Thread: linux router connecting to dd-wrt(s) for VPN
View Single Post
  #7 (permalink)  
Old 04-22-2008, 05:44 PM
Digital Mercenary For Honor
Guest
  
Posts: n/a
Default Re: linux router connecting to dd-wrt(s) for VPN
On 2008-04-18 10:55:02 -0400, Balwinder S Dheeman
<bsd.SANSPAM@cto.homelinux.net> said:

> Hum, seems quite distracting to me instead.
>
> FYI, none can beat networking performance, routing and, or firewall
> capabilities of Linux kernel version 2.6 series.
>
> How many small routers and, or so called xDSL modems based on OpenBSD,
> NetBSD and, or FreeBSD are available on the market?
>
> Why the hell *BSD's have so many firewall daemons -- ip6fw, ipfilter,
> ipfw, PF and, or separate ipnatd?


(Gets out the popcorn, definitely flame bait, but it does expose an
industry problem.)

Did you read in my post "whatever OS you chose", or is the only thing
you see a Penguin when you look @ operating systems? Your post
irritated me because it echos a problem in the industry with "OS
fever". OS's and any code-base are tools that are useful in some
circumstances and not others. It's the same damn disease we have in the
industry with Java.

If you knew some TCP/IP history, you'd also know that TCP/IP "came
from" BSD, and every TCP/IP stack in the world owes its heritage to a
bunch of folks @ Berkeley some 30 now almost 40 years ago.

FBSD continues to have a fantastically performing TCP/IP stack - they
did a huge re-write / clean-up of their TCP/IP stack resulting in
amazing performance gains. Innovations abound in Linux as well.

Why do the BSD's have so many firewall - (what?) - they're not daemons,
they're interfaces to a piece of kernel code, with the note-able
exception of ipnatd / divert you mentioned. IMHO, PF just rules
(expressing my own personal opinion). How, in a firewall rule you can
detect DoS / DDoS and auto-firewall stuff is amazing (please don't
bring up the perfect-storm-IP-src-spoof thing, yes, I know, URPF is a
partial solution for this, etc.)

Analyze & embrace everyone's innovation with a careful scrutinizing eye
of what you want or need. "Logo loyalty" is only for closed minds. Each
of the Unices (Linux, FBSD, OBSD, Solaris, Darwin, etc.) has some
special sauce they added and keep adding, thank the ancients we all
think differently, it moves things along.

Grab an old machine, a couple of old ISA NIC cards, download a bunch of
different OS's, and grab a man page, please.

- This message brought to you through a 486-DX133, 32MB RAM, 240MB IDE
HDD OBSD PF-based firewall router - 900 up days and counting...

</roast off>

/dmfh

--
_ __ _
__| |_ __ / _| |_ 01100100 01101101
/ _` | ' \| _| ' \ 01100110 01101000
\__,_|_|_|_|_| |_||_| dmfh(-2)dmfh.cx


Reply With Quote