Date: Sun, 7 Dec 2014 12:12:33 +0100 From: Kurt Jaeger <lists@opsec.eu> To: Martin Hanson <greencoppermine@yandex.com> Cc: freebsd-pf@freebsd.org Subject: Why merging recent OpenBSD PF code is not easy (was Re: FOLLOW-UP) Message-ID: <20141207111233.GQ44537@home.opsec.eu> In-Reply-To: <363021417833295@web21g.yandex.ru> References: <363021417833295@web21g.yandex.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi! > Nobody in their right mind would run the current version of PF on > FreeBSD! There was a big discussion on PF this summer, see http://lists.freebsd.org/pipermail/freebsd-current/2014-July/051229.html There are several issues why it can not easily be merged. The one I remember was that the PF code is not suitable for multi-core use. Today's hosts need multicore to keep up with line rates (and I have a bunch of routers speaking BGP4 and running FreeBSD), so something needs to be done in either direction. There is an OpenBSD fork (!): https://www.bitrig.org/ probably because the way OpenBSD handles its issues, and maybe the multicore (vrs. old platform support) is one of them. So please do not consider it an easy problem. It's hard. -- pi@opsec.eu +49 171 3101372 6 years to go !
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20141207111233.GQ44537>