Re: Defending OpenBSD Performance

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: Daniel Ouellet

Subject: Re: Defending OpenBSD Performance

Date: Tuesday, September 15, 2009 - 10:12 am

>> If I may ask here. One thing that would be nice for the records is to  
quoted text>> get a little bit more details on your setup doing that if you have no  
>> problem providing it obviously. Specially the PF configuration tie to  
>> this bgp router as well may well be very educating to many.
> 
> it doesn't run pf.

Interesting! I always thought that a minimum of PF was in use.

So, if I may ask, how you do some minimum like:

  ip verify unicast source reachable-via any

for announcement to you from multiple BGP sources or even:

  ip verify unicast source reachable-via rx

for announcement from a single and uniq bgp source then?

Or do you even do this?

No right or wrong answer, just curious?

No ban of not valid or spoof IP block then?

Or may be black hole? Or do you even bother with it and just let it be?

What about letting in only valid destination IP's or letting out valid 
originating IP's out then? No filter for it at all as no PF is there to 
do this?

Again not any tricky question, just wonder of what best practice then 
some may use bgp for their network, not only for one bgp feed obviously.

I obviously wrongly assume there was a minimum of PF in use as well, 
witch I see I was wrong to think so. I thought PF was use to validate 
traffic, letting only valid IP's in/out and not accepting range of not 
valid BGP announcement as well. Is there a way to do this that I may 
obviously have miss by not doing it via PF?

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Re: Defending OpenBSD Performance, Florian Fuessl, (Mon Sep 14, 7:31 am)

Defending OpenBSD Performance, Tom Smith, (Mon Sep 14, 10:39 am)

Re: Defending OpenBSD Performance, STeve Andre', (Mon Sep 14, 10:44 am)

Re: Defending OpenBSD Performance, Lars Nooden, (Mon Sep 14, 10:46 am)

Re: Defending OpenBSD Performance, tico, (Mon Sep 14, 11:02 am)

Re: Defending OpenBSD Performance, Jose Quinteiro, (Mon Sep 14, 11:02 am)

Re: Defending OpenBSD Performance, Marco Peereboom, (Mon Sep 14, 11:53 am)

Re: Defending OpenBSD Performance, Steve Shockley, (Mon Sep 14, 12:46 pm)

Re: Defending OpenBSD Performance, Marco Peereboom, (Mon Sep 14, 12:57 pm)

Re: Defending OpenBSD Performance, Claudio Jeker, (Mon Sep 14, 1:23 pm)

Re: Defending OpenBSD Performance, frantisek holop, (Mon Sep 14, 4:15 pm)

Re: Defending OpenBSD Performance, Robert, (Mon Sep 14, 4:43 pm)

Re: Defending OpenBSD Performance, Nick Holland, (Mon Sep 14, 5:43 pm)

Re: Defending OpenBSD Performance, Paul de Weerd, (Mon Sep 14, 10:16 pm)

Re: Defending OpenBSD Performance, Claudio Jeker, (Mon Sep 14, 11:41 pm)

Re: Defending OpenBSD Performance, Mic J, (Tue Sep 15, 1:43 am)

Re: Defending OpenBSD Performance, ttw+bsd, (Tue Sep 15, 1:44 am)

Re: Defending OpenBSD Performance, Nick Holland, (Tue Sep 15, 4:47 am)

Re: Defending OpenBSD Performance, Bob Beck, (Tue Sep 15, 5:35 am)

Re: Defending OpenBSD Performance, Henning Brauer, (Tue Sep 15, 5:39 am)

Re: Defending OpenBSD Performance, Marco Peereboom, (Tue Sep 15, 5:51 am)

Re: Defending OpenBSD Performance, Daniel Ouellet, (Tue Sep 15, 7:14 am)

Re: Defending OpenBSD Performance, Henning Brauer, (Tue Sep 15, 7:27 am)

Re: Defending OpenBSD Performance, Stephan A. Rickauer, (Tue Sep 15, 8:03 am)

Re: Defending OpenBSD Performance, Jordi Espasa Clofent, (Tue Sep 15, 8:07 am)

Re: Defending OpenBSD Performance, Henning Brauer, (Tue Sep 15, 8:38 am)

Re: Defending OpenBSD Performance, Henning Brauer, (Tue Sep 15, 8:39 am)

Re: Defending OpenBSD Performance, frantisek holop, (Tue Sep 15, 9:28 am)

Re: Defending OpenBSD Performance, Daniel Ouellet, (Tue Sep 15, 10:12 am)

Re: Defending OpenBSD Performance, Henning Brauer, (Tue Sep 15, 10:31 am)

Re: Defending OpenBSD Performance, Marco Peereboom, (Tue Sep 15, 11:41 am)

Re: Defending OpenBSD Performance, Jacob Meuser, (Tue Sep 15, 11:46 am)

Re: Defending OpenBSD Performance, Bret S. Lambert, (Tue Sep 15, 11:57 am)

Re: Defending OpenBSD Performance, frantisek holop, (Tue Sep 15, 1:02 pm)

Re: Defending OpenBSD Performance, Jacob Yocom-Piatt, (Tue Sep 15, 1:39 pm)

Re: Defending OpenBSD Performance, Bob Beck, (Tue Sep 15, 1:50 pm)

Re: Defending OpenBSD Performance, 4625, (Tue Sep 15, 1:59 pm)

Re: Defending OpenBSD Performance, Cian Brennan, (Tue Sep 15, 2:25 pm)

Re: Defending OpenBSD Performance, Milan Bartoš, (Tue Sep 15, 2:47 pm)

Re: Defending OpenBSD Performance, Ted Unangst, (Tue Sep 15, 3:04 pm)

Re: Defending OpenBSD Performance, Milan Bartoš, (Tue Sep 15, 3:08 pm)

Re: Defending OpenBSD Performance, Bob Beck, (Tue Sep 15, 3:13 pm)

Re: Defending OpenBSD Performance, Ted Unangst, (Tue Sep 15, 3:16 pm)

Re: Defending OpenBSD Performance, Milan Bartoš, (Tue Sep 15, 3:21 pm)

Re: Defending OpenBSD Performance, Aaron Glenn, (Tue Sep 15, 3:37 pm)

Re: Defending OpenBSD Performance, Owain Ainsworth, (Tue Sep 15, 4:06 pm)

Re: Defending OpenBSD Performance, Claudio Jeker, (Tue Sep 15, 4:11 pm)

Re: Defending OpenBSD Performance, Claudio Jeker, (Tue Sep 15, 4:35 pm)

Re: Defending OpenBSD Performance, 4625, (Tue Sep 15, 5:03 pm)

Re: Defending OpenBSD Performance, frantisek holop, (Tue Sep 15, 5:09 pm)

Re: Defending OpenBSD Performance, Travers Buda, (Tue Sep 15, 5:30 pm)

Re: Defending OpenBSD Performance, neal hogan, (Tue Sep 15, 6:10 pm)

Re: Defending OpenBSD Performance, Jacob Meuser, (Tue Sep 15, 7:14 pm)

Re: Defending OpenBSD Performance, Jacob Meuser, (Tue Sep 15, 8:01 pm)

Re: Defending OpenBSD Performance, Bret S. Lambert, (Tue Sep 15, 9:39 pm)

Re: Defending OpenBSD Performance, Aaron Mason, (Tue Sep 15, 9:43 pm)

Re: Defending OpenBSD Performance, Rod Whitworth, (Tue Sep 15, 9:52 pm)

Re: Defending OpenBSD Performance, Eric Furman, (Wed Sep 16, 12:30 am)

Re: Defending OpenBSD Performance, frantisek holop, (Wed Sep 16, 5:54 am)

Re: Defending OpenBSD Performance, Henning Brauer, (Wed Sep 16, 7:39 am)

Re: Defending OpenBSD Performance, L. V. Lammert, (Wed Sep 16, 8:03 am)

Re: Defending OpenBSD Performance, - Tethys, (Wed Sep 16, 8:29 am)

Re: Defending OpenBSD Performance, Ross Cameron, (Wed Sep 16, 8:58 am)

Re: Defending OpenBSD Performance, Henning Brauer, (Wed Sep 16, 9:37 am)

Re: Defending OpenBSD Performance, - Tethys, (Wed Sep 16, 9:47 am)

Re: Defending OpenBSD Performance, Bob Beck, (Wed Sep 16, 9:52 am)

Re: Defending OpenBSD Performance, Nick Bender, (Wed Sep 16, 10:01 am)

Re: Defending OpenBSD Performance, Daniel Ouellet, (Wed Sep 16, 10:15 am)

Re: Defending OpenBSD Performance, Marco Peereboom, (Wed Sep 16, 10:24 am)

Re: Defending OpenBSD Performance, Otto Moerbeek, (Wed Sep 16, 11:14 am)

Re: Defending OpenBSD Performance, Alvaro Mantilla Gimenez, (Wed Sep 16, 11:18 am)

Re: Defending OpenBSD Performance, Tom Smith, (Wed Sep 16, 11:20 am)

Re: Defending OpenBSD Performance, Duncan Patton a Campbell, (Wed Sep 16, 12:52 pm)

Re: Defending OpenBSD Performance, Cian Brennan, (Wed Sep 16, 12:59 pm)

Re: Defending OpenBSD Performance, Bret S. Lambert, (Wed Sep 16, 1:34 pm)

Re: Defending OpenBSD Performance, Raymond Lillard, (Wed Sep 16, 1:35 pm)

Re: Defending OpenBSD Performance, Christiano Farina Ha ..., (Wed Sep 16, 1:54 pm)

Re: Defending OpenBSD Performance, Bob Beck, (Wed Sep 16, 1:55 pm)

Re: Defending OpenBSD Performance, Bret S. Lambert, (Wed Sep 16, 1:59 pm)

Re: Defending OpenBSD Performance, 4625, (Wed Sep 16, 2:01 pm)

Re: Defending OpenBSD Performance, Christiano Farina Ha ..., (Wed Sep 16, 2:08 pm)

Re: Defending OpenBSD Performance, Marco Peereboom, (Wed Sep 16, 2:14 pm)

Re: Defending OpenBSD Performance, Jacob Meuser, (Wed Sep 16, 2:52 pm)

Re: Defending OpenBSD Performance, 4625, (Wed Sep 16, 2:56 pm)

Re: Defending OpenBSD Performance, 4625, (Wed Sep 16, 2:57 pm)

Re: Defending OpenBSD Performance, Daniel Bolgheroni, (Wed Sep 16, 2:59 pm)

Re: Defending OpenBSD Performance, Dag Richards, (Wed Sep 16, 3:07 pm)

Re: Defending OpenBSD Performance, Jacob Meuser, (Wed Sep 16, 3:42 pm)

Re: Defending OpenBSD Performance, armpit, (Wed Sep 16, 3:56 pm)

Re: Defending OpenBSD Performance, Maurice Janssen, (Wed Sep 16, 4:00 pm)

Re: Defending OpenBSD Performance, 4625, (Wed Sep 16, 4:14 pm)

Re: Defending OpenBSD Performance, Jacob Meuser, (Wed Sep 16, 4:55 pm)

Re: Defending OpenBSD Performance, Bob Beck, (Wed Sep 16, 6:15 pm)

Re: Defending OpenBSD Performance, 4625, (Wed Sep 16, 6:39 pm)

Re: Defending OpenBSD Performance, Amarendra Godbole, (Wed Sep 16, 6:52 pm)

Re: Defending OpenBSD Performance, Carson Harding, (Wed Sep 16, 8:48 pm)

Re: Defending OpenBSD Performance, Bret S. Lambert, (Wed Sep 16, 9:41 pm)

Re: Defending OpenBSD Performance, Jacob Meuser, (Wed Sep 16, 10:11 pm)

Re: Defending OpenBSD Performance, Artur Grabowski, (Thu Sep 17, 12:56 am)

Re: Defending OpenBSD Performance, Cian Brennan, (Thu Sep 17, 1:19 am)

Re: Defending OpenBSD Performance, Stephan A. Rickauer, (Thu Sep 17, 2:43 am)

Re: Defending OpenBSD Performance, frantisek holop, (Thu Sep 17, 5:00 am)

Re: Defending OpenBSD Performance, Marco Peereboom, (Thu Sep 17, 5:03 am)

Re: Defending OpenBSD Performance, Kenneth R Westerback, (Thu Sep 17, 5:05 am)

Re: Defending OpenBSD Performance, Kenneth R Westerback, (Thu Sep 17, 5:15 am)

Re: Defending OpenBSD Performance, Christiano Farina Ha ..., (Thu Sep 17, 5:26 am)

Re: Defending OpenBSD Performance, Christiano Farina Ha ..., (Thu Sep 17, 5:32 am)

Re: Defending OpenBSD Performance, Janne Johansson, (Thu Sep 17, 6:00 am)

Re: Defending OpenBSD Performance, 4625, (Thu Sep 17, 1:35 pm)

Re: Defending OpenBSD Performance, 4625, (Thu Sep 17, 1:36 pm)

Re: Defending OpenBSD Performance, Fred Crowson, (Thu Sep 17, 2:36 pm)

Re: Defending OpenBSD Performance, Jacob Meuser, (Thu Sep 17, 3:08 pm)

Re: Defending OpenBSD Performance, 4625, (Thu Sep 17, 4:59 pm)

Re: Defending OpenBSD Performance, Paul M, (Thu Sep 17, 6:59 pm)

Re: Defending OpenBSD Performance, Alexandre Ratchov, (Fri Sep 18, 6:33 am)

Re: Defending OpenBSD Performance, Alexandre Ratchov, (Fri Sep 18, 7:09 am)

Re: Defending OpenBSD Performance, 4625, (Fri Sep 18, 1:13 pm)

Re: Defending OpenBSD Performance, 4625, (Fri Sep 18, 2:28 pm)

Re: Defending OpenBSD Performance, Jacob Meuser, (Fri Sep 18, 3:30 pm)

Re: Defending OpenBSD Performance, Alexandre Ratchov, (Fri Sep 18, 3:43 pm)

Re: Defending OpenBSD Performance, bofh, (Fri Sep 18, 3:48 pm)

Re: Defending OpenBSD Performance, Bryan Irvine, (Fri Sep 18, 4:36 pm)

Re: Defending OpenBSD Performance, Buzzer, (Fri Sep 18, 5:14 pm)

Re: Defending OpenBSD Performance, Buzzer, (Fri Sep 18, 5:16 pm)

Re: Defending OpenBSD Performance, jean-francois, (Tue Sep 22, 4:04 pm)

Re: Defending OpenBSD Performance, neal hogan, (Tue Sep 22, 5:02 pm)

Re: Defending OpenBSD Performance, armpit, (Wed Sep 23, 11:29 am)

Re: Defending OpenBSD Performance, Tom Smith, (Wed Sep 23, 6:21 pm)

Re: Defending OpenBSD Performance, neal hogan, (Wed Sep 23, 7:33 pm)

Re: Defending OpenBSD Performance, Nick Holland, (Wed Sep 23, 7:54 pm)

Re: Defending OpenBSD Performance, Bryan Irvine, (Wed Sep 23, 11:38 pm)

Re: Defending OpenBSD Performance, Aioanei Rares, (Thu Sep 24, 8:32 am)

Re: Defending OpenBSD Performance, Buzzer, (Thu Sep 24, 1:27 pm)


linux-kernel:
Jesse Barnes	Re: [stable] [BUG][PATCH] cpqphp: fix kernel NULL pointer dereference
Greg KH	[003/136] p54usb: add Zcomax XG-705A usbid
Magnus Damm	[PATCH 03/07] ARM: Use shared GIC entry macros on Realview
Oliver Neukum	Re: [Bug #13682] The webcam stopped working when upgrading from 2.6.29 to 2.6.30
Martin Schwidefsky	Re: [PATCH] optimized ktime_get[_ts] for GENERIC_TIME=y
git:
Junio C Hamano	Re: Some advanced index playing
Jeff King	Re: confusion over the new branch and merge config
Robin Rosenberg	Re: cvs2svn conversion directly to git ready for experimentation
Linus Torvalds	git binary size...
Ævar Arnfjörð Bjarmason	Re: Challenge with Git-Bash
git-commits-head:
Linux Kernel Mailing List	md: move allocation of ->queue from mddev_find to md_probe
Linux Kernel Mailing List	md: raid0: Represent zone->zone_offset in sectors.
Linux Kernel Mailing List	[ARM] S3C24XX: Add gpio_to_irq() facility
Linux Kernel Mailing List	md: raid0_make_request(): Replace local variable block by sector.
Linux Kernel Mailing List	md: Allow md devices to be created by name.
linux-netdev:
kaber	[PATCH 07/12] netfilter: xtables: change hotdrop pointer to direct modification
Gerrit Renker