Intel doesn't have Dual Core

  • Thread starter Thread starter Ed
  • Start date Start date
I was hardly even thinking of Windows for this purpose. There's Linux of
course, but more appropriately for this purposes would be a real-time OS
like QNX.

My understanding is that nVidia's "hardware" firewall on their latest
nForce chipsets uses a very stripped down part of the Linux firewall
code for this very purpose. I'm not quite sure how much of it is
handled by a dedicated ASIC though and how much is just handled by the
host processor...

Hmm... a Winfirewall anyone? :>
 
Wasn't thinking of using an x86 as a second processor, but as the
primary processor inside these routers. One of the first routers that I
had was an old Dlink 4-port ethernet. I opened it up, and found inside
it was an AMD 186 embedded chip. So x86 has been used inside these
things before. Imagine an Opteron embedded chip instead?

Huh? Why bother with a $100+ Opteron embedded chip when a $2 ARM chip
will do just as well with a fraction of the power consumption? There
really isn't much processor required for most of these firewalls, you
could probably even pull it off without too much trouble on a 16-bit
microcontroller, though a 32-bit one might be preferable. Probably
all you would need could be handled through ucLinux, so software and
development time shouldn't take too much. Something like QNX is
probably overkill (cost wise at least) for such a setup.
 
What are you talking about?

I have it from good sources that the **AA are putting up fake torrents,
like they sometimes do with MP3's so the person who downloads the torrent
thinks they are getting the file which turns out to be a whole lot of
filler. Ok its a slashdot post, which points to an inquirer article, but I
think its a valid statement.

http://slashdot.org/article.pl?sid=05/04/18/1831256&from=rss

When I am talking about Usenet, I am talking about alt.binaries
newsgroups, not just our discussion groups, but the other end of the
spectrum.

In a lot of those groups they post samples of movies, and music that you
can download to determine the quality of the product. If the sample looks
bad you can not download it, thus saving you all the bandwidth, and time.
But with torrents you really do not know the quality until you have the
file in front of you. You don't know if its little johnny in the
backyard, or the material you thought it was. If your curious about what
is being posted on Usenet alt.binaries news groups you might want to
wander over here.

http://www.newzbin.com/

Gnu_Raiz
 
With BitTorrent you are ONLY going to be uploading the files you are
either currently downloading or have just recently downloaded and are
still left as sources for others. Given that the original poster was
using Bittorrent for it's intended purpose (ie distribution of
software he has full legal rights to be downloading), there is
absolutely no RIAA, MPAA or any other **AA organization that could say
anything against him for any reason. It would actually be rather
funny if they tried to bring such a suit to trial since it would
likely result in a whole slew of cases getting thrown out even when
the defendant really was downloading material to which they didn't
have a legal license.
In my experience the real bottleneck is when you get to the internet
providers office and are trying to get to ANY other site. It doesn't
matter if you've got cable or DSL, you end up sharing the same
bandwidth with thousands of other people VERY soon after the
connection leaves your computer.

Good point, I just thought that once it left the local neighborhood hub,
it went to fibre then was carried on the local backbone, according to what
ever bandwidth the isp bought that month. Ok after doing a tcptraceroute I
see your point, but in this one instance I had more bottlenecks near the
destination then the local area.

8 as-3-0.bbr2.Washington1.Level3.net (64.159.1.2) 90.527 ms 98.887 ms 91.534 ms
9 ge-2-1-56.car4.Washington1.Level3.net (4.68.121.175) 98.634 ms
ge-2-1-52.car4.Washington1.Level3.net (4.68.121.111) 99.682 ms 90.541 ms
10 cpr2-gigabitethernet3-2.VirginiaEquinix.savvis.net (208.173.52.77) 102.893 ms 90.449 ms 98.904 ms
11 dcr1-so-4-2-0.Washington.savvis.net (206.24.238.97) 99.771 ms 91.673 ms 100.761 ms
12 dcr2-loopback.SanFranciscosfo.savvis.net (206.24.210.100) 153.742 ms 163.489 ms 153.864 ms
13 bhr1-pos-0-0.SantaClarasc8.savvis.net (208.172.156.198) 154.113 ms 152.604 ms 163.738 ms
14 csr1-ve243.SantaClarasc8.savvis.net (66.35.194.50) 154.846 ms 162.658 ms 163.220 ms
15 66.35.212.174 157.113 ms 164.150 ms 156.592 ms
16 slashdot.org (66.35.250.150) [open] 164.092 ms 156.177 ms 122.846 ms

I munged the first 7 hops to save my identity. Anyway I guess your point
is valid, stupid isp's giving us the shaft and all.
They're overselling it because otherwise it would cost a fortune.
Besides, fiber to home won't do you one bit of good unless your ISPs
upstream pipe is greatly increased, not to mention any other jumps along
the way. I find it VERY rare that the last-mile service is your
limiting factor regardless of what sort of broadband service you use
(dial-up, of course, is another story altogether... but really, who
cares about dial-up in this day and age?!? :> )

The government helps subside some of the projects to get people cable, or
dsl. Now with wifi and talk about city wide wifi networks I hope it drives
costs down. Other countries have it cheaper then the USA, the only
exception might be rural areas. I chock it up to big bad greedy cable
monopolies, and phone companies trying to get every last dime they can.

Have you actually looked at the cost to get dedicated bandwidth? It's
just obscene how much you have to pay, and that just gets you the
bandwidth to some form of backbone. There are still plenty of hops
along the way that could slow things down.

I guess its all in the way you define dedicated, yes its expensive if you
demand x amount of download speed at time x. But google and others seem
to have been able to find the sweet spot. I am sure the local cable
company can secure a pretty good deal if they really cared about their
customers. In the end I think they are trying to do the mostest with the
leastest, just so they can push up profits.
Our local cable internet company (Rogers, known primarily for their
crappy service) has recently decided to put a 60GB up/60GB down cap on
their "unlimited" service. Of course, even before then I know of
several people, myself included, who received e-mailed warnings saying
that our service would be cut off due to excessive bandwidth use on
their "unlimited" service. They justified it by saying the only way we
could use so much bandwidth was by running a server (which I was not
running at the time, I had just downloaded several different Linux
distributions that month to test out). Not surprisingly, I am no longer
I customer of their (either for internet or TV). The ISP I have now has
limits, but they are very definite, upfront and professional about
stating what those limits are and when they apply.

I only had two real choices if you don't count satellite, cable and dsl.
I just switch back to cable from dsl as I got rid of my land phone line,
just for that I was charged about 53 dollars a month. So I decided to get
prepaid cell phones, and I told the phone company to cancel my land line,
but I would like DSL, they said it was a package deal. So I switched to
cable, and installed skype to save money on out going calls while at home
and haven't looked back since. Now with skype offering inbound phone
numbers it looks real tempting to just get rid of the cell phones as well.


Gnu_Raiz
 
Gnu_Raiz said:
I have it from good sources that the **AA are putting up fake torrents,
like they sometimes do with MP3's so the person who downloads the torrent
thinks they are getting the file which turns out to be a whole lot of
filler. Ok its a slashdot post, which points to an inquirer article, but I
think its a valid statement.

If people wouldn't steal, they wouldn't have to worry about getting
caught stealing.
 
Tony said:
Huh? Why bother with a $100+ Opteron embedded chip when a $2 ARM chip
will do just as well with a fraction of the power consumption? There
really isn't much processor required for most of these firewalls, you
could probably even pull it off without too much trouble on a 16-bit
microcontroller, though a 32-bit one might be preferable. Probably
all you would need could be handled through ucLinux, so software and
development time shouldn't take too much. Something like QNX is
probably overkill (cost wise at least) for such a setup.

Because as I've said before in this thread, I don't believe the "$2 ARM
chip" is even close to adequate for the job. I don't believe any of the
current generation of embedded processors and/or DSPs are adequate for
the job anymore. If you look at the array of tasks that's being foisted
upon them, they are quite obviously overloaded. Used to be a time when a
broadband router was just an ethernet router, now it's Ethernet and
WiFi. On top of that, the WiFi requires encrypting. The Ethernet
connection now uses a switching function that is done at the speed of
100Mbps. Let's not forget the most important function of the broadband
router, the NAT firewall. Is it a wonder that we see these routers drop
packets left-right and centre.

yousuf Khan
 
Because as I've said before in this thread, I don't believe the "$2 ARM
chip" is even close to adequate for the job. I don't believe any of the
current generation of embedded processors and/or DSPs are adequate for
the job anymore. If you look at the array of tasks that's being foisted
upon them, they are quite obviously overloaded. Used to be a time when a
broadband router was just an ethernet router, now it's Ethernet and
WiFi. On top of that, the WiFi requires encrypting. The Ethernet
connection now uses a switching function that is done at the speed of
100Mbps. Let's not forget the most important function of the broadband
router, the NAT firewall. Is it a wonder that we see these routers drop
packets left-right and centre.

Perhaps not a $2 ARM, but throw off the layers of windows cruft and there
is a lot of horsepower in embedded processors these days. EN switching and
encryption are trivial processes which can be accellerated in hardware.
Embed the processor on an ASIC and be done with it. A router doesn't have
all *that* much work to do, even at 100Mbps. That's only 12MBps. Even
with four ports (only two streams at this rate) not all that much is
happening. If a dropped packet happens, who's going to notice?
 
That means they would have to release source code with the firewall
drivers. Is it the case? Where have you seen mention of Linux?

They'd only have to release the source of anything that uses the tainted
libraries. Not all Linux device drivers are open source. If they did
release the source it would be a good thing for security (and wouldn't
compormise their IP, I don't think), but I don't see any hard requirement
that they do.
 
keith said:
Perhaps not a $2 ARM, but throw off the layers of windows cruft and there
is a lot of horsepower in embedded processors these days. EN switching and
encryption are trivial processes which can be accellerated in hardware.

There is no Windows cruft inside embedded applications, mostly.
Embed the processor on an ASIC and be done with it. A router doesn't have
all *that* much work to do, even at 100Mbps. That's only 12MBps. Even
with four ports (only two streams at this rate) not all that much is
happening. If a dropped packet happens, who's going to notice?

Well obviously if this were that simple and clearcut, then i wouldn't
have mentioned it. But many of these routers are having a lot of trouble
keeping up with the traffic coming through them.

Yousuf Khan
 
They'd only have to release the source of anything that uses the tainted
libraries. Not all Linux device drivers are open source. If they did
release the source it would be a good thing for security (and wouldn't
compormise their IP, I don't think), but I don't see any hard requirement
that they do.

That means that the hardware reproduces the functionality of iptables?
I don't think nvidia would have a very hard time reproducing it from
scratch. No point in getting tangled up with GPL code (eh, George?).

RM
 
There is no Windows cruft inside embedded applications, mostly.

Sure, but look at the subject again. If you're not going to do Win-cruft
there are far cheaper processors out there. Some are even rather high
performance.
Well obviously if this were that simple and clearcut, then i wouldn't
have mentioned it. But many of these routers are having a lot of trouble
keeping up with the traffic coming through them.

I haven't seen that to be the case. I don't beleive routers are CPU
starved. I'm not sure how you'd tell a dropped packet from loading from
WiFi EMI.
 
That means they would have to release source code with the firewall
drivers. Is it the case? Where have you seen mention of Linux?

Most of the IP and firewall related stuff in Linux is old BSD stuff,
so it's quite possible that they have absolutely no need to release
the source code.

Not all of Linux is covered under the GPL.

Keep in mind also that this is just what I've heard about the nVidia
firewall, I can't verify if the information is correct in any way.
 
Because as I've said before in this thread, I don't believe the "$2 ARM
chip" is even close to adequate for the job. I don't believe any of the
current generation of embedded processors and/or DSPs are adequate for
the job anymore. If you look at the array of tasks that's being foisted
upon them, they are quite obviously overloaded. Used to be a time when a
broadband router was just an ethernet router, now it's Ethernet and
WiFi. On top of that, the WiFi requires encrypting. The Ethernet
connection now uses a switching function that is done at the speed of
100Mbps. Let's not forget the most important function of the broadband
router, the NAT firewall. Is it a wonder that we see these routers drop
packets left-right and centre.

I would tend to disagree, you can get some VERY beefy ARM chips for
pretty darn cheap when buying in large quantities (though I was
exaggerating a bit when I said "$2"). Sure, the requirements are
fairly high, and the encryption might pose slight problems, though I
wouldn't be at all surprised if you can get an ARM chip with an
encryption off-load engine attached. Most of the other stuff is just
a matter of tossing bits around and doesn't really require a huge
amount of processor umph.

Now, mind you, I wouldn't expect most of the low-end routers probably
don't even use a $2 ARM chip. Instead they mostly seem to use ASICs
designed specifically for the job. You actually got me curious enough
that I cracked open my D-Link 522 router (802.11G WiFi + 4 port
ethernet). It uses a Marvel 88W8510 chipset:

http://www.marvell.com/products/wireless/libertas/88W8510.jsp


This chip has, among other things, an embedded ARM9 core, though I
couldn't find many details about the performance of this chip.
Presumably it's not a very high-end core like you would get with a
stand-alone ARM chip.

To go along with this it has a Marvel 88E6060 Ethernet switch chip:

http://www.marvell.com/products/switching/linkstreet/88E6060.jsp


Only other chips in there are a 64Mbit SDRAM chip for ISSI and a Flash
chip from Intel.


This router seems to do the job pretty well, albeit for a fairly
simple network of only 2 PCs (both wired at this stage). Obviously a
more complex setup would require a more powerful design. If you
REALLY need some higher end performance then IBM has a rather nice
line of PowerPC chips designed specifically for this sort of task.
This is what Cisco uses for their routers.
 
I have it from good sources that the **AA are putting up fake torrents,
like they sometimes do with MP3's so the person who downloads the torrent
thinks they are getting the file which turns out to be a whole lot of
filler. Ok its a slashdot post, which points to an inquirer article, but I
think its a valid statement.

http://slashdot.org/article.pl?sid=05/04/18/1831256&from=rss

Did you even *READ* that article? If so, can you please explain to me
how, in ANY possible way, copy protection built into modern releases
of music products has even the slightest connection to a legal
download of Mandrake?

You're not only barking up the wrong tree here, you're not even in the
right forest!
When I am talking about Usenet, I am talking about alt.binaries
newsgroups, not just our discussion groups, but the other end of the
spectrum.

In a lot of those groups they post samples of movies, and music that you
can download to determine the quality of the product. If the sample looks
bad you can not download it, thus saving you all the bandwidth, and time.
But with torrents you really do not know the quality until you have the
file in front of you.

And again, how in the hell does this relate to the full, legal
download of a Mandrake Linux distribution that is seeded directly from
Mandrake themselves?!?!

NOBODY was talking about piracy here, we're talking the fully legal
and original intended use of Bittorrent, ie to allow for the
distribution of large files without draining your websites bandwidth.
 
That means that the hardware reproduces the functionality of iptables?

If that's a problem, dynamically link them. This stull *IS* done, so by
EXISTANCE, it is possible.
I don't think nvidia would have a very hard time reproducing it from
scratch. No point in getting tangled up with GPL code (eh, George?).

Perhaps, but the secrets can easily be hidden in silicon, as long as
the silicon is a given. What do they care if you copy the code?
 
That means that the hardware reproduces the functionality of iptables? I
don't think nvidia would have a very hard time reproducing it from
scratch. No point in getting tangled up with GPL code (eh, George?).

More to the point, why bother with Linux/iptables when OpenBSD/pf (as an
example) is better from both a technical and a licensing point of view?
 
Did you even *READ* that article? If so, can you please explain to me
how, in ANY possible way, copy protection built into modern releases
of music products has even the slightest connection to a legal
download of Mandrake?

I look at it from the point of view that Bittorent is a tool, anytime
someone has a method of reducing your ability to use that tool in my book
is bad. I wish more people would use Bittorent to cut costs, and welcome
any Distro for using it. I thought Slashdot did a good job of bringing
out the fears of people in the threads, no need to go over that, I just
said it was possible. I think my worries are justified, by looking at
this article.
http://www.nypost.com/news/regionalnews/23341.htm

You're not only barking up the wrong tree here, you're not even in the
right forest!

Someone asked a question of what I was talking about and I answered the
question.

They are entitled to their opinion, I don't tell others how to think, or
act and I do not expect them to do the same for me.

And again, how in the hell does this relate to the full, legal download
of a Mandrake Linux distribution that is seeded directly from Mandrake
themselves?!?!

NOBODY was talking about piracy here, we're talking the fully legal and
original intended use of Bittorrent, ie to allow for the distribution of
large files without draining your websites bandwidth.

I never mentioned illegal activities, or Piracy in my post I just pointed
at some of the uses of Usenet. I leave that up to the individual to
decide, I am not here to defend, or attack ones use of Usenet. As I
stated before I feel the same way about Bittorent, Kazza, any other P2P
network. One thing I can't stand is for people who want to reduce the
effectiveness, of the tools I use be it Bittorent, Usenet, or any other
item.


Gnu_Raiz
 
That means that the hardware reproduces the functionality of iptables?
I don't think nvidia would have a very hard time reproducing it from
scratch. No point in getting tangled up with GPL code (eh, George?).

Seems I'm not alone - eh? I think you''re going to see more of this
reluctance to release public detailed specs - there's always been some
motivation to protect IP from the copyists; now you also have to protect
yourself from the patent hi-jackers. Scientific conferences are also
suffering from this phenomenon - nobody wants to present their work
anymore.
 
Did you even *READ* that article? If so, can you please explain to me
how, in ANY possible way, copy protection built into modern releases
of music products has even the slightest connection to a legal
download of Mandrake?

If the means for that legal exploitation of the resource is being polluted
by ??AA-police zealots, I think there is a point here.
You're not only barking up the wrong tree here, you're not even in the
right forest!


And again, how in the hell does this relate to the full, legal
download of a Mandrake Linux distribution that is seeded directly from
Mandrake themselves?!?!

NOBODY was talking about piracy here, we're talking the fully legal
and original intended use of Bittorrent, ie to allow for the
distribution of large files without draining your websites bandwidth.

Is the ??AA use of the resource legal? It's certainly unethical - no less
so than virus distribution, or 800- number abuse. Because they are looking
at the wrong end of the horse when considering the future distribution of
their product, it makes it OK for them to infest our (paid-for) space with
their misguided crap? No I don't think you meant that but there is an
issue here... on who the bandits are.
 
Back
Top