The one thing I wish is that they’d update the actual CPU. Those old AMD CPUs are getting pretty old and can’t handle a saturated 1Gbps link.
Looks like they can, with the right software. Would be interesting to see exactly where the difference lies between Linux/OpenBSD and DANOS/VPP. Looks like they use an Intel technology called “DPDK”, “Data Plane Development Kit” apparently, which allows for more optimized processing of packet routing?
DPDK and NetMap are kernel-bypass technologies. They let you completely bypass the entire kernel network stack and do zero-copy networking from userspace (the NIC DMAs directly to and from userspace-owned memory). Their biggest advantage is letting userspace implement very specialised network stacks. The kernel one has to be sufficiently generic to support all userspace use cases with reasonable performance. If you are just doing packet routing then a DPDK-based system can just parse the packet headers, update (in place) the destination address and port and the checksums, and then prod the NIC to DMA the data out again. This lets you route one packet in a few cycles on a modern CPU.
This looks like a fantastic addition to the PCEngines lineup! I’ve got an APU2 that I love and has been rock solid. Also, not sure if they still do, but when you order from them they used to include some local chocolate in the box :)
Ditto, my APU2 is doing really well. Next time I’m involved at small/med business network setup: I’m going to be recommending a PCengines + OpenWRT, they give me so much less headache than everything else and because they’re x86 they should have a really long software update lifetime. Either that or a SFF computer with multiple network cards and OpenWRT.
(Fun semi-relevant story: recently got the bottom of a VOIP and long-lived TCP connection issue at a few clients’ sites. Traditional no-one-believes-the-bug-is-on-their-side problem that none of the existing companies knew how to investigate. Turns out it was a NAT implementation bug on the ADSL routers. Bug was fixed in a firmware update released a few months after the equipment was installed some ten years ago :P)
Did it involve silently dropping entries from the NAT table without sending an RST to the affected endpoints? Because… I have run into that way too many times, and yet each time it’s completely baffling until I realize “ahhhhh dang it’s this nonsense again”
IIRC: The NAT tables in the router still looked OK. The end points still thought their connection were alive and packets would still flow LAN->WAN, but no longer the other way around. I knew this because SSH sessions would randomly “hang”, but if you manually reconnected then all of your typing into tmux during the hang period would still be there.
Yikes! That’s even worse than I’d thought :(
All the good networking problems are small and sinister :)
NAT is one of things I never expected to break, so it took me a long time to get to the bottom of the problem. It felt very good to finally get rid of the strange, unexplained & arbitrary networking problems it caused (eg logging/reporting appliances mysteriously going offline, phone outages at other sites using different phone systems but same ADSL router, web pages occasionally not loading properly).
There is nothing worse than the magical combination of “strange networking issues” and “parts of this network are controlled by other parties”, I lucked out and the issue was in something I was able to access & fix.