Hey there,

I'm setting up my first OpenBSD box which will be replacing my Netgear router for my dialup router and firewall (using pf) needs.

My question is - what would be better in this situation? The userland ppp (ppp) or the ppp daemon (pppd)? There is not a lot of documentation comparing the two, and the only doc that I have found refers to pppd and pf.

Thoughts?

If your box is dedicated, which for a firewall/router it should be, then you'll find in practice that there's not a whole lot of difference to you. The pppd runs PPP in the kernel and so you won't see an elevated load average all the time. It would appear to be somewhat more efficient (it avoids a lot of context switching). On the other hand, you may find some reason to want the userland PPP (built-in packet filtering, or link-up/down shell scripts or some-such), or the config may turn out to be easier for you.

I've run both of them, and they both worked. I finally had to settle on pppd simply because I needed to run PPPoE (stupid DSL provider) and on OpenBSD, that meant running a userland PPPoE daemon. (Things may have changed now--I haven't run OpenBSD since 3.0; I now run FreeBSD instead and there PPPoE lives in the kernel IP stack.)

Sweet, I'll stick with pppd. From the manpages it has some link up/down scripting capability as well.

I was thinking of FreeBSD (-CURRENT, just so I could get ALTQ shaping and pf), but since current is a moving target, I figured it would be easier to maintain (ie: do as little as possible to it) using OpenBSD.