Bering-uClibc 4.x

From bering-uClibc
Jump to: navigation, search

Overview

Bering-uClibc is one of the branches of the LEAF (Linux Embedded Appliance Framework) project, delivering on LEAF's ambition to provide a secure, feature-rich, customizable embedded Linux network appliance for use in a variety of network topologies. Although it can be used in other ways, its primary goal is as a Internet gateway, BRAS, router, firewall and wireless access point.

Bering-uClibc 4.x is basically Bering-uClibc 3.x brought up to date with the latest versions of the main software components. In particular:

  • The Linux kernel is upgraded from 2.4.x to 2.6.x (current 4.0 version uses longterm 2.6.35 kernel branch).
  • The Shorewall package is upgraded from 3.x to 4.x.
  • The uClibc library is upgraded from 0.9.28 to 0.9.30.

These changes bring both advantages and disadvantages compared to Bering-uClibc 3.x. The main disadvantage is that the distribution is much larger which means it no longer has any chance of being hosted on floppy disk media. The main advantages are:

  • Proper stateful connection tracking for IPv6 is only supported from kernel version 2.6.24 onwards.
  • Fully supported MSI/MSI-X interrupts handling, also supported RPS/RFS - that makes LEAF useful for high-performance routers/BRAS.
  • Kernel-mode PPTP server and client (accel-pptp) will highly improve performance of PPTP data transferring and reduce CPU load.
  • Hardware-specific kernel module loading has been partially automated, resulting in less of a requirement to understand which combination of modules is required on a particular hardware platform.
  • The upgraded version of Shorewall requires a full installation of the Perl interpreter. This makes it possible to run other services which require Perl.


Main Features

The key characteristics of Bering-uClibc 4.x are:

  • Based on a recent release of the Linux Kernel.
  • Runs on industry standard devices with x86 processors.
  • Designed to perform well on relatively low-specification hardware. In particular:
    • The system runs from an in-memory filesystem. Disk storage is only required for booting and for holding configuration settings.
    • The uClibc C library is used in place of the GNU C Library since uClibc is much smaller in size.
    • Considerable use is made of BusyBox utilities as replacements for larger applications.
  • Focussed on providing excellent networking facilities.
  • Designed to have high fault tolerance:
    • There is no writes on HDD/flash during work (except config saving during maintenance) - so power failure will not break file system.
    • Corrupted/erased config file, or even 'rm -rf /' isn't a problem - changes are stored permanently only when user requires that, and reboot will restore all as it was before.
    • Enabled by default watchdog, reboot on kernel panic and kernel soft-lockup detection will help to have minimum downtime of router.
    • Backup scripts will help to restore system state on storage failure/operator mistake.


Development History

First experiments with fresh 2.6.32 kernels are made by Nitr0man in March 2010, and were caused mostly by troubles with new hardware support in 2.4 kernel. Kernel upgrade was not very hard task, and in March first working image with 2.6 kernel was assembled. Team work on Bering-uClibc 4.x started in April 2010, with Nitr0man as the lead developer and contributions from Kapeka, Etitl and davidMbrooke among others. First Alpha release was running in production also in April, and was quite stable. The development was mostly completed by early November 2010, with multiple Alpha test systems running successfully "in production".


Version 4.0 was released 15 May 2011.

Version 4.1 was released 8 October 2011.

Version 4.2 was released 9 March 2012.

Version 4.2.1 was released 13 May 2012.

Version 4.3 was released 28 July 2012.

Version 4.3.1 was released 9 Oct 2012.

Version 4.3.2 was released 9 Dec 2012.

Version 4.3.3 was released 29 Dec 2012.

Version 4.3.4 was released 27 Mar 2013.

Version Changelog

Known Issues

Further Documentation

For further information see: