PF in kernel or as a module
Volker
volker at vwsoft.com
Sat Jan 27 15:22:18 UTC 2007
On 12/23/-58 20:59, Kevin K. wrote:
> I'm curious if there has been some benchmarking done to compare the two
> methods of enabling PF.
>
> The security debate could be argued to be circumstantial, but I'd like to
> hear from people who use it in production via loaded module, as my only
> experience with PF is building it into the kernel.
I'm managing a bunch of machines all using pf (5.x, 6.x) as a kld
module. I never experienced any problems. As I want to have b/w
control I've compiled ALTQ into the kernel but kldload'ing pf (don't
ask why, it's probably historic from the 5.2 days).
Never done any benchmarking but on the other side I never
experienced any performance problems.
Greetings,
Volker
More information about the freebsd-pf
mailing list