On 7 Mar 2013 at 20:24, David Ruggiero wrote: > I've been using OpenBsd for 8+ years on my main router/firewall (4 > NICs). > Time to upgrade (I'm back on v3.8, yikes). Past time, really. > So....lots to > learn / re-learn here. Have patience. First question: > > I'll be loading 5.2 on a low-power, Atom E640-based box (the Soekris > net6501). That chip has two Hyperthreading cores. Several > net-references > (esp. ca**mel.org ) advocate turning off HTT in the bios when using > OpenBSD > for faster interrupt servicing / task switching latency. > > But....perhaps that advice is pre-5.2, when we got pthreads(3) > support? > What's the best current advice for that kind of one-cpu, > multi-logical-thread system? > > 1) Single processor kernel or multi-processor (smp) kernel? > 2) If the latter, HTT turned on or off? > > Thanks. > Bonnie > >
First thing first, read, read, and re-read the official documentation. Many things changed in the intervening years, in particular, PF configuration syntax has changed a fair bit. Do note that unlike the Linux world where you have to dig for third party "how-to"s, OpenBSD official documentation is very complete and up to date. Which is one of the reasons the website you referenced is frowned upon as most of its "information" is either out of date or simply wrong. That said, the particular point you bring up may still be valid -- much depends on your specific situation. Whether or not to use hyperthreading and multiprocessor (MP) kernel depends on the workload of your firewall. The OpenBSD kernel and network stack still do run only on CPU0, so if all you plan to do is use PF to filter traffic, then you are indeed better off disabling HTT. However, if your firewall is also going to be running a fair amount of userland processes (e.g. your website with db backend) then you may well benefit from multiprocessor support.
