Is opnsense available in rasp pi 5?

[Marinas]

Is opnsense available in rasp pi 5 and if not when approximately?

[chemlud]

Hi!

https://forum.opnsense.org/index.php?topic=35828.0

...as close as you will get. ;-)

[Marinoz]

Hi!

https://forum.opnsense.org/index.php?topic=35828.0

...as close as you will get. ;-)

Hello this was my alt before I couldn't access my actual one for a period. I was asking because raspberry pi 5 is different than 4 or 3 as it has a different cpu. I hope that if I buy a rasp 5 it won't be another money waste and that it will work. And BTW, router are switches in most cases. 👍

[connervt]

Routers and switches are technically two different things.  In a home network, what people commonly call a "Router" is actually a combined router, switch, basic firewall and wireless access point.

In the simplest terms/view:
A router connects different networks.
A switch connects devices on a single network, and directs packets to the addressed device.

OPNsense is more accurately a router and firewall.  It does have the ability to also handle LAN switching tasks, but it is more efficiently handled by use of dedicated switch hardware (as OPNsense needs to handle switching tasks by using CPU resources).

[shmerl]

What about managed switches? They run their own OS anyway. Can Opnsense work just for switching purposes or it's not optimized for it?

[Patrick M. Hausen]

It cannot. All packet forwarding is done by the main CPU.

[Marinoz]

It cannot. All packet forwarding is done by the main CPU.

Wdym?

[Patrick M. Hausen]

I answered the question by @shmerl:

Can Opnsense work just for switching purposes or it's not optimized for it?

[shmerl]

It cannot. All packet forwarding is done by the main CPU.

How does it work on real swtiches (something like Mikrotik CRS305-1G-4S+IN), it uses extra hardware to offload the CPU?

[Patrick M. Hausen]

How does it work on real switches (something like Mikrotik CRS305-1G-4S+IN), it uses extra hardware to offload the CPU?

Yes, of course. Switches have packet forwarding hardware that is configured by the proprietary OS running on the switch. The hardware is frequently called the "forwarding plane" while the OS you use for the web or command line  interface that configures this hardware is called the "control plane".

OPNsense does not support any proprietary switch hardware.

[cookiemonster]

It cannot. All packet forwarding is done by the main CPU.

How does it work on real swtiches (something like Mikrotik CRS305-1G-4S+IN), it uses extra hardware to offload the CPU?

This switch/router, depending on which version of OS you use like RouterOS / SwitchOS will behave as switch or router. That OS is optimised to use a discrete switch chip, in this case a Marvell 98DX3236. You see now the main difference, switches have a switch chip.The OS can offload switching packets duties to said chip.
OPN on the other hand is an OS that is not leveraging these chips in a general-purpose amd64 machine that doesn't have them, so it has to do all the switching/forwarding using the CPU as Patrick said.

[shmerl]

OPNsense does not support any proprietary switch hardware.

There are no open specs for ASICs that can do that kind of task? I.e. may be Deciso can develop one and then it can be supported by Opnsense.

[shmerl]

This switch/router, depending on which version of OS you use like RouterOS / SwitchOS will behave as switch or router. That OS is optimised to use a discrete switch chip, in this case a Marvell 98DX3236. You see now the main difference, switches have a switch chip.The OS can offload switching packets duties to said chip.
OPN on the other hand is an OS that is not leveraging these chips in a general-purpose amd64 machine that doesn't have them, so it has to do all the switching/forwarding using the CPU as Patrick said.

I mean if Marvell 98DX3236 has open drivers, how hard is it to add support for it in FreeBSD / Opnsense? Or there are no chips with open drivers like that?

UPDATE:

I see this: https://lore.kernel.org/lkml/20170106041517.9589-1-chris.packham@alliedtelesis.co.nz/T/

[Patrick M. Hausen]

I mean if Marvell 98DX3236 has open drivers, how hard is it to add support for it in FreeBSD / Opnsense? Or there are no chips with open drivers like that?

Exactly. Switching silicon vendors in general demand signing of an NDA so no open source platforms can use these platforms.

Sometimes there are exceptions, but a single particular platform hardly justifies developing an entire new subsystem given the resources a rather small open source project like FreeBSD has at hand. If you want to step in, go ahead  :P

Then for some other platform the vendor might provide a binary "driver" for the switching silicon. But that - as you probably guess - is Linux only if available at all.

And for the large Broadcom, Arista etc. platforms definitely no open source software exists. And that would be the target most attractive for the FreeBSD project since it's mostly about the data centre. A small desktop switch or router plus WiFi access point that will be replaced by the next generation in a year or two is definitely out of the scope or FreeBSD.

There is hardware that routes more than 60 Gbps with OPNsense/FreeBSD so there is no inherent limit in the OS. And router-on-a-stick is an established and well working configuration.

It's just that you won't get support for switching silicon and if that is ever going to change, consumer gear is probably targeted last.

Kind regards,
Patrick

[shmerl]

Well, hopefully something can change for the better. There are open source routers, but I haven't really seen open source switches, especially for home networks (not talking about datacenters) and even more so when it comes to 10 Gbps / SFP+ switches.

May be once AMD embedded CPUs will progress far enough to handle multiple 10 Gbps ports in a small form factor package, there won't be a need for any closed ASICs.