[PATCH 1/2] realtek: Use firewall4
Birger Koblitz
mail at birger-koblitz.de
Tue Mar 1 13:33:35 PST 2022
Hi,
On 01/03/2022 22:11, Daniel Golle wrote:
> We may need to add a 'switch' DEVICE_TYPE in include/target.mk
> selecting packages relevant for this class of devices.
> ('bridge' or 'ip-full', 'ethtool', ...)Indeed, these devices are really not routers. Let's have the right
packages for them installed, and only those. I have a couple of
the realtek switches in use and none of them is routing anything or
would need a firewall. They are really what they are sold for: smart
switches, very good with VLANs and switching across many ports.
>>
>>> 2. supporting more common use cases out of the box
>>
>> It's just bloat. The flash size is small on many of these devices.
>
> It's rather the very limited performance of the CPU and Ethernet MAC
> used for the CPU port which makes me disregard those (layer-2)
> switches being used for anything else than that.
The RTL93xx based devices are probably a bit more powerful and have layer 3
offload support, but it will take some time until I would trust them at
the edge of a network. At that point probably other packages are needed than
software-based firewalling. So in my opinion, let's drop firewall and DHCP/DNS
server packages.
Cheers,
Birger
More information about the openwrt-devel
mailing list