From owner-freebsd-stable@FreeBSD.ORG Mon Jun 16 19:51:54 2014 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4946C49B for ; Mon, 16 Jun 2014 19:51:54 +0000 (UTC) Received: from secure.freebsdsolutions.net (secure.freebsdsolutions.net [69.55.234.48]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2B2752789 for ; Mon, 16 Jun 2014 19:51:53 +0000 (UTC) Received: from [10.10.1.198] (office.betterlinux.com [199.58.199.60]) (authenticated bits=0) by secure.freebsdsolutions.net (8.14.4/8.14.4) with ESMTP id s5GJpcLp094295 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Mon, 16 Jun 2014 15:51:41 -0400 (EDT) (envelope-from john@jnielsen.net) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.2\)) Subject: Re: Suggestions for low-power gigE firewall? From: John Nielsen In-Reply-To: <20140615090845.GB42502@server.rulingia.com> Date: Mon, 16 Jun 2014 13:51:45 -0600 Content-Transfer-Encoding: quoted-printable Message-Id: References: <20140613121732.GA61092@behemoth> <20140615090845.GB42502@server.rulingia.com> To: Peter Jeremy X-Mailer: Apple Mail (2.1878.2) X-DCC-MGTINTERNET-Metrics: ns1.jnielsen.net 1170; Body=3 Fuz1=3 Fuz2=3 X-Virus-Scanned: clamav-milter 0.97.8 at ns1.jnielsen.net X-Virus-Status: Clean Cc: Chris Nehren , FreeBSD stable X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Jun 2014 19:51:54 -0000 On Jun 15, 2014, at 3:08 AM, Peter Jeremy wrote: > On 2014-Jun-13 08:17:33 -0400, Chris Nehren = wrote: >> Speaking of Soekris elsethread, I'm presently interested in >> picking up a small device to use as a router + firewall for my >> home network. >=20 > One thing to keep in mind is that 'gigE firewall' is fairly = meaningless by > itself. Most of the load is per-packet and GigE could be anywhere = between > (roughly) 80kpps and 1.5mpps. >=20 > That said, since you mention 'home network', I presume you don't need = complex > packet manipulation at wire-speed. Note that whilst the re(4) driver = doesn't > have the same comments as the rl(4) driver, you will still need = significantly > more CPU power to get the same thruput from a RTL8111 as (eg) an em. I recently built a low-power FreeBSD box with this board: = http://www.ecs.com.tw/ECSWebSite/Product/Product_Detail.aspx?DetailID=3D14= 99 The onboard re(4) NIC needs a patch[1] (present in 10-STABLE but not = 10.0-RELEASE) to function properly. Otherwise it's been a smooth ride. It only has one onboard NIC but expansion options include PCI-e (mini = and full) and USB 3.0. I have enjoyed using pcengines' Alix boards in the past, but wanted more = memory for this application than the new APU boards support. JN [1] http://svnweb.freebsd.org/base?view=3Drevision&revision=3D262391