|
OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below. |
|
Thread Tools | Display Modes |
|
|||
OpenBSD changes
Recently it was announced that OpenBSD 5.2 will be released in November (6 months as usual which is good), however, I wish they would remove the "only 2 remote holes in a heck of a long time" from their website. Very few people are going to run a server, unless it is a firewall, etc., as a base install. If running a web server, app server, etc., it requires additional software.
Beside that, what new piece of technology has been added to OpenBSD lately that keeps it relevant in an ever-changing IT landscape? OpenSMTPD was included in 4.6, and pf is old even though it had a rewrite in 4.7 or 4.8. Looking at FreeBSD they have Jails, Jailsv2, DTrace, zfs, HAST, OFED, Capsicum and much more, functionality that OpenBSD just dismisses as "it creates a security hole." Given the amount of functionality in FreeBSD, the number of exploits tabulated by US-CERT is insignificant compared to OpenBSD. Some commonly known appliances using FreeBSD: Code:
- pfSense, m0n0wall, and FreeNAS open source projects - Juniper JunOS - Nokia CheckPoint IPSO - NetApp ONTAP - Citrix NetScaler - Ironport AsyncOS - KACE Kbox - NETASQ - Isilon - Sandvine SVOS - PlayStation®3 - Netflix Open Connect - TaxiMagic - EdgeWave iPrism - Panasonic VIERA G20 , G25 and VT plasma TVs - Blue Coat ProxySG - Coyote Point Equalizer GX - iXsystems TrueNAS For the record, my firewall, web server and mail server run OpenBSD but am considering a move to FreeBSD because of their active technological development that seems trivial in OpenBSD. OpenBSD has a long list of changes between 5.0 and 5.1 but a lot are bug fixes and minor changes. What I would like is something along the lines of BHyVe, Virtio, LLVM, etc. |
|
|||
HTML Code:
. |L /| .
_ . |\ _| \--+._/| .
||\| Y J ) / |/| ./
|)'( | ` `.'/
-<| __ .-<
| / .-'. `. /-. L___
J \ < \ | | O\|.-'
_J \ .- \/ O | | \ |/
'- -<_. \ .-' `-' L__
__J _ _. >-' )._. |-'
`-|.' /_. \_| /
/.- . _.<
/' /.' .' `\
/L /' |/ _.-'-\
/'J ___.---'\|
|\ .--'
|/`. `-.
/ .-.\
\ ( `\
`\
__ _ _ __ __| | | _ \ _ _ / _|/ _|_ _
/ _` | '_ \ / _` | | |_) | | | | |_| |_| | | |
_ _ | (_| | | | | (_| | | __/| |_| | _| _| |_| |
(_|_) \__,_|_| |_|\__,_| |_| \__,_|_| |_| \__, |
|___/
____ _ _
| _ \ ___ ___| | _____ | |
| |_) / _ \ / __| |/ / __| | |
| _ < (_) | (__| <\__ \ |_|
|_| \_\___/ \___|_|\_\___/ (_)
|
|
|||
daemonfowl, the question you should be answering to yourself is how your response adds to the discourse which has already taken place, & whether your response progresses the discussion forward.
|
|
|||
Quote:
Quote:
Respect to all BSDs .. I find OpenBSD the king of BSDs .. biased ? maybe .. as much as others :-) . |
|
||||
Here is a direct answer to your question.
As others have pointed out, the OpenBSD team is relatively small compared to FreeBSD, and their focus is on security, standards, providing a development platform, cryptography, truly free licensing, etc., etc.. So, the members of the project have made a deliberate choice not to focus on including the latest and greatest technology, especially at the expense of their goals. You may be better served switching to FreeBSD for those purposes, as it is likely you will not find satisfaction in OpenBSD - the folks involved in the project simply do not care as strongly as you.
__________________
That's nothing a couple o' pints wouldn't fix. |
|
|||
I didn't say I don't have satisfaction with OpenBSD. Obviously you missed that I run my proxy server, web server, mail server, and firewall on OpenBSD. My frustration is that I would like to continue using OpenBSD, but with a (1) proxy server, (2) web server, (3) mail server, (4) firewall, (5) everyday FreeBSD laptop, (6) Windows laptop, (7) another old testing laptop, (8) new netbook, there is a clutter problem I'd like to resolve. With Solaris(OpenIndiana, Solaris, OmniOS) Zones or FreeBSD Jails I can consolidate a proxy, web, mail server. I could consolidate all three on one server now, but what would that gain? FreeBSD Jails v2 have problems and I would not use them in production, plus the fact one has to add VIMAGE to the kernel.
I really like OpenSMTPD but it won't build on Solaris. Each time I get past one problem it encounters another. So I could keep my mail server on OpenBSD and then put the others on Solaris, but then server sprawl continues. There are many things I like with OpenBSD, otherwise it wouldn't be my sole Internet prescence solution, but server sprawl is what I am fighting against. |
|
|||
Quote:
Quote:
|
|
||||
Quote:
As for your question on Zones:
Can you implement a production virtualization scheme? Sure. Can you do so with OpenBSD? As a guest, yes, with a limited set of hypervisors. (Virtualized hosting is limited to chroot or emulators.) Is virtualization with OpenBSD of value? Of course, but not, I believe, for consolidation, unless it is to consolidate with non OpenBSD OSes. Have I personally deployed virtualization for consolidation? Yes. Did I dedicate hardware? Yes, for production platforms. Have I ever used shared hardware in production? Yes. I've implemented shared CPUs with dedicated RAM and I/O, where min and max CPU usage could be allocated. I've had mixed performance results with shared CPUs. I've also deployed shared hardware solutions with virtual machines in non-production, such as for laboratories, QA networks, and development environments. Quote:
Last edited by jggimi; 10th September 2012 at 05:54 PM. Reason: typos, clarity |
|
|||
Quote:
(Teacher jggimi , you don't need to apologize for anything .. in fact I must express sincerest apologies to you for the time you've spend and effort you've made schooling me and others.) Finally , Daemonforums rocks !! :-) because the BSDs rock , and so their respective folk .. Last edited by J65nko; 11th September 2012 at 07:28 AM. Reason: fixed the quote ;) |
|
||||
gpatrick,
I didn't miss your mention of your current uses. I was addressing your desire for "something along the lines of BHyVe, Virtio, LLVM, etc." I didn't mean to be dismissive, and I apologize if my response came across that way. What I was trying to say was that OpenBSD may not be the best choice for new technologies, at least from a support point of view. If you were inclined toward development, then that's a different story.
__________________
That's nothing a couple o' pints wouldn't fix. |
|
|||
Quote:
Two names I could remember were vermaden and ocicat, from LQ. Regards. |
|
|||
Quote:
I'm not saying it's unfriendly as it is or anything, more like properly neutral community with individuals. Unnecessary friendliness above neutrality could bring the people w/fanboy-mentality, who are unlikely to contribute anything beyond asking questions with answers already in archives or demanding for XXX or YYY, which according to them would be 'of absolute necessity'. Quote:
Unfriendly? + you're free to implement anything you feel is missing |
|
|||
Quote:
Quote:
Being Very Lucky . |
|
|||
This thread is slowing drifting from the subject of OpenBSD's feature set to the decorum found on this site. All future remarks on decorum should be placed in a new thread, as we try to limit threads to a single topic as directed by the original poster. This is discussed in the forum rules.
Last edited by ocicat; 14th September 2012 at 05:59 PM. Reason: clarity |
|
||||
Quote:
Quote:
A complete set of security, routing, hosting and loadbalancing capabilities come with the default install. With 5.2 two different kinds of webservers and two different name resolvers come installed in base. Additionally you will have the most well-audited and secure operating system you can get your hands on, all for the premium price of free. One feature that is missing is userbase pandering. They are a team of developers that work on what they find useful to them, and on their schedule. That this exists in a working product is nothing short of miraculous, that it is also the most secure operating system makes it astonishing, and the fact that it can be had for free with no GPL restrictions or fees makes it downright humbling.
__________________
Network Firefighter |
|
|||
Quote:
The OpenBSD project is small enough that individual monetary contributions do matter. Be it buying official CD sets, t-shirts, or whatever, the profits support the project. For those who do not make any purchases or make code contributions, what are you doing to help the project continue? |
|
||||
Quote:
My wireframe Puffy shirt is showing it's age; time for a refresh .
__________________
Network Firefighter |
|
||||
two more ways
Excellent list, ai-danno. But there are two more things that are helpful: become a port tester, and then perhaps a port maintainer. Both contributions are worthwhile.
If you're a -current user, subscribe to ports@ and test new revisions of older ports or new ports. You need not test everything; perhaps only those that are of interest to you personally. Use the Port Testing Guide, and respond with your results. You can respond privately or on the ports@ list as you prefer. This is a great way to learn about the ports tree and debugging of individual ports, as well as giving back to the community. --- If you have installed some unported, third party software and think others might have an interest in it, just build a port, using the Porter's Handbook and the Port Testing Guide, and submit it to ports@ for consideration. However, you do need to be clueful about the application build process, the dependency chains, and debugging, so this is not for everyone. And you must be willing to have your Email address published as $MAINTAINER and respond to queries from the community with your support. |
Thread Tools | |
Display Modes | |
|
|