Icon Rufen Sie uns an
+49 441.309197-69 +49 441.309197-69

irc.bytemine.net linked again!

Posted by Felix Kronlage on Wednesday, November 12, 2008

Hooray! Since today irc.bytemine.net is linked to the Subcult IRC network again.

Around couple weeks ago (read this story) the AS the main hub is on, was not announced anymore, thus rendering us unable to reach it.

Since the AS that irc.swissix.ch is on, is still not being announced, us IRC operators have decided to build a new master hub, which is now irc.humppa.ch.

Some trivia along the news: we’re running the Hybrid ircd, and it is about time, I sit down and finish the OpenBSD port of it. One of the nice things with hybrid ircd is, that it is trivial to run the connects to the hub over SSL.

As such, we offer also SSL-based connections to our server. But keep in mind, even using irc with ssl, still allows the admin of the irc-server to peek into memory and read your stuff!

Happy ircing!


Only five days till the local event in Oldenburg

Posted by Felix Kronlage on Monday, November 10, 2008

Where are you going to be the upcoming saturday? Well, we are definitly supporting the local Oldenburg event, 3. Linux Info-Tag Oldenburg. There will be an OpenBSD-related talk by myself, titled: Commercial deployment of OpenBSD.

Of course we will have a bytemine booth as well as an OpenBSD booth. We will have OpenBSD 4.4 CD-Release Sets and all the fan-boy stuff available!

If you feel like hanging out with the byteminers while meeting with other unix/linux people from Oldenburg, join the event!


Schedule for OpenCON 2008 published

Posted by Felix Kronlage on Thursday, November 06, 2008

Finally the schedule for OpenCON 2008 got published. What you can listen to and experience on the last Weekend of November in Venice you can see here.

Like every year quite a few of the OpenBSD developers are giving talks.

OpenCON is a conference solemnly dedicated to OpenBSD. If you have the chance, come to Venice!


OpenBSD 4.4 released!

Posted by Felix Kronlage on Saturday, November 01, 2008

Another half year went by and OpenBSD 4.4 has been released today. Of course this has been already covered by Undeadly as well.

Like every release, it is a big thing to us and Bernd and I are proud to be part of the development team and at the same time want to congratulate Theo and the rest of the OpenBSD team. As with the previous releases there is a theme to this release, you can read more about Trial of the BSD Knights on the lyrics page.

Of course OpenBSD 4.4 is available through our mirror as well. Please remember that buying the CD sets helps the OpenBSD project!

We will have CD sets and T-Shirts at our booth at the 3. Linux-Info Tag Oldenburg for sale as well.

Puffy shot first and see ya for OpenBSD 4.5 in half a year!


Suddenly an AS is not announced anymore (or: how few people kill free services)

Posted by Felix Kronlage on Wednesday, October 22, 2008

So, I come back from a business trip, look at my irc session and am suprised: irc.bytemine.net is not linked with irc.swissix.ch anymore.
In the subcult irc network irc.swissix.ch is the primary hub.

First I thought, that our connection at the site where irc.bytemine.net is hosted, had temporary routing problems and tried to convince our hybrid-ircd to relink with irc.swissix.ch. After receiving many, many timeouts I looked a bit further and noticed that I wasn’t able to reach irc.swissix.ch from any german internet connection. Every packet that hit the first uplink router got dropped.

Today it was confirmed on #swinog that the announcements for the AS irc.swissix.ch is on have been stopped due to a Denial-of-Service attack. Once again it has been proofed that very few people (running DoS) are able to get free services killed. However stopping the AS from being announced is the only real solution to the problem. :(

It is not quite clear yet, when we will be able to relink irc.bytemine.net with the main hub.


KiLux 2008 Countdown

Posted by Bernd Ahlers on Thursday, October 09, 2008

Some miners are currently driving towards Kiel on the A1 autobahn. The Kieler Linux und Open Source Tage exhibition will start tomorrow, featuring a nice bytemine booth. ;) We’re looking forward to meet you there!


Extended Description from Soekris regarding the problems with CF cards

Posted by Felix Kronlage on Friday, September 26, 2008

Recently the errata description for Issue 0006 seems to have been updated. It now lists in much more detail, where the problems come from. Still, it seems rather weird, that all older models, and first generation 5501’s don’t suffer from the problem. We have now contacted our distributor for SiliconSystems CompactFlash cards in order to have a statement by SiliconSystems regarding their CF-standard compliance. Stay tuned.


Upcoming conference: Kieler Linux und Open Source Tage

Posted by Bernd Ahlers on Wednesday, September 17, 2008

Team bytemine will attend the Kieler Linux und Open Source Tage which will happen at the 10th and 11th of October 2008. We will have a booth where we’re going to present some of our products and services. Felix Kronlage will give a talk titled “Commercial deployment of OpenBSD-based products”. At our booth we will also have OpenBSD CDs and T-Shirt merchandise available to help fund the OpenBSD project.

So if you’d like to see the talk or just like to have a chat with some byteminers, we’re looking forward to see you at the conference and our booth.


OpenBSD Network Performance Tests on Soekris and Liantec Hardware

Posted by Markus Müller on Monday, August 04, 2008


Finally, after waiting for more than a year, we got couple of Liantec EMB-5740 prototypes to play with. Since we’ve been selling Soekris systems for years now and lots of customers ask us about performance data, sometimes in comparison to other, similar, hardware solutions, we sat down and compared the Liantec systems to the Soekris 5501-70. This ended as an IPsec performance comparison between the both.


In this test we wanted to determine how much IPSec traffic the Soekris and the Liantec can handle. For comparison, we also made the tests without IPSec.

Test case

The test setup consisted of two workstations (about 1.5Ghz with 512MB memory each) connected via two routers. The first test was done with two Soekris 5501-70, then with the two Liantec boxes. The workstations were running OpenBSD 4.3 default.

To test the throughput of the boxes, we used a tool called iperf. We could have used tcpbench, but that is only available in OpenBSD current (becomes 4.4) and we also wanted to compare our results to 4.3. On server side the iperf was running with “iperf -s -B” and on the client “iperf -c -s1 -t100”. “-s1” makes iperf output every second and “-t100” limits the test to 100 seconds. For IPSec we copied the keys from /etc/isakmpd to the other machine.

Technical comparison

The next table is a small comparison of the technical specification of both boxes:

  Soekris Liantec
CPU 500Mhz (AMD Geode LX single chip processor with CS5536 companion chip) 1000Mhz (VIA Embedded C7-Eden Platform with VIA PadLock Security Engine)
Ram 512MB 512MB
Usb 2 4
VGA 0 1
Ethernet 4×100Mbit 4×1Gbit
RS232 2 2
Heat cold, even under load After some hours very hot
Form factor Slim and small, 19" cases available from Kerberos Fat and heavy; better do not stack because of the heat
Stackable yes preferably not (see above)
Power consumption 8-12 W 25 W (with 2 network cables)
Price 266 EUR (33 EUR for case and power supply) 398 EUR

Dmesg for the Liantec EMB-5740 and Soekris 5501-70


All tests were made with three different kernels. Two were default 4.3 and current (4.4) kernels, the other one was a current kernel without pf. We also did a fourth test with some changed buffer sizes, which we used a current kernel for.


Following a FAQ advice, we also testet some different buffer sizes to increase network performance, i.e. we set sendspace and recvspace to higher values.

  • net.inet.tcp.recvspace=1638465536
  • net.inet.tcp.sendspace=1638465536


Throughput without IPSec

The following chart is just for comparison, to see what throughput is possible without IPSec. There is just one current (4.4) test as it was not possible to put the Liantecs at their limit with our test-setup, so tuning things would have been useless.

As you can see, in this test case the Liantec box is at least twice as fast as the Soekris. But the results are not really repesentative, because the Soekris was at its limit whereas the Liantec was hanging at about 40% of load. That comes from the fact that the two (older)
workstations were not fast enough to fill a Gbit link with packages to put the Liantec at its limit.

Throughput with IPSec

Quite obvious in this chart is, that the Liantec is about twice as fast as the Soekris and that there is just a litte difference between the kernels (see also the next chart). What troubled us is, that while the Soekris has become faster from 4.3 to current, the Liantec box
slowed down a bit.

Throughput increase (with IPSec)

This chart compares the increase of throughput from the Liantec box to the Soekris. It uses the same data as the graph before, just a different layout. As the chart shows, there is just a small increase in throughput by disabling features like pf and tuning some buffers.


While testing we also compared the load of the two boxes, with the following results (everything with IPSec):


  Soekris Liantec
System 96% 97%
Interrupt 2.5% 2%
Idle 1.0% 0.7%
Crypto 96% 96%
Throughput (IPSec) 9.57Mbit 20.1Mbit

current (4.4):

  Soekris Liantec
System 91% 92%
Interrupt 6% 4.5%
Idle 1.5% 2.5%
Crypto 96% 93.5%
Throughput (IPSec) 9.57Mbit 20.4Mbit

The test results are based on the meridian of 5 top(1) graphs.

What is interesting about these comparions is the fact, that the interrupt load has increased from 4.3 to current while system and crypto load decreased. Another remarkable thing is, that there is no scope in throughput with the Soekris, so it is at its limits. On the other
hand it seems to be possible to squeeze some mbits out of the Liantec with some smart tuning.


As mentioned before, the Liantec box became really hot while testing.

$ sysctl -a | grep hw.sensors.lm1.temp
hw.sensors.lm1.temp0=63.00 degC
hw.sensors.lm1.temp1=62.50 degC

Compared to a Soekris:

test@soekris1# sysctl -a | grep hw.sensors.nsclpcsio0.temp
hw.sensors.nsclpcsio0.temp0=124.00 degC (Remote)
hw.sensors.nsclpcsio0.temp1=127.00 degC (Remote)
hw.sensors.nsclpcsio0.temp2=56.00 degC (Local)

test@soekris2$ sysctl -a | grep hw.sensors.nsclpcsio0.temp
hw.sensors.nsclpcsio0.temp0=113.00 degC (Remote)
hw.sensors.nsclpcsio0.temp1=127.00 degC (Remote)
hw.sensors.nsclpcsio0.temp2=51.00 degC (Local)

It is obvious that the results of the Soekris are not correct, so either the Soekris sensor is broken or the OpenBSD driver has bugs.

Problems occured

While testing the Soekris and Liantec boxes some problems occured. First of all, broken Soekris boards suck. One of the test boards was not able to warm-reboot, which can be really annoying while rebooting different kernels.
A problem with the Liantec boxes is, that they are way too hot. You have to put them in a cold place and may not stack them, otherwise they will probably die because of their heat. Additionally putting a cf-card into the Liantec is really annoying. You have to disassemble the whole box, which means you have to screw off the entire case, the cpu heat sink and the mainboard. When you are finished, you can easily put the cf-card into the slot on the bottom of the mainboard and assemble the whole box again. Besides that, the test case could have
been better. For IPSec and Soekris testing the workstations are fast enough, but for Gbit throughput tests they are not.

What to do next

It would be interesting to test some different buffers and sizes (not just net.inet.tcp.{send,recv}space=65536), e.g. net.inet.tcp.mssdflt or net.inet.tcp.sendpsace=32768. Another interesting test would be to further customise the kernel, e.g. throw IPSec out and see how fast it will be. When there is time it also would be nice to test seperate crypto acceleators like the vpn1401 from Soekris engineering, but from what we have heard, they are worthless.


Coming to the conclusion of our tests, what do we gain? The tests showed that it is a better choice to use a generic kernel with default settings instead of a crippled one, because this way you only have a performance lost by a few mbit/s but much less maintainance work.
As mentioned earlier, the Liantec box is at least about twice as fast as the Soekris, but also more expensive. Which one you will buy depends on your needs, both have major advances and disadvances.


OpenBSD based Thinclient

Posted by Bernd Ahlers on Tuesday, July 15, 2008

A while ago, one of our customers had an inquiry regarding good thinclient products which can be used with NoMachine (NX) servers. We actually found a nice thinclient based on VIA Eden. This hardware is shipped with a pre-installed Linux based operating system called “2X” which offers the possibility to connect to different remote terminal services like NX, Citrix, Remote Desktop (RDP) and Virtual Network Computing (VNC).

To get to know the hardware we purchased one unit. At first sight the shipped operating system was okay, yet second looks revealed deficiencies. One shortcoming was the really old NX client version. Another problem for our customer was that this software was built with some proprietary components which couldn’t be replaced by free alternatives easily.

Our client asked us if the shipped operating system can be replaced with an OpenBSD installation and some free programs to connect to the different terminal services. Since the operating system is installed on a compact flash card, used as the harddisk, it was just a matter of replacing this card with an empty one and booting an OpenBSD kernel via the network.

The first installation of OpenBSD 4.3 went quite well. Almost all hardware was detected properly, this is mainly due to the fact that this machine is based on standard PC hardware. Only the graphics card didn’t work with Xorg at first. The problem was that the shipped Via driver doesn’t support the newer graphic chips. We talked to Matthieu Herrb (matthieu@) of the OpenBSD project and he told us that there’s a replacement driver called openChrome which will actually support these chips.

After fixing some compile problems we got the openChrome driver to work on OpenBSD. After creating a small Xorg configuration we plugged one of our 22" displays and it just started with the correct resolution. To get some more test results for this new driver, it went into the official OpenBSD snapshots for some days so users can test this. Matthieu Herrb committed the driver to the -current CVS tree at Jul 12 and made it the default for all Via graphics chips since it’s much better than the old driver. Thanks Matthieu!

In the meantime we developed a basic prototype for an OpenBSD thinclient. The goal was to offer the same features as the shipped operating system does but with open source software only. The first test version that went out to the customer included a really slim window manager, jwm, and opennx to connect to NX servers. Our own tests went quite well (we’re actually using this system on a daily basis) and the initial feedback of our customer was quite well.

Here are some screenshots of our initial prototype:

Screenshot 1
Screenshot 2
Screenshot 3

Older posts: 1 ... 21 22 23