librelist archives

« back to archive

FreeBSD for gateway / router / firewall

FreeBSD for gateway / router / firewall

From:
Bobinson K B
Date:
2014-04-24 @ 08:48
Dear List,

​I have often noticed many of the routers, gateways, firewalls and file
servers (NFS, samba) etc are running using FreeBSD or BSD flavors. ​Though
I have a feeling that its a secure & very responsive system (AFIK an
excellent kernel scheduler does the job) but I have no practical experience.

Can someone in the list with hands on experience share thoughts on the same
?

It will be really helpful as we may need some assistance as well.

--
Thanks and Regards,
Bobinson K B

Re: [ilugcochin] FreeBSD for gateway / router / firewall

From:
Siju George
Date:
2014-04-25 @ 06:15
Hi,

I have been running BSDs for more than 6 years now
This is something I wrote after my first OpenBSD firewall implementation.

http://undeadly.org/cgi?action=article&sid=20041013190823

You have more information about OpenBSD firewall configuration here

http://home.nuug.no/~peter/pf/en/long-firewall.html

Also you can look at a FreeBSD implementation of OpenBSD's Packet Filter in

https://www.pfsense.org

We also had a FreeBSD+Samba replacing a windows NT servers without any of
the hassles of NT server ;-)

At some point of time OpenBSD was the first to detect 120GB hard drives.
So we migrated our backup servers from Debian to OpenBSD+RAIDFRAME
The details of which can be found here,

http://undeadly.org/cgi?action=article&sid=20071109175842
http://openbsd-osnew.blogspot.in/2007/03/software-raid-on-openbsd-using.html

These informations are of antique value only because OpenBSD has deleted
RAIDFRAME from their tree and now uses softraid

http://www.openbsdindia.org/faq/faq14.html#softraid

Later we migrated our Backup Servers from OpenBSD to DragonFlyBSD due to
the benefits of HAMMER file system.

http://leaf.dragonflybsd.org/mailarchive/users/2010-09/msg00083.html

If you download the march issue of BSD Magazine you will find that I have
written the details on how our company uses DragonFly as a backup server.


http://bsdmag.org/magazine/1860-deploying-netbsd-on-the-cloud-using-aws-ec2-march-bsd-issue

From my experience BSDs are more stable, secure and predictable than Linux.
Every BSD has a handbook or FAQ which if you read carefully you will have
no trouble using BSD.
Once you use OpenBSD's PF you will never go back to iptables. It is simple,
versatile & elegant.

Once you jump into the BSD ecosystem you will be surprised to find the no.
of resources available for implementing a particular thing.

--Siju


On Thu, Apr 24, 2014 at 2:18 PM, Bobinson K B <bobinson@gmail.com> wrote:

> Dear List,
>
> ​I have often noticed many of the routers, gateways, firewalls and file
> servers (NFS, samba) etc are running using FreeBSD or BSD flavors. ​Though
> I have a feeling that its a secure & very responsive system (AFIK an
> excellent kernel scheduler does the job) but I have no practical experience.
>
> Can someone in the list with hands on experience share thoughts on the
> same ?
>
> It will be really helpful as we may need some assistance as well.
>
> --
> Thanks and Regards,
> Bobinson K B
>
>
>

Re: [ilugcochin] FreeBSD for gateway / router / firewall

From:
Siju George
Date:
2014-04-25 @ 07:54
On Fri, Apr 25, 2014 at 11:45 AM, Siju George <sgeorge.ml2@gmail.com> wrote:

> Hi,
>
> I have been running BSDs for more than 6 years now
>

Sorry cross checking I find that I have 10+ years working with BSDs

--Siju

Re: [ilugcochin] FreeBSD for gateway / router / firewall

From:
Bobinson K B
Date:
2014-04-26 @ 07:47
Thank you @Siju.

I ended up reading a lot of literature. The swapcache mechanism in
DragonFlyBDS is really interesting. I had tested PostgreSQL with /tmp and
swap (I think so) in the RAM - it was CentOS on EC2. It was not an
extensive testing or so but the result was not positive. It seems DragonFly
has an answer.

Moral of the story: Everyone should RTFM & thanking Siju for making me do
it :-)

- Bobinson K B