[CFT] modular kernel config

Bjoern A. Zeeb bzeeb-lists at lists.zabbadoz.net
Wed Feb 22 22:31:41 UTC 2012

On 21. Feb 2012, at 13:35 , Alexander Leidinger wrote:

> You can download from
>  http://www.Leidinger.net/FreeBSD/current-patches/
> The files are
>  - i386_SMALL
>  - i386_SMALL_loader.conf
>  - amd64_SMALL
>  - amd64_SMALL_loader.conf

I only looked at the laoder.conf for amd64 and the only comment I have is that I do not have the time to wait minutes for all individual modules to be loaded.  This is going to be really bad for boot time.

> The new stuff in the kernel config compared to GENERIC is (in order of number of requests from users):
> - IPSEC (+ device enc + IPSEC_NAT_T)

You cannot ship that on by default for non-tecnical reasons in a kernel.  Please do not commit a kernel config that can be booted (no LINT cannot be booted) with these on without consulting appropriate hats upfront.

> - ALTQ
> - IPSTEALTH (disabled in loader.conf)
> - IPFIREWALL_FORWARD (touches every packet, power users which need
>   a bigger PPS but not this feature can recompile the kernel,
>   discussed with julian@)
> - FLOWTABLE (disabled in loader.conf)

Which is not the same as it's not 100% disabled and will still allocate memory.

Bjoern A. Zeeb                                 You have to have visions!
   It does not matter how good you are. It matters what good you do!

More information about the freebsd-stable mailing list