BSD Now - Episodes Tagged with “Linux Vs Bsd”

58: Behind the Masq

JT Pennington — Wed, 08 Oct 2014 08:00:00 -0400

Coming up this week on the show, we'll be talking to Matt Ranney and George Kola about how they use FreeBSD at Voxer, and how to get more companies to switch over. After that, we'll show you how to filter website ads at the gateway level, using DNSMasq. All this week's news and answers to your emails, on BSD Now - the place to B.. SD.

This episode was brought to you by

Headlines

NetBSD's EuroBSDCon report

This year's EuroBSDCon had the record number of NetBSD developers attending
The NetBSD guys had a small devsummit as well, and this blog post details some of their activities
Pierre Pronchery also talked about EdgeBSD there (also see our interview if you haven't already)
Hopefully this trend continues, and NetBSD starts to have even more of a presence at the conferences ***

Upcoming features in OpenBSD 5.6

OpenBSD 5.6 is to be released in just under a month from now, and one of the developers wrote a blog post about some of the new features
The post is mostly a collection of various links, many of which we've discussed before
It'll be the first version with LibreSSL and many other cool things
We will, of course, have all the details on the day of release
There are some good comments on hacker news about 5.6 as well ***

FreeBSD ARMv8-based implementation

The FreeBSD foundation is sponsoring some work to port FreeBSD to the new ThunderX ARM CPU family
With the potential to have up to 48 cores, this type of CPU might make ARM-based servers a more appealing option
Cavium, the company involved with this deal, seems to have lots of BSD fans
This collaboration is expected to result in Tier 1 recognition of the ARMv8 architecture ***

Updating orphaned OpenBSD ports

We discussed OpenBSD porting over portscout from FreeBSD a while back
Their ports team is making full use of it now, and they're also looking for people to help update some unmaintained ports
A new subdomain, portroach.openbsd.org, will let you view all the ports information easily
If you're interested in learning to port software, or just want to help update a port you use, this is a good chance to get involved ***

Interview - Matt Ranney & George Kola - mjr@ranney.com & george.kola@voxer.com

BSD at Voxer, companies switching from Linux, community interaction

Tutorial

Adblocking with DNSMasq & Pixelserv

News Roundup

GhostBSD 4.0 released

The 4.0 branch of GhostBSD has finally been released, based on FreeBSD 10
With it come all the big 10.0 changes: clang instead of gcc, pkgng by default, make replaced by bmake
Mate is now the default desktop, with different workstation styles to choose from ***

Reports from PF about banned IPs

If you run any kind of public-facing server, you've probably seen your logs fill up with unwanted traffic
This is especially true if you run SSH on port 22, which the author of this post seems to
A lot can be done with just PF and some brute force tables
He goes through some different options for blocking Chinese IPs and break-in attempts
It includes a useful script he wrote to get reports about the IPs being blocked via email ***

NetBSD 6.1.5 and 6.0.6 released

The 6.1 and 6.0 branches of NetBSD got some updates
They include a number of security and stability fixes - plenty of OpenSSL mentions
Various panics and other small bugs also got fixed ***

OpenSSH 6.7 released

After a long delay, OpenSSH 6.7 has finally been released
Major internal refactoring has been done to make part of OpenSSH usable as a library
SFTP transfers can now be resumed
Lots of bug fixes, a few more new features - check the release notes for all the details
This release disables some insecure ciphers by default, so keep that in mind if you connect with legacy clients that use Arcfour or CBC modes ***

Feedback/Questions

54: Luminary Environment

JT Pennington — Wed, 10 Sep 2014 08:00:00 -0400

This week on the show, it's all about Lumina. We'll be giving you a visual walkthrough of the new BSD-exclusive desktop environment, as well as chatting with the main developer. There's also answers to your emails and all the latest news, on BSD Now - the place to B.. SD.

This episode was brought to you by

Headlines

Portscout ported to OpenBSD

Portscout is a popular utility used in the FreeBSD ports infrastructure
It lets port maintainers know when there's a new version of the upstream software available by automatically checking the distfile mirror
Now OpenBSD porters can enjoy the same convenience, as it's been ported over
You can view the status online to see how it works and who maintains what
The developer who ported it is working to get all the current features working on OpenBSD, and added a few new features as well
He decided to fork and rename it a few days later ***

Sysadmins and systemd refugees flocking to BSD

With all the drama in Linux land about the rapid changes to their init system, a lot of people are looking at BSD alternatives
This "you got your Windows in my Linux" article (and accompanying comments) give a nice glimpse into the minds of some of those switchers
Both server administrators and regular everyday users are switching away from Linux, as more and more distros give them no choice but to use systemd
Fortunately, the BSD communities are usually very welcoming of switchers - it's pretty nice on this side! ***

OpenBSD's versioning schemes

Ted Unangst explains the various versioning systems within OpenBSD, from the base to libraries to other included software
In contrast to FreeBSD's release cycle, OpenBSD isn't as concerned with breaking backwards compatibility (but only if it's needed to make progress)
This allows them to innovate and introduce new features a lot more easily, and get those features in a stable release that everyone uses
He also details the difference between branches, their errata system and lack of "patch levels" for security
Some other things in OpenBSD don't have version numbers at all, like tmux
"Every release adds some new features, fixes some old bugs, probably adds a new bug or two, and, if I have anything to say about it, removes some old features." ***

VAXstation 4000 Model 90 booting NetBSD

We found a video of NetBSD booting on a 22 year old VAX workstation, circa 1992
This system has a monstrous 71 MHz CPU and 128MB of ECC RAM
It continues in part two, where we learn that it would've cost around $25,000 when it was released!
The uploader talks about his experiences getting NetBSD on it, what does and doesn't work, etc
It's interesting to see that such old hardware isn't necessarily obsolete just because newer things have come out since then (but maybe don't try to build world on it...) ***

Interview - Ken Moore - ken@pcbsd.org

The Lumina desktop environment

Special segment

Lumina walkthrough

News Roundup

Suricata for IDS on pfSense

While most people are familiar with Snort as an intrusion detection system, Suricata is another choice
This guide goes through the steps of installing and configuring it on a public-facing pfSense box
Part two details some of the configuration steps
One other cool thing about Suricata - it's compatible with Snort rules, so you can use the same updates
There's also another recent post about snort as well, if that's more your style
If you run pfSense (or any BSD) as an edge router for a lot of users, this might be worth looking into ***

OpenBSD's systemd API emulation project

This story was pretty popular in the mainstream news this week
For the Google Summer of Code, a student is writing emulation wrappers for some of systemd's functions
There was consideration from some Linux users to port over the finished emulation back to Linux, so they wouldn't have to run the full systemd
One particularly interesting Slashdot comment snippet: "We are currently migrating a large number (much larger than planned after initial results) of systems from RHEL to BSD - a decision taken due to general unhappiness with RHEL6, but SystemD pushed us towards BSD rather than another Linux distro - and in some cases are seeing throughput gains of greater than 10% on what should be equivalent Linux and BSD server builds. The re-learning curve wasn't as steep as we expected, general system stability seems to be better too, and BSD's security reputation goes without saying."
It will NOT be in the base system - only in ports, and only installed as a dependency for things like newer GNOME that require such APIs
In the long run, BSD will still be safe from systemd's reign of terror, but will hopefully still be compatible with some third party packages like GNOME that insist on using it ***

GhostBSD 4 previewed

The GhostBSD project is moving along, slowly getting closer to the 4 release
This article shows some of the progress made, and includes lots of screenshots and interesting graphical frontends
If you're not too familiar with GhostBSD, we interviewed the lead developer a little while back ***

NetBSD on the Banana Pi

The Banana Pi is a tasty alternative to the Raspberry Pi, with similar hardware specs
In this blog post, a NetBSD developer details his experiences in getting NetBSD to run on it
After studying how the prebuilt Linux image booted, he made some notes and started hacking
Ethernet, one of the few things not working, is being looked into and he's hoping to get it fully supported for the upcoming NetBSD 7.0
They're only about $65 as of the time we're recording this, so it might be a fun project to try ***

Feedback/Questions

42: Devious Methods

JT Pennington — Wed, 18 Jun 2014 08:00:00 -0400

Coming up this week, we'll be showing you how to chain SSH connections, as well as some cool tricks you can do with it. Going along with that theme, we also have an interview with Bryce Chidester about running a BSD-based shell provider. News, emails and cowsay turkeys, on BSD Now - the place to B.. SD.

This episode was brought to you by

Headlines

PIE and ASLR in FreeBSD update

A status update for Shawn Webb's ASLR and PIE work for FreeBSD
One major part of the code, position-independent executable support, has finally been merged into the -CURRENT tree
"FreeBSD has supported loading PIEs for a while now, but the applications in base weren't compiled as PIEs. Given that ASLR is useless without PIE, getting base compiled with PIE support is a mandatory first step in proper ASLR support"
If you're running -CURRENT, just add "WITH_PIE=1" to your /etc/src.conf and /etc/make.conf
The next step is working on the ASLR coding style and getting more developers to look through it
Shawn will also be at EuroBSDCon (in September) giving an updated version of his BSDCan talk about ASLR ***

Misc. pfSense news

Couple of pfSense news items this week, including some hardware news
Someone's gotta test the pfSense hardware devices before they're sold, which involves powering them all on at least once
To make that process faster, they're building a controllable power board (and include some cool pics)
There will be more info on that device a bit later on
On Friday, June 27th, there will be another video session (for paying customers only...) about virtualized firewalls
pfSense University, a new paid training course, was also announced
A single two-day class costs $2000, ouch ***

ZFS stripe width

A new blog post from Matt Ahrens about ZFS stripe width
"The popularity of OpenZFS has spawned a great community of users, sysadmins, architects and developers, contributing a wealth of advice, tips and tricks, and rules of thumb on how to configure ZFS. In general, this is a great aspect of the ZFS community, but I’d like to take the opportunity to address one piece of misinformed advice"
Matt goes through different situations where you would set up your zpool differently, each with their own advantages and disadvantages
He covers best performance on random IOPS, best reliability, and best space efficiency use cases
It includes a lot of detail on each one, including graphs, and addresses some misconceptions about different RAID-Z levels' overhead factor ***

FreeBSD 9.3-BETA3 released

The third BETA in the 9.3 release cycle is out, we're slowly getting closer to the release
This is expected to be the final BETA, next will come the RCs
There have mostly just been small bug fixes since BETA2, but OpenSSL was also updated and the arc4random code was updated to match what's in -CURRENT (but still isn't using ChaCha20)
The FreeBSD foundation has a blog post about it too
There's a list of changes between 9.2 and 9.3 as well, but we'll be sure to cover it when the -RELEASE hits ***

Interview - Bryce Chidester - brycec@devio.us / @brycied00d

Running a BSD shell provider

Tutorial

Chaining SSH connections

News Roundup

My FreeBSD adventure

A Slackware user from the "linux questions" forum decides to try out BSD, and documents his initial impressions and findings
After ruling out PCBSD due to the demanding hardware requirements and NetBSD due to "politics" (whatever that means, his words) he decides to start off with FreeBSD 10, but also mentions trying OpenBSD later on
In his forum post, he covers the documentation (and how easy it makes it for a switcher), dual booting, packages vs ports, network configuration and some other little things
So far, he seems to really enjoy BSD and thinks that it makes a lot of sense compared to Linux
Might be an interesting, ongoing series we can follow up on later ***

Even more BSDCan trip reports

BSDCan may be over until next year, but trip reports are still pouring in
This time we have a summary from Li-Wen Hsu, who was paid for by the FreeBSD foundation
He's part of the "Jenkins CI for FreeBSD" group and went to BSDCan mostly for that
Nice long post about all of his experiences at the event, definitely worth a read
He even talks about... the food ***

FreeBSD disk partitioning

For his latest book series on FreeBSD's GEOM system, MWL asked the hackers mailing list for some clarification
This erupted into a very long discussion about fdisk vs gnop vs gpart
So you don't have to read the 500 mailing list posts, he's summarized the findings in a blog post
It covers MBR vs GPT, disk sector sizes and how to handle all of them with which tools ***

BSD Router Project version 1.51

A new version of the BSD Router Project has been released, 1.51
It's now based on FreeBSD 10-STABLE instead of 10.0-RELEASE
Includes lots of bugfixes and small updates, as well as some patches from pfSense and elsewhere
Check the sourceforge page for the complete list of changes
Bad news... the minimum disk size requirement has increased to 512MB... getting pretty bloated ***