Language Selection

English French German Italian Portuguese Spanish

Unscrewed; a Story About OpenBSD

Filed under
BSD

If you’re in the packet delivery business, and you’ve never tired OpenBSD, then you’re really missing out. Pretty much everything you care about as a network guy on production networks is configured via a virtual interface. This includes CARP, IPSEC, and all manner of encapsulation and tunneling protocols. This is awesome because all the tools designed to work on interfaces, like tcpdump, work on these virtual interfaces too. So if I want to get a look at my VPN traffic, I can tcpdump enc0.

Which brings up another great point, with OpenBSD, your packet inspection and general network troubleshooting toolbox is way better. Nmap, Argus, sflow, tcpdump, snort, daemonlogger, and etc.. all the best tools are right there on your router if you want them. No need to use a packet tap, because your router is the packet tap.

OpenBSD has myriad built-in daemons for OSPF, BGP, and every other router protocol, as well as application-layer protocol proxies. OpenBSD is by far the fastest, easiest way to setup an ftp proxy that I know of. It also has a kernel-space packet filter called PF, which is crazy feature-rich and and easy to use. If you can console configure an ASA, or are an iptables user, you’ll pick up PF’s syntax in about 15 minutes. All the normal stuff like NAT, redirection, and forwarding are there. Further, PF can do things like policy routing, where you tag packets based on criteria you choose, and then make routing decisions later based on those tags. PF has packet queuing and prioritization built-in, so you can make some classes of traffic more important than others.

Read more

More in Tux Machines

Today in Techrights

Leftovers: OSS

  • Communities of Communities: The Next Era of Open Source Software
    We are now about 20 years into the open source software era. You might think that open source simply means publishing the source code for something useful. While this is correct by definition, the most important component of any open source project is its community and how it works together. Open source projects are not isolated islands. In fact, it’s common for them to depend on each other. As new projects are created, it is also common that members come from related projects to work on something new. Apache Arrow is an example of a new project that worked across many related projects, creating a new community that from the beginning knew it needed to build a community of communities.
  • 9 Open Source Storage Solutions: A Perfect Solution To Store Your Precious Data
    Whatever business nature you have, there must be some precious data which you want to store in a secured place. Finding a right storage solution is always critical for business, especially for small and medium, but what if you get a perfect solution at no cost. There is no doubt that business cant runs without data, but while looking for a solution, you might need to spend a fortune to cover all your storage requirements. Open source tools come as the viable solution where you won’t spend money yet get a suitable solution to store your precious data. And don’t worry we will help you to find one of the best.
  • 15 Open Source Solutions To Setup Your Ecommerce Business
    In the past few years, there is a rapid growth in the online sales. According to a survey, more than 40% people are now shifted to online stores and majorly buying products from their smartphones and tablets. With the expeditious rise in the online marketplace, more business introducing online stores. For the big fishes in the industry, the expenses of setting up an online store is like spending peanuts, but for the small or startups, it appears to be a fortune. The smart move could be open source platforms, to begin with as they are not only free also reliable and scalable. One can set up the online store not only quickly as well as, in future if you want to add some of the functionalities, which are available with only premium, can be done by paying quite a small amount.
  • An Industry First: Teradata Debuts Open Source Kylo to Quickly Build, Manage Data Pipelines
  • MUA++ (or on to thunderbird)
  • OpenSSL Re-Licensing to Apache License v. 2.0

    The OpenSSL project, home of the world’s most popular SSL/TLS and cryptographic toolkit, is changing its license to the Apache License v2.0 (ASL v2). As part of this effort, the OpenSSL team launched a new website and has been working with various corporate collaborators to facilitate the re-licensing process.

Linux Graphics

  • Ubuntu 17.04 Still Hasn't Landed X.Org Server 1.19
    While the Ubuntu 17.04 final release is expected to happen in just over two weeks and the final freeze is quickly approaching, X.Org Server 1.19 has yet to land as anticipated into the Zesty Zapus.
  • NV_fill_rectangle Coming To Gallium3D/Nouveau
    Red Hat developer Lyude Paul is working on OpenGL NV_fill_rectangle support for Gallium3D and the Nouveau driver. Lyude has published a set of six patches for adding GL_NV_fill_rectangle support to Gallium3D and wires it up in the Nouveau NVC0 driver for GM200+ hardware.
  • New Engine Reset Capability Being Worked On For Intel DRM Linux Driver
    Intel's Michael Thierry published the fifth version of these patches on Friday. While there has been GPU reset support within the Intel DRM driver in case of hangs, this new engine-reset support is superior as it can reset a particular engine rather than performing a full GPU reset.
  • Vulkan 1.0.45 Released
    Version 1.0.45 is now the latest version of the Vulkan 1.0 specification.

Development News