Skip to main content.

Episode 061: IPSECond Wind


Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent

This episode was brought to you by

iXsystems - Enterprise servers and storage for open sourceTarsnap - online backups for the truly paranoid


BSD panel at Phoenix LUG

  • The Phoenix, Arizona Linux users group had a special panel so they could learn a bit more about BSD
  • It had one FreeBSD user and one OpenBSD user, and they answered questions from the organizer and the people in the audience
  • They covered a variety of topics, including filesystems, firewalls, different development models, licenses and philosophy
  • It was a good "real world" example of things potential switchers are curious to know about
  • They closed by concluding that more diversity is always better, and even if you've got a lot of Linux boxes, putting a few BSD ones in the mix is a good idea

Book of PF signed copy auction

  • Peter Hansteen (who we've had on the show) is auctioning off the first signed copy of the new Book of PF
  • All the profits from the sale will go to the OpenBSD Foundation
  • The updated edition of the book includes all the latest pf syntax changes, but also provides examples for FreeBSD and NetBSD's versions (which still use ALTQ, among other differences)
  • If you're interested in firewalls, security or even just advanced networking, this book is a great one to have on your shelf - and the money will also go to a good cause
  • Michael Lucas has challenged Peter to raise more for the foundation than his last book selling - let's see who wins
  • Pause the episode, go bid on it and then come back!

FreeBSD Foundation goes to EuroBSDCon

  • Some people from the FreeBSD Foundation went to EuroBSDCon this year, and come back with a nice trip report
  • They also sponsored four other developers to go
  • The foundation was there "to find out what people are working on, what kind of help they could use from the Foundation, feedback on what we can be doing to support the FreeBSD Project and community, and what features/functions people want supported in FreeBSD"
  • They also have a second report from Kamil Czekirda
  • A total of $2000 was raised at the conference

OpenBSD 5.6 released

  • Note: we're doing this story a couple days early - it's actually being released on November 1st (this Saturday), but we have next week off and didn't want to let this one slip through the cracks - it may be out by the time you're watching this
  • Continuing their always-on-time six month release cycle, the OpenBSD team has released version 5.6
  • It includes support for new hardware, lots of driver updates, network stack improvements (SMP, in particular) and new security features
  • 5.6 is the first formal release with LibreSSL, their fork of OpenSSL, and lots of ports have been fixed to work with it
  • You can now hibernate your laptop when using a fully-encrypted filesystem (see our tutorial for that)
  • ALTQ, Kerberos, Lynx, Bluetooth, TCP Wrappers and Apache were all removed
  • This will serve as a "transitional" release for a lot of services: moving from Sendmail to OpenSMTPD, from nginx to httpd and from BIND to Unbound
  • Sendmail, nginx and BIND will be gone in the next release, so either migrate to the new stuff between now and then or switch to the ports versions
  • As always, 5.6 comes with its own song and artwork - the theme this time was obviously LibreSSL
  • Be sure to check the full changelog (it's huge) and pick up a CD or tshirt to support their efforts
  • If you don't already have the public key releases are signed with, getting a physical CD is a good "out of bounds" way to obtain it safely
  • Here are some cool images of the set
  • After you do your installation or upgrade, don't forget to head over to the errata page and apply any patches listed there

Interview - John-Mark Gurney - / @encthenet

Updating FreeBSD's IPSEC stack

News Roundup

Clang in DragonFly BSD

  • As we all know, FreeBSD got rid of GCC in 10.0, and now uses Clang almost exclusively on i386/amd64
  • Some DragonFly developers are considering migrating over as well, and one of them is doing some work to make the OS more Clang-friendly
  • We'd love to see more BSDs switch to Clang/LLVM eventually, it's a lot more modern than the old GCC most are using

reallocarray(): integer overflow detection for free

  • One of the less obvious features in OpenBSD 5.6 is a new libc function: "reallocarray()"
  • It's a replacement function for realloc(3) that provides integer overflow detection at basically no extra cost
  • Theo and a few other developers have already started a mass audit of the entire source tree, replacing many instances with this new feature
  • OpenBSD's explicit_bzero was recently imported into FreeBSD, maybe someone could also port over this too

Switching from Linux blog

  • A listener of the show has started a new blog series, detailing his experiences in switching over to BSD from Linux
  • After over ten years of using Linux, he decided to give BSD a try after listening to our show (which is awesome)
  • So far, he's put up a few posts about his initial thoughts, some documentation he's going through and his experiments so far
  • It'll be an ongoing series, so we may check back in with him again later on

Owncloud in a FreeNAS jail

  • One of the most common emails we get is about running Owncloud in FreeNAS
  • Now, finally, someone made a video on how to do just that, and it's even jailed
  • A member of the FreeNAS community has uploaded a video on how to set it up, with lighttpd as the webserver backend
  • If you're looking for an easy way to back up and sync your files, this might be worth a watch


Mailing List Gold

  • All the tutorials are posted in their entirety at
  • The OpenBSD router, dpb, PXE autoinstall and patched ISO building tutorials have all been updated for 5.6
  • Send questions, comments, show ideas/topics, or stories you want mentioned on the show to - tell us how we're doing or what you'd like to see in future episodes
  • You can usually watch live Wednesdays at 2:00PM Eastern (18:00 UTC), but...
  • We'll be in California at MeetBSD next week, so there will be a prerecorded episode
  • Speaking of conferences, the event has gotten a few more BSD speakers - check it out if you're in London on November 25th

Latest News

Two Year Anniversary


We're quickly approaching our two-year anniversary, which will be on episode 105. To celebrate, we've created a unique t-shirt design, available for purchase until the end of August. Shirts will be shipped out around September 1st. Most of the proceeds will support the show, and specifically allow us to buy...

New discussion segment


We're thinking about adding a new segment to the show where we discuss a topic that the listeners suggest. It's meant to be informative like a tutorial, but more of a "free discussion" format. If you have any subjects you want us to explore, or even just a good name...

How did you get into BSD?


We've got a fun idea for the holidays this year: just like we ask during the interviews, we want to hear how all the viewers and listeners first got into BSD. Email us your story, either written or a video version, and we'll read and play some of them for...

EuroBSDCon 2014


As you might expect, both Allan and Kris will be at EuroBSDCon this year. They'll be busy hunting down various BSD developers and forcing them to do interviews, but don't hesitate to say hi if you're a listener!...

Episode 164: Virtualized COW / PI?


Direct Download:VideoHD VideoMP3 AudioOGG AudioTorrent This episode was brought to you by Headlines vmm enabled VMM, the OpenBSD hypervisor, has been imported into current It has similar hardware requirements to bhyve, a Intel Nehalem or newer CPU with the hardware virtualization features enabled in the BIOS AMD support has not been started yet OpenBSD is the...

Episode 163: Return of the Cantrill


Direct Download:VideoHD VideoMP3 AudioOGG AudioTorrent This episode was brought to you by Headlines FreeBSD 11.0-RELEASE Now Available FreeBSD 11.0-RELEASE is now officially out. A last minute reroll to pickup OpenSSL updates and a number of other security fixes meant the release was a little behind schedule, and shipped as 11.0-RELEASE-p1, but the release is better...

Episode 162: The Foundation of NetBSD


Direct Download:VideoHD VideoMP3 AudioOGG AudioTorrent This episode was brought to you by Headlines What is new on EC2 for FreeBSD 11.0-RELEASE “FreeBSD 11.0-RELEASE is just around the corner, and it will be bringing a long list of new features and improvements — far too many for me to list here. I think there are...

Episode 161: The BSD Bromance


Direct Download:VideoHD VideoMP3 AudioOGG AudioTorrent This episode was brought to you by Headlines EuroBSDCon 2016 Wrapup Ollivier Robert’s Photos from EuroBSDCon Get your BSDNow die-cut stickers NetBSD for newbies - Develop your own Power PC We don’t get to feature too many stories on NetBSD being deployed as a Power PC (Not PowerPC, you...