jjstorm is offline
Shell Scout
 
Join Date: Nov 2014
Location: Buenos Aires, AR
Posts: 136
Default

Quote:
Originally Posted by jggimi View Post
It's a year old comment from someone who formed an opinion based on some Internet searches. While I'm not going to defend or disparage the poster, I can state that QoS is a form of prioritization signaling, but prioritization is not the same thing as bandwidth shaping, even though the two are interrelated.

I can understand the poster's concern regarding "missing" altq knobs. But "always-on" priority queuing was added with OpenBSD 5.1, and the bandwidth shaping system that has been in place since OpenBSD 5.5 replaced altq and its variety of queuing mechanisms and its priority management knobs.

If you are at all concerned you may find Henning Brauer's 2012 presentation helpful. Slides. Video. And if you have detailed questions, you can reach him via Email directly. He's very nice.
I am sure OpenBSD will meet and exceed my needs as a router. I happened to run into the article, and I figured I would post it here with the hope of learning some more about OpenBSD as a router, as I will be configuring one soon.
Reply With Quote
  #4   (View Single Post)  
Old 2 Weeks Ago
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 5,023
Default

The only thing to note here is that the poster was clearly not a "user" -- the recommendation to avoid OpenBSD did not come from experience.And, that poster recommended an alternative solution with which the poster was personally familiar.

Of course that poster's opinion was biased. My opinion is biased too, because I have no experience using Linux as a router. Can Linux route? Of course. Can it shape traffic? Yes. Can it queue by priority? Also, yes. Which is why the poster recommended Linux.

So why would anyone choose OpenBSD over Linux for routing?

This last was a rhetorical question, I'm not looking for answers. I expect each of us who chooses to use OpenBSD for a network infrastructure role does so for a multiplicity of reasons. Ask any OpenBSD infrastructure user, and you'll get lots of answers. Simplicity. Risk mitigation. Security. Robust integrated services. Simple governance. High availability solutions with automation....

I'll stop advocating.
Reply With Quote
  #5   (View Single Post)  
Old 2 Weeks Ago
e1-531g e1-531g is offline
Package Pilot
 
Join Date: Mar 2014
Location: Country:Poland;Continent:Europe
Posts: 172
Default

I am not experienced on traffic shaping at all, but AFAIK Linux had problem with shaping IPv6.
https://serverfault.com/questions/45...aping-for-ipv6
I don't know for sure if it is still true, but somebody I know was also complaining about it recently, but maybe he just didn't know how to set up it.
Reply With Quote
  #6   (View Single Post)  
Old 2 Weeks Ago
rocket357's Avatar
rocket357 rocket357 is offline
Real Name: Jonathon
Wannabe OpenBSD porter
 
Join Date: Jun 2010
Location: 127.0.0.1
Posts: 419
Default

The only thing I can say is "if it doesn't meet your needs, use something else". Plain and simple. Linux doesn't have the security track record I require of my software, so I don't use it.

Edit - I still do a fair amount of Linux work at my place of employment. My personal stuff, however, is strictly OpenBSD.
__________________
Linux/Network-Security Engineer by Profession. OpenBSD user by choice.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
OpenBSD compact wireless router jjstorm OpenBSD General 11 4 Weeks Ago 03:48 PM
OpenBSD 5.7 Router Issues Peter_APIIT OpenBSD General 8 18th June 2015 06:31 AM
OpenBSD Router & Wireless AP setup chigurh OpenBSD General 14 7th April 2015 06:56 PM
Replacing 3Com Router with OpenBSD Dr-D OpenBSD General 55 28th June 2011 10:01 PM
Using OpenBSD as a second router paran0iaX OpenBSD Security 32 20th March 2009 04:51 AM


All times are GMT. The time now is 03:51 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2016, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick