Created by three guys who love BSD, we cover the latest news and have an extensive series of tutorials, as well as interviews with various people from all areas of the BSD community. It also serves as a platform for support and questions. We love and advocate FreeBSD, OpenBSD, NetBSD, DragonFlyBSD and TrueOS. Our show aims to be helpful and informative for new users that want to learn about them, but still be entertaining for the people who are already pros. The show airs on Wednesdays at 2:00PM (US Eastern time) and the edited version is usually up the following day.
Similar Podcasts
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Programming Throwdown
Programming Throwdown educates Computer Scientists and Software Engineers on a cavalcade of programming and tech topics. Every show will cover a new programming language, so listeners will be able to speak intelligently about any programming language.
67: Must Be Rigged
Coming up this week on the show, we've got an interview with Patrick Wildt, one of the developers of Bitrig. We'll find out all the details of their OpenBSD fork, what makes it different and what their plans are going forward. We've also got all the week's news and answers to your emails, on BSD Now - the place to B.. SD. This episode was brought to you by Headlines Bitrig 1.0 released (http://article.gmane.org/gmane.os.bitrig.devel/6) If you haven't heard of it, Bitrig (https://www.bitrig.org/) is a fork of OpenBSD that started a couple years ago According to their FAQ (https://github.com/bitrig/bitrig/wiki/Faq), some of their goals include: only supporting modern hardware and a limited set of CPU architectures, replacing nearly all GNU tools in base with BSD versions and having better virtualization support They've finally announced their first official release, 1.0 This release introduces support for Clang 3.4, replacing the old GCC, along with libc++ replacing the GNU version It also includes filesystem journaling, support for GPT and - most importantly - a hacker-style console with green text on black background One of the developers answered some questions (https://news.ycombinator.com/item?id=8701936) about it on Hacker News too *** Is it time to try BSD? (http://www.technewsworld.com/story/81424.html) Here we get a little peek into the Linux world - more and more people are considering switching On a more mainstream tech news site, they have an article about people switching away from Linux and to BSD People are starting to get even more suspicious of systemd, and lots of drama in the Linux world is leading a whole new group of potential users over to the BSD side This article explores some pros and cons of switching, and features opinions of various users *** Poudriere 3.1 released (https://github.com/freebsd/poudriere/wiki/release_notes_31) One of the first things we ever covered on the show was poudriere (http://www.bsdnow.tv/tutorials/poudriere), a tool with a funny name that's used to build binary packages from FreeBSD ports It's come a long way since then, and bdrewery (http://www.bsdnow.tv/episodes/2014_07_16-network_iodometry) and bapt (http://www.bsdnow.tv/episodes/2014_01_01-eclipsing_binaries) have just announced a new major version This new release features a redesigned web interface to check on the status of your packages There are lots of new bulk building options to preserve packages even if some fail to compile - this makes maintaining a production repo much easier It also introduces a useful new "pkgclean" subcommand to clean out your repository of packages that aren't needed anymore, and poudriere keeps it cleaner by default as well now Check the full release notes for all the additions and bug fixes *** Firewalling with OpenBSD's pf and pfsync (https://www.youtube.com/watch?v=mN5E2EYJnrw) A talk by David Gwynne from an Australian conference was uploaded, with the subject matter being pf and pfsync He uses pf to manage 60 internal networks with a single firewall The talk gives some background on how pf originally came to be and some OpenBSD 101 for the uninitiated It also touches on different rulesets, use cases, configuration syntax, placing limits on connections, ospf, authpf, segregating VLANs, synproxy handling and a lot more The second half of the presentation focuses on pfsync and carp for failover and redundancy With two BSD boxes running pfsync, you can actually patch your kernel and still stay connected to IRC *** Interview - Patrick Wildt - patrick@bitrig.org (mailto:patrick@bitrig.org) / @bitrig (https://twitter.com/bitrig) The initial release of Bitrig News Roundup Infrastructural enhancements at NYI (http://freebsdfoundation.blogspot.com/2014/12/the-freebsd-cluster-infrastructural.html) The FreeBSD foundation put up a new blog post detailing some hardware improvements they've recently done Their eastern US colocation is hosted at New York Internet, and is used for FTP mirrors, pkgng mirrors, and also as a place for developers to test things There've been fourteen machines purchased since July, and now FreeBSD boasts a total of sixty-eight physical boxes there This blog post goes into detail about how those servers are used and details some of the network topology *** The long tail of MD5 (http://www.tedunangst.com/flak/post/the-long-tail-of-MD5) Our friend Ted Unangst is on a quest to replace all instances of MD5 in OpenBSD's tree with something more modern In this blog post, he goes through some of the different areas where MD5 still lives, and discovers how easy (or impossible) it would be to replace Through some recent commits, OpenBSD now uses SHA512 in some places that you might not expect Some other places (https://www.marc.info/?l=openbsd-cvs&m=141763065223567&w=4) require a bit more care… *** DragonFly cheat sheet (http://www.dragonflybsd.org/varialus/) If you've been thinking of trying out DragonFlyBSD lately, this might make the transition a bit easier A user-created "cheat sheet" on the website lists some common answers to beginner questions The page features a walkthrough of the installer, some shell tips and workarounds for various issues At the end, it also has some things that new users can get involved with to help out *** Experiences with an OpenBSD laptop (http://alxjsn.com/unix/openbsd-laptop/) A lot of people seem to be interested in trying out some form of BSD on their laptop, and this article details just that The author got interested in OpenBSD mostly because of the security focus and the fact that it's not Linux In this blog post, he goes through the steps of researching, installing, configuring, upgrading and finally actually using it on his Thinkpad He even gives us a mention as a good place to learn more about BSD, thanks! *** PC-BSD Updates (http://lists.pcbsd.org/pipermail/testing/2014-December/009638.html) A call for testing of a new update system has gone out Conversion to Qt5 for utils has taken place *** Feedback/Questions Chris writes in (http://slexy.org/view/s2ihSmjpLu) AJ writes in (http://slexy.org/view/s20JXhXS6o) Dan writes in (http://slexy.org/view/s21hfeWB2K) Jeff writes in (http://slexy.org/view/s2k6SmuDGB) *** Mailing List Gold Over 440% faster (https://www.marc.info/?l=openbsd-tech&m=141775233603723&w=2) The (https://lists.freebsd.org/pipermail/freebsd-pf/2014-December/007528.html) PF (https://lists.freebsd.org/pipermail/freebsd-pf/2014-December/007529.html) conundrum (https://lists.freebsd.org/pipermail/freebsd-pf/2014-December/007543.html) (edit: Allan misspoke about PF performance during this segment, apologies.) Violating (https://www.marc.info/?l=openbsd-cvs&m=141807513728073&w=4) bad standards (https://www.marc.info/?l=openbsd-tech&m=141807224826859&w=2) apt-get rid of systemd (https://www.marc.info/?l=openbsd-misc&m=141798194330985&w=2) ***
66: Conference Connoisseur
This week on the show, we'll be talking with Paul Schenkeveld, chairman of the EuroBSDCon foundation. He tells us about his experiences running BSD conferences and how regular users can get involved too. We've also got answers to all your emails and the latest news, coming up on BSD Now - the place to B.. SD. This episode was brought to you by Headlines More BSD presentation videos (https://www.meetbsd.com/) The MeetBSD video uploading spree continues with a few more talks, maybe this'll be the last batch Corey Vixie, Web Apps in Embedded BSD (https://www.youtube.com/watch?v=Pbks12Mqpp8) Allan Jude, UCL config (https://www.youtube.com/watch?v=TjP86iWsEzQ) Kip Macy, iflib (https://www.youtube.com/watch?v=P4FRPKj7F80) While we're on the topic of conferences, AsiaBSDCon's CFP was extended (https://twitter.com/asiabsdcon/status/538352055245492226) by one week This year's ruBSD (https://events.yandex.ru/events/yagosti/rubsd14/) will be on December 13th in Moscow Also, the BSDCan call for papers (http://lists.bsdcan.org/pipermail/bsdcan-announce/2014-December/000135.html) is out, and the event will be in June next year Lastly, according to Rick Miller, "A potential vBSDcon 2015 event is being explored though a decision has yet to be made." *** BSD-powered digital library in Africa (http://peercorpsglobal.org/nzegas-digital-library-becomes-a-reality/) You probably haven't heard much about Nzega, Tanzania, but it's an East African country without much internet access With physical schoolbooks being a rarity there, a few companies helped out to bring some BSD-powered reading material to a local school They now have a pair of FreeNAS Minis at the center of their local network, with over 80,000 books and accompanying video content stored on them (~5TB of data currently) The school's workstations also got wiped and reloaded with FreeBSD, and everyone there seems to really enjoy using it *** pfSense 2.2 status update (https://blog.pfsense.org/?p=1486) With lots of people asking when the 2.2 release will be done, some pfSense developers decided to provide a status update 2.2 will have a lot of changes: being based on FreeBSD 10.1, Unbound instead of BIND, updating PHP to something recent, including the new(ish) IPSEC stack updates, etc All these things have taken more time than previously expected The post also has some interesting graphs showing the ratio of opened and close bugs for the upcoming release *** Recommended hardware threads (https://www.reddit.com/r/BSD/comments/2n8wrg/bsd_on_mini_itx/) A few threads on caught our attention this week, all about hardware recommendations for BSD setups In the first one, the OP asks about mini-ITX hardware to run a FreeBSD server and NAS Everyone gave some good recommendations for low power, Atom-based systems The second thread (https://www.marc.info/?t=141694918800006&r=1&w=2) started off asking about which CPU architecture is best for PF on an OpenBSD router, but ended up being another hardware thread For a router, the ALIX, APU and Soekris boards still seem to be the most popular choices, with the third (https://www.reddit.com/r/homelab/comments/24m6tj/) and fourth (https://www.reddit.com/r/PFSENSE/comments/2nblgp/) threads confirming this If you're thinking about building your first BSD box - server, router, NAS, whatever - these might be some good links to read *** Interview - Paul Schenkeveld - freebsd@psconsult.nl (mailto:freebsd@psconsult.nl) Running a BSD conference News Roundup From Linux to FreeBSD - for reals (https://www.reddit.com/r/freebsd/comments/2nqa60/) Another Linux user is ready to switch to BSD, and takes to Reddit for some community encouragement (seems to be a common thing now) After being a Linux guy for 20(!) years, he's ready to switch his systems over, and is looking for some helpful guides to transition In the comments, a lot of new switchers offer some advice and reading material If any of the listeners have some things that were helpful along your switching journey, maybe send 'em this guy's way *** Running FreeBSD as a Xen Dom0 (http://wiki.xenproject.org/wiki/FreeBSD_Dom0) Continuing progress has been made to allow FreeBSD to be a host for the Xen hypervisor This wiki article explains how to run the Xen branch of FreeBSD and host virtual machines on it Xen on FreeBSD currently supports PV guests (modified kernels) and HVM (unmodified kernels, uses hardware virtualization features) The wiki provides instructions for running Debian (PV) and FreeBSD (HVM), and discusses the features that are not finished yet *** HardenedBSD updates and changes (http://hardenedbsd.org/article/shawn-webb/2014-11-18/aout-and-null-mapping-support-removal) a.out is the old executable format for Unix The name stands for assembler output, and was coined by Ken Thompson as the fixed name for output of his PDP-7 assembler in 1968 FreeBSD, on which HardenedBSD is based, switched away from a.out in version 3.0 A restriction against NULL mapping was introduced in FreeBSD 7 (https://www.freebsd.org/security/advisories/FreeBSD-EN-09:05.null.asc) and enabled by default in FreeBSD 8 However, for reasons of compatibility, it could be switched off, allowing buggy applications to continue to run, at the risk of allowing a kernel bug to be exploited HardenedBSD has removed the sysctl, making it impossible to run in ‘insecure mode’ Package building update: more consistent repo, no more i386 packages (http://hardenedbsd.org/article/shawn-webb/2014-11-30/package-building-infrastructure-maintenance) *** Feedback/Questions Boris writes in (http://slexy.org/view/s2kVPKICqj) Alex writes in (http://slexy.org/view/s21Fic4dZC) (edit: adding "tinker panic 0" to the ntp.conf will disable the sanity check) Chris writes in (http://slexy.org/view/s2zk1Tvfe9) Robert writes in (http://slexy.org/view/s22alvJ4mu) Jake writes in (http://slexy.org/view/s203YMc2zL) *** Mailing List Gold Real world authpf use (https://www.marc.info/?t=141711266800001&r=1&w=2) The (https://svnweb.freebsd.org/ports/head/UPDATING?r1=373564&r2=373563&pathrev=373564) great (https://lists.freebsd.org/pipermail/freebsd-ports/2014-November/096788.html) perl (https://lists.freebsd.org/pipermail/freebsd-ports/2014-November/096799.html) event (https://lists.freebsd.org/pipermail/freebsd-perl/2014-November/010146.html) of (https://lists.freebsd.org/pipermail/freebsd-perl/2014-November/010149.html) 2014 (https://lists.freebsd.org/pipermail/freebsd-perl/2014-November/010167.html) ***
65: 8,000,000 Mogofoo-ops
Coming up on the show this week, we've got an interview with Brendan Gregg of Netflix. He's got a lot to say about performance tuning and benchmarks, and even some pretty funny stories about how people have done them incorrectly. As always, this week's news and answers to your emails, on BSD Now - the place to B.. SD. This episode was brought to you by Headlines Even more BSD presentation videos (https://www.meetbsd.com/) More videos from this year's MeetBSD and OpenZFS devsummit were uploaded since last week Robert Ryan, At the Heart of the Digital Economy (https://www.youtube.com/watch?v=Rc9k1xEepWU) FreeNAS & ZFS, The Indestructible Duo - Except for the Hard Drives (https://www.youtube.com/watch?v=d1C6DELK7fc) Richard Yao, libzfs_core and ioctl stabilization (https://www.youtube.com/watch?v=PIC0dwLRBZU) OpenZFS, Company lightning talks (https://www.youtube.com/watch?v=LmbI7F7XTTc) OpenZFS, Hackathon Presentation and Awards (https://www.youtube.com/watch?v=gPbVPwScMGk) Pavel Zakharov, Fast File Cloning (https://www.youtube.com/watch?v=_lGOAZFXra8) Rick Reed, Half a billion unsuspecting FreeBSD users (https://www.youtube.com/watch?v=TneLO5TdW_M) Alex Reece & Matt Ahrens, Device Removal (https://www.youtube.com/watch?v=Xs6MsJ9kKKE) Chris Side, Channel Programs (https://www.youtube.com/watch?v=RMTxyqcomPA) David Maxwell, The Unix command pipeline (https://www.youtube.com/watch?v=CZHEZHK4jRc) Be sure to check out the giant list of videos from last week's episode (http://www.bsdnow.tv/episodes/2014_11_19-rump_kernels_revisited) if you haven't seen them already *** NetBSD on a Cobalt Qube 2 (http://www.jarredcapellman.com/2014/3/9/NetBSD-and-a-Cobalt-Qube-2) The Cobalt Qube was a very expensive networking appliance around 2000 In 2014, you can apparently get one of these MIPS-based machines for about forty bucks This blog post details getting NetBSD installed and set up on the rare relic of our networking past If you're an old-time fan of RISC or MIPS CPUs, this'll be a treat for you Lots of great pictures of the hardware too *** OpenBSD vs. AFL (https://www.marc.info/?l=openbsd-cvs&w=2&r=1&s=afl&q=b) In their never-ending security audit, some OpenBSD developers have been hitting various parts of the tree (https://twitter.com/damienmiller/status/534156368391831552) with a fuzzer If you're not familiar, fuzzing (https://en.wikipedia.org/wiki/Fuzz_testing) is a semi-automated way to test programs for crashes and potential security problems The program being subjected to torture gets all sorts of random and invalid input, in the hopes of uncovering overflows and other bugs American Fuzzy Lop (http://lcamtuf.coredump.cx/afl/), in particular, has provided some interesting results across various open source projects recently So far, it's fixed some NULL pointer dereferences in OpenSSH, various crashes in tcpdump and mandoc (http://www.bsdnow.tv/episodes/2014_11_12-a_mans_man) and a few other things (https://www.marc.info/?l=openbsd-cvs&m=141646270127039&w=2) AFL has an impressive list of CVEs (vulnerabilities) that it's helped developers discover and fix It also made its way into OpenBSD ports, FreeBSD ports and NetBSD's pkgsrc very recently, so you can try it out for yourself *** GNOME 3 hits the FreeBSD ports tree (https://svnweb.freebsd.org/ports?view=revision&revision=372768) While you've been able to run GNOME 3 on PC-BSD and OpenBSD for a while, it hasn't actually hit the FreeBSD ports tree.. until now Now you can play with GNOME 3 and all its goodies (as well as Cinnamon 2.2, which this also brings in) on vanilla FreeBSD Be sure to check the commit message and /usr/ports/UPDATING (http://www.bsdnow.tv/tutorials/ports) if you're upgrading from GNOME 2 You might also want to go back and listen to our interview (http://www.bsdnow.tv/episodes/2014_02_26-port_authority) with Joe Marcus Clark about GNOME's portability *** Interview - Brendan Gregg - bgregg@netflix.com (mailto:bgregg@netflix.com) / @brendangregg (https://twitter.com/brendangregg) Performance tuning, benchmarks, debugging News Roundup DragonFlyBSD 4.0 released (http://www.dragonflybsd.org/release40/) A new major version of DragonFly, 4.0.1, was just recently announced This version includes support for Haswell GPUs, lots of SMP improvements (including some in PF) and support for up to 256 CPUs It's also the first release to drop support for i386, so it joins PCBSD in the 64 bit-only club Check the release notes for all the details, including networking and kernel improvements, as well as some crypto changes *** Can we talk about FreeBSD vs Linux (https://news.ycombinator.com/item?id=8645443) Hackernews had a recent thread about discussing Linux vs BSD, and the trolls stayed away for once Rather than rehashing why one is "better" than the other, it was focused on explaining some of the differences between ecosystems and communities If you're one of the many people who watch our show just out of curiosity about the BSD world, this might be a good thread to read Someone in the comments even gave bsdnow.tv a mention as a good resource to learn, thanks guy *** OpenBSD IPSEC tunnel guide (http://www.packetmischief.ca/openbsd-ipsec-tunnel-guide/) If you've ever wanted to connect two networks with OpenBSD gateways, this is the article for you It shows how to set up an IPSEC tunnel between destinations, how to lock it down and how to access all the machines on the other network just like they were on your LAN The article also explains some of the basics of IPSEC if you're not familiar with all the terminology, so this isn't just for experts Though the article itself is a few years old, it mostly still applies to the latest stuff today All the tools used are in the OpenBSD base system, so that's pretty handy too *** DragonFly starts work on IPFW2 (http://www.dragonflybsd.org/docs/ipfw2/) DragonFlyBSD, much like FreeBSD, comes with more than one firewall you can use Now it looks like you're going to have yet another choice, as someone is working on a fork of IPFW (which is actually already in its second version, so it should be "IPFW3") Not a whole lot is known yet; it's still in heavy development, but there's a brief roadmap (http://www.dragonflybsd.org/docs/ipfw2/#index6h1) page with some planned additions The guy who's working on this has already agreed to come on the show for an interview, but we're going to give him a chance to get some more work done first Expect that sometime next year, once he's made some progress *** Feedback/Questions Michael writes in (http://slexy.org/view/s2NYgVifXN) Samael writes in (http://slexy.org/view/s21X02saI3) Steven writes in (http://slexy.org/view/s21Dj7zImH) Remy writes in (http://slexy.org/view/s218lXg38C) Michael writes in (http://slexy.org/view/s20SEuKlaH) ***
64: Rump Kernels Revisited
This time on the show, we'll be talking with Justin Cormack about NetBSD rump kernels. We'll learn how to run them on other operating systems, what's planned for the future and a lot more. As always, answers to viewer-submitted questions and all the news for the week, on BSD Now - the place to B.. SD. This episode was brought to you by Headlines EuroBSDCon 2014 talks and tutorials (http://2014.eurobsdcon.org/talks-and-schedule/) The 2014 EuroBSDCon videos have been online for over a month, but unannounced - keep in mind these links may be temporary (but we'll mention their new location in a future show and fix the show notes if that's the case) Arun Thomas, BSD ARM Kernel Internals (https://va.ludost.net/files/eurobsdcon/2014/Rodopi/03.Saturday/01.BSD-ARM%20Kernel%20Internals%20-%20Arun%20Thomas.mp4) Ted Unangst, Developing Software in a Hostile Environment (https://va.ludost.net/files/eurobsdcon/2014/Rodopi/03.Saturday/02.Developing%20Software%20in%20a%20Hostile%20Environment%20-%20Ted%20Unangst.mp4) Martin Pieuchot, Taming OpenBSD Network Stack Dragons (https://va.ludost.net/files/eurobsdcon/2014/Rodopi/03.Saturday/03.Taming%20OpenBSD%20Network%20Stack%20Dragons%20-%20Martin%20Pieuchot.mp4) Henning Brauer, OpenBGPD turns 10 years (https://va.ludost.net/files/eurobsdcon/2014/Rodopi/03.Saturday/04.OpenBGPD%20turns%2010%20years%20-%20%20Henning%20Brauer.mp4) Claudio Jeker, vscsi and iscsid iSCSI initiator the OpenBSD way (https://va.ludost.net/files/eurobsdcon/2014/Rodopi/03.Saturday/05.vscsi(4)%20and%20iscsid%20-%20iSCSI%20initiator%20the%20OpenBSD%20way%20-%20Claudio%20Jeker.mp4) Paul Irofti, Making OpenBSD Useful on the Octeon Network Gear (https://va.ludost.net/files/eurobsdcon/2014/Rodopi/03.Saturday/06.Making%20OpenBSD%20Useful%20on%20the%20Octeon%20Network%20Gear%20-%20Paul%20Irofti.mp4) Baptiste Daroussin, Cross Building the FreeBSD ports tree (https://va.ludost.net/files/eurobsdcon/2014/Rodopi/04.Sunday/01.Cross%20Building%20the%20FreeBSD%20ports%20tree%20-%20Baptiste%20Daroussin.mp4) Boris Astardzhiev, Smartcom’s control plane software, a customized version of FreeBSD (https://va.ludost.net/files/eurobsdcon/2014/Rodopi/04.Sunday/02.Smartcom%e2%80%99s%20control%20plane%20software,%20a%20customized%20version%20of%20FreeBSD%20-%20Boris%20Astardzhiev.mp4) Michał Dubiel, OpenStack and OpenContrail for FreeBSD platform (https://va.ludost.net/files/eurobsdcon/2014/Rodopi/04.Sunday/03.OpenStack%20and%20OpenContrail%20for%20FreeBSD%20platform%20-%20Micha%c5%82%20Dubiel.mp4) Martin Husemann & Joerg Sonnenberger, Tool-chaining the Hydra, the ongoing quest for modern toolchains in NetBSD (https://va.ludost.net/files/eurobsdcon/2014/Rodopi/04.Sunday/04.(Tool-)chaining%20the%20Hydra%20The%20ongoing%20quest%20for%20modern%20toolchains%20in%20NetBSD%20-%20Martin%20Huseman%20&%20Joerg%20Sonnenberger.mp4) Taylor R Campbell, The entropic principle: /dev/u?random and NetBSD (https://va.ludost.net/files/eurobsdcon/2014/Rodopi/04.Sunday/05.The%20entropic%20principle:%20dev-u%3frandom%20and%20NetBSD%20-%20Taylor%20R%20Campbell.mp4) Dag-Erling Smørgrav, Securing sensitive & restricted data (https://va.ludost.net/files/eurobsdcon/2014/Rodopi/04.Sunday/06.Securing%20sensitive%20&%20restricted%20data%20-%20Dag-Erling%20Sm%c3%b8rgrav.mp4) Peter Hansteen, Building The Network You Need (https://va.ludost.net/files/eurobsdcon/2014/Pirin/01.Thursday/01.Building%20The%20Network%20You%20Need%20With%20PF%20-%20Peter%20Hansteen.mp4) With PF (https://va.ludost.net/files/eurobsdcon/2014/Pirin/01.Thursday/02.Building%20The%20Network%20You%20Need%20With%20PF%20-%20Peter%20Hansteen.mp4) Stefan Sperling, Subversion for FreeBSD developers (https://va.ludost.net/files/eurobsdcon/2014/Pirin/01.Thursday/03.Subversion%20for%20FreeBSD%20developers%20-%20Stefan%20Sperling.mp4) Peter Hansteen, Transition to (https://va.ludost.net/files/eurobsdcon/2014/Pirin/02.Friday/01.Transition%20to%20OpenBSD%205.6%20-%20Peter%20Hansteen.mp4) OpenBSD 5.6 (https://va.ludost.net/files/eurobsdcon/2014/Pirin/02.Friday/02.Transition%20to%20OpenBSD%205.6%20-%20Peter%20Hansteen.mp4) Ingo Schwarze, Let’s make manuals (https://va.ludost.net/files/eurobsdcon/2014/Pirin/02.Friday/03.Let%e2%80%99s%20make%20manuals%20more%20useful%20-%20Ingo%20Schwarze.mp4) more useful (https://va.ludost.net/files/eurobsdcon/2014/Pirin/02.Friday/04.Let%e2%80%99s%20make%20manuals%20more%20useful%20-%20Ingo%20Schwarze.mp4) Francois Tigeot, Improving DragonFly’s performance with PostgreSQL (https://va.ludost.net/files/eurobsdcon/2014/Pirin/03.Saturday/01.Improving%20DragonFly%e2%80%99s%20performance%20with%20PostgreSQL%20-%20Francois%20Tigeot.mp4) Justin Cormack, Running Applications on the NetBSD Rump Kernel (https://va.ludost.net/files/eurobsdcon/2014/Pirin/03.Saturday/02.Running%20Applications%20on%20the%20NetBSD%20Rump%20Kernel%20-%20Justin%20Cormack.mp4) Pierre Pronchery, EdgeBSD, a year later (https://va.ludost.net/files/eurobsdcon/2014/Pirin/03.Saturday/04.EdgeBSD,%20a%20year%20later%20-%20%20Pierre%20Pronchery.mp4) Peter Hessler, Using routing domains or tables in a production network (https://va.ludost.net/files/eurobsdcon/2014/Pirin/03.Saturday/05.Using%20routing%20domains%20or%20tables%20in%20a%20production%20network%20-%20%20Peter%20Hessler.mp4) Sean Bruno, QEMU user mode on FreeBSD (https://va.ludost.net/files/eurobsdcon/2014/Pirin/03.Saturday/06.QEMU%20user%20mode%20on%20FreeBSD%20-%20%20Sean%20Bruno.mp4) Kristaps Dzonsons, Bugs Ex Ante (https://va.ludost.net/files/eurobsdcon/2014/Pirin/04.Sunday/01.Bugs%20Ex%20Ante%20-%20Kristaps%20Dzonsons.mp4) Yann Sionneau, Porting NetBSD to the LatticeMico32 open source CPU (https://va.ludost.net/files/eurobsdcon/2014/Pirin/04.Sunday/02.Porting%20NetBSD%20to%20the%20LatticeMico32%20open%20source%20CPU%20-%20Yann%20Sionneau.mp4) Alexander Nasonov, JIT Code Generator for NetBSD (https://va.ludost.net/files/eurobsdcon/2014/Pirin/04.Sunday/03.JIT%20Code%20Generator%20for%20NetBSD%20-%20Alexander%20Nasonov.mp4) Masao Uebayashi, Porting Valgrind to NetBSD and OpenBSD (https://va.ludost.net/files/eurobsdcon/2014/Pirin/04.Sunday/04.Porting%20Valgrind%20to%20NetBSD%20and%20OpenBSD%20-%20Masao%20Uebayashi.mp4) Marc Espie, parallel make, working with legacy code (https://va.ludost.net/files/eurobsdcon/2014/Pirin/04.Sunday/05.parallel%20make:%20working%20with%20legacy%20code%20-%20Marc%20Espie.mp4) Francois Tigeot, Porting the drm-kms graphic drivers to DragonFly (https://va.ludost.net/files/eurobsdcon/2014/Pirin/04.Sunday/06.Porting%20the%20drm-kms%20graphic%20drivers%20to%20DragonFly%20-%20Francois%20Tigeot.mp4) The following talks (from the Vitosha track room) are all currently missing: Jordan Hubbard, FreeBSD, Looking forward to another 10 years (but we have another recording) Theo de Raadt, Randomness, how arc4random has grown since 1998 (but we have another recording) Kris Moore, Snapshots, Replication, and Boot-Environments Kirk McKusick, An Introduction to the Implementation of ZFS John-Mark Gurney, Optimizing GELI Performance Emmanuel Dreyfus, FUSE and beyond, bridging filesystems Lourival Vieira Neto, NPF scripting with Lua Andy Tanenbaum, A Reimplementation of NetBSD Based on a Microkernel Stefano Garzarella, Software segmentation offloading for FreeBSD Ted Unangst, LibreSSL Shawn Webb, Introducing ASLR In FreeBSD Ed Maste, The LLDB Debugger in FreeBSD Philip Guenther, Secure lazy binding *** OpenBSD adopts SipHash (https://www.marc.info/?l=openbsd-tech&m=141614801713457&w=2) Even more DJB crypto somehow finds its way into OpenBSD's base system This time it's SipHash (https://131002.net/siphash/), a family of pseudorandom functions that's resistant to hash bucket flooding attacks while still providing good performance After an initial import (http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/crypto/siphash.c?rev=1.1&content-type=text/x-cvsweb-markup) and some clever early usage (https://www.marc.info/?l=openbsd-cvs&m=141604896822253&w=2), a few developers agreed that it would be better to use it in a lot more places It will now be used in the filesystem, and the plan is to utilize it to protect all kernel hash functions Some other places (http://www.bsdnow.tv/episodes/2013_12_18-cryptocrystalline) that Bernstein's work can be found in OpenBSD include the ChaCha20-Poly1305 authenticated stream cipher and Curve25519 KEX used in SSH, ChaCha20 used in the RNG, and Ed25519 keys used in signify (http://www.bsdnow.tv/episodes/2014_02_05-time_signatures) and SSH *** FreeBSD 10.1-RELEASE (https://www.freebsd.org/releases/10.1R/announce.html) FreeBSD's release engineering team (http://www.bsdnow.tv/episodes/2013-09-11_engineering_powder_kegs) likes to troll us by uploading new versions just a few hours after we finish recording an episode The first maintenance update for the 10.x branch is out, improving upon a lot of things found in 10.0-RELEASE The vt driver was merged from -CURRENT and can now be enabled with a loader.conf switch (and can even be used on a PlayStation 3) Bhyve has gotten quite a lot of fixes and improvements from its initial debut in 10.0, including boot support for ZFS Lots of new ARM hardware is supported now, including SMP support for most of them A new kernel selection menu was added to the loader, so you can switch between newer and older kernels at boot time 10.1 is the first to support UEFI booting on amd64, which also has serial console support now Lots of third party software (OpenSSH, OpenSSL, Unbound..) and drivers have gotten updates to newer versions It's a worthy update from 10.0, or a good time to try the 10.x branch if you were avoiding the first .0 release, so grab an ISO (http://ftp.freebsd.org/pub/FreeBSD/ISO-IMAGES-amd64/10.1/) or upgrade (https://www.freebsd.org/cgi/man.cgi?query=freebsd-update) today Check the detailed release notes (https://www.freebsd.org/releases/10.1R/relnotes.html) for more information on all the changes Also take a look at some of the known problems (https://www.freebsd.org/releases/10.1R/errata.html#open-issues) to see if (https://forums.freebsd.org/threads/segmentation-fault-while-upgrading-from-10-0-release-to-10-1-release.48977/) you'll (https://lists.freebsd.org/pipermail/freebsd-stable/2014-October/080599.html) be (https://forums.freebsd.org/threads/10-0-10-1-diocaddrule-operation-not-supported-by-device.49016/) affected (https://www.reddit.com/r/freebsd/comments/2mmzzy/101release_restart_problems_anyone/) by any of them PC-BSD was also updated accordingly (http://wiki.pcbsd.org/index.php/What%27s_New/10.1) with some of their own unique features and changes *** arc4random - Randomization for All Occasions (https://www.youtube.com/watch?v=aWmLWx8ut20) Theo de Raadt gave an updated version of his EuroBSDCon presentation at Hackfest 2014 in Quebec The presentation is mainly about OpenBSD's arc4random function, and outlines the overall poor state of randomization in the 90s and how it has evolved in OpenBSD over time It begins with some interesting history on OpenBSD and how it became a security-focused OS - in 1996, their syslogd got broken into and "suddenly we became interested in security" The talk also touches on how low-level changes can shake up the software ecosystem and third party packages that everyone uses There's some funny history on the name of the function (being called arc4random despite not using RC4 anymore) and an overall status update on various platforms' usage of it Very detailed and informative presentation, and the slides can be found here (http://www.openbsd.org/papers/hackfest2014-arc4random/index.html) A great quote from the beginning: "We consider ourselves a community of (probably rather strange) people who work on software specifically for the purpose of trying to make it better. We take a 'whole-systems' approach: trying to change everything in the ecosystem that's under our control, trying to see if we can make it better. We gain a lot of strength by being able to throw backwards compatibility out the window. So that means that we're able to do research and the minute that we decide that something isn't right, we'll design an alternative for it and push it in. And if it ends up breaking everybody's machines from the previous stage to the next stage, that's fine because we'll end up in a happier place." *** Interview - Justin Cormack - justin@netbsd.org (mailto:justin@netbsd.org) / @justincormack (https://twitter.com/justincormack) NetBSD on Xen, rump kernels, various topics News Roundup The FreeBSD foundation's biggest donation (http://freebsdfoundation.blogspot.com/2014/11/freebsd-foundation-announces-generous.html) The FreeBSD foundation has a new blog post about the largest donation they've ever gotten From the CEO of WhatsApp comes a whopping one million dollars in a single donation It also has some comments from the donor about why they use BSD and why it's important to give back Be sure to donate to the foundation of whatever BSD you use when you can - every little bit helps, especially for OpenBSD (http://www.openbsd.org/donations.html), NetBSD (https://www.netbsd.org/donations/) and DragonFly (http://www.dragonflybsd.org/donations/) who don't have huge companies supporting them regularly like FreeBSD does *** OpenZFS Dev Summit 2014 videos (http://open-zfs.org/wiki/OpenZFS_Developer_Summit) Videos from the recent OpenZFS developer summit are being uploaded, with speakers from different represented platforms and companies Matt Ahrens (http://www.bsdnow.tv/episodes/2014_05_14-bsdcanned_goods), opening keynote (https://www.youtube.com/watch?v=XnTzbisLYzg) Raphael Carvalho, Platform Overview: ZFS on OSv (https://www.youtube.com/watch?v=TJLOBLSRoHE) Brian Behlendorf, Platform Overview: ZFS on Linux (https://www.youtube.com/watch?v=_MVOpMNV7LY) Prakash Surya, Platform Overview: illumos (https://www.youtube.com/watch?v=UtlGt3ag0o0) Xin Li, Platform Overview: FreeBSD (https://www.youtube.com/watch?v=xO0x5_3A1X4) All platforms, Group Q&A Session (https://www.youtube.com/watch?v=t4UlT0RmSCc) Dave Pacheco, Manta (https://www.youtube.com/watch?v=BEoCMpdB8WU) Saso Kiselkov, Compression (https://www.youtube.com/watch?v=TZF92taa_us) George Wilson (http://www.bsdnow.tv/episodes/2013_12_04-zettabytes_for_days), Performance (https://www.youtube.com/watch?v=deJc0EMKrM4) Tim Feldman, Host-Aware SMR (https://www.youtube.com/watch?v=b1yqjV8qemU) Pavel Zakharov, Fast File Cloning (https://www.youtube.com/watch?v=-4c4gsLi1LI) The audio is pretty poor (https://twitter.com/OpenZFS/status/534005125853888512) on all of them unfortunately *** BSDTalk 248 (http://bsdtalk.blogspot.com/2014/11/bsdtalk248-dragonflybsd-with-matthew.html) Our friend Will Backman is still busy getting BSD interviews as well This time he sits down with Matthew Dillon, the lead developer of DragonFly BSD We've never had Dillon on the show, so you'll definitely want to give this one a listen They mainly discuss all the big changes coming in DragonFly's upcoming 4.0 release *** MeetBSD 2014 videos (https://www.meetbsd.com/) The presentations from this year's MeetBSD conference are starting to appear online as well Kirk McKusick (http://www.bsdnow.tv/episodes/2013-10-02_stacks_of_cache), A Narrative History of BSD (https://www.youtube.com/watch?v=DEEr6dT-4uQ) Jordan Hubbard (http://www.bsdnow.tv/episodes/2013_11_27-bridging_the_gap), FreeBSD: The Next 10 Years (https://www.youtube.com/watch?v=Mri66Uz6-8Y) Brendan Gregg, Performance Analysis (https://www.youtube.com/watch?v=uvKMptfXtdo) The slides can be found here (https://www.meetbsd.com/agenda/) *** Feedback/Questions Dominik writes in (http://slexy.org/view/s20PXjp55N) Steven writes in (http://slexy.org/view/s2LwEYT3bA) Florian writes in (http://slexy.org/view/s2ubK8vQVt) Richard writes in (http://slexy.org/view/s216Eq8nFG) Kevin writes in (http://slexy.org/view/s21D2ugDUy) *** Mailing List Gold Contributing without code (https://www.marc.info/?t=141600819500004&r=1&w=2) Compression isn't a CRIME (https://lists.mindrot.org/pipermail/openssh-unix-dev/2014-November/033176.html) Securing web browsers (https://www.marc.info/?t=141616714600001&r=1&w=2) ***
63: A Man's man(1)
This time on the show, we've got an interview with Kristaps Džonsons, the creator of mandoc. He tells us how the project got started and what its current status is across the various BSDs. We also have a mini-tutorial on using PF to throttle bandwidth. This week's news, answers to your emails and even some cheesy mailing list gold, coming up on BSD Now - the place to B.. SD. This episode was brought to you by Headlines Updates to FreeBSD's random(4) (https://svnweb.freebsd.org/base?view=revision&revision=273872) FreeBSD's random device, which presents itself as "/dev/random" to users (https://news.ycombinator.com/item?id=8550457), has gotten a fairly major overhaul in -CURRENT The CSPRNG (cryptographically secure pseudo-random number generator) algorithm, Yarrow, now has a new alternative called Fortuna Yarrow is still the default for now, but Fortuna can be used with a kernel option (and will likely be the new default in 11.0-RELEASE) Pluggable modules can now be written to add more sources of entropy These changes are expected to make it in 11.0-RELEASE, but there hasn't been any mention of MFCing them to 10 or 9 *** OpenBSD Tor relays and network diversity (https://lists.torproject.org/pipermail/tor-relays/2014-November/005661.html) We've talked about getting more BSD-based Tor nodes (http://lists.nycbug.org/mailman/listinfo/tor-bsd) a few times in previous episodes The "tor-relays" mailing list has had some recent discussion about increasing diversity in the Tor network, specifically by adding more OpenBSD nodes With the security features and attention to detail, it makes for an excellent dedicated Tor box More and more adversaries are attacking Tor nodes, so having something that can withstand that will help the greater network at large A few users are even saying they'll convert their Linux nodes to OpenBSD to help out Check the archive for the full conversation, and maybe run a node yourself (http://www.bsdnow.tv/tutorials/tor) on any of the BSDs The Tor wiki page on OpenBSD is pretty out of date (https://lists.torproject.org/pipermail/tor-dev/2014-November/007715.html) (nine years old!?) and uses the old pf syntax, maybe one of our listeners can modernize it *** SSP now default for FreeBSD ports (https://lists.freebsd.org/pipermail/freebsd-ports/2014-November/096344.html) SSP, or Stack Smashing Protection (https://en.wikipedia.org/wiki/Buffer_overflow_protection), is an additional layer of protection against buffer overflows that the compiler can give to the binaries it produces It's now enabled by default in FreeBSD's ports tree, and the pkgng packages will have it as well - but only for amd64 (all supported releases) and i386 (10.0-RELEASE or newer) This will only apply to regular ports and binary packages, not the quarterly branch that only receives security updates If you were using the temporary "new Xorg" or SSP package repositories instead of the default ones, you need to switch back over NetBSD made this the default on i386 and amd64 two years ago (https://www.netbsd.org/releases/formal-6/NetBSD-6.0.html) and OpenBSD made this the default on all architectures twelve years ago (https://www.marc.info/?l=openbsd-cvs&m=103881967909595&w=2) Next time you rebuild your ports, things should be automatically hardened without any extra steps or configuration needed *** Building an OpenBSD firewall and router (https://www.reddit.com/r/BSD/comments/2ld0yw/building_an_openbsd_firewall_and_router/) While we've discussed the software and configuration of an OpenBSD router, this Reddit thread focuses more on the hardware side The OP lists some of his potential choices, but was originally looking for something a bit cheaper than a Soekris Most agree that, if it's for a business especially, it's worth the extra money to go with something that's well known in the BSD community They also list a few other popular alternatives: ALIX or the APU series from PC Engines, some Supermicro boards, etc. Through the comments, we also find out that QuakeCon runs OpenBSD on their network Hopefully most of our listeners are running some kind of BSD as their gateway - try it out (http://www.bsdnow.tv/tutorials/openbsd-router) if you haven't already *** Interview - Kristaps Džonsons - kristaps@bsd.lv (mailto:kristaps@bsd.lv) Mandoc, historical man pages, various topics Tutorial Throttling bandwidth with PF (http://www.bsdnow.tv/tutorials/openbsd-router#queues) News Roundup NetBSD at Kansai Open Forum 2014 (https://mail-index.netbsd.org/netbsd-advocacy/2014/11/08/msg000672.html) Japanese NetBSD users invade yet another conference, demonstrating that they can and will install NetBSD on everything From a Raspberry Pi to SHARP Netwalkers to various luna68k devices, they had it all As always, you can find lots of pictures in the trip report *** Getting to know your portmgr lurkers (http://blogs.freebsdish.org/portmgr/2014/11/04/getting-to-know-your-portmgr-lurker-ak/) The lovable "getting to know your portmgr" series makes its triumphant return This time around, they interview Alex, one of the portmgr lurkers that joined just this month "How would you describe yourself?" "Too lazy." Another post (http://blogs.freebsdish.org/portmgr/2014/11/08/getting-to-know-your-portmgr-lurker-ehaupt/) includes a short interview with Emanuel, another new lurker We discussed the portmgr lurkers initiative with Steve Wills a while back (http://www.bsdnow.tv/episodes/2014_10_01-the_daemons_apprentice) *** NetBSD's ARM port gets SMP (https://blog.netbsd.org/tnf/entry/working_arm_multiprocessor_support) The ARM port of NetBSD now has SMP support, allowing more than one CPU to be used This blog post on the website has a list of supported boards: Banana Pi, Cubieboard 2, Cubietruck, Merrii Hummingbird A31, CUBOX-I and NITROGEN6X NetBSD's release team is working on getting these changes into the 7 branch before 7.0 is released There are also a few nice pictures in the article *** A high performance mid-range NAS (http://pivotallabs.com/high-performing-mid-range-nas-server-part-2-performance-tuning-iscsi/) This blog post is about FreeNAS and optimizing iSCSI performance It talks about using mid-range hardware with FreeNAS and different tunables you can change to affect performance There are some nice graphs and lots of detail if you're interested in tweaking some of your own settings They conclude "there is no optimal configuration; rather, FreeNAS can be configured to suit a particular workload" *** Feedback/Questions Heto writes in (http://slexy.org/view/s2xGCUj8mC) Brad writes in (http://slexy.org/view/s2SJ8xppDJ) Tyler writes in (http://slexy.org/view/s20Ktl6BMk) Tim writes in (http://slexy.org/view/s2AsrxU0ZQ) Brad writes in (http://slexy.org/view/s21yn0xLv2) *** Mailing List Gold Suspicious contributions (https://www.marc.info/?t=141379917200003&r=1&w=2) La puissance du fromage (https://www.marc.info/?l=openbsd-cvs&m=141538800019451&w=2) Nothing unusual here (https://mail-index.netbsd.org/tech-ports/2002/07/05/0000.html) ***
62: Gift from the Sun
We're away at MeetBSD this week, but we've still got a great show for you. We'll be joined by Pawel Dawidek, who's done quite a lot of things in FreeBSD over the years, including the initial ZFS port. We'll get to hear how that came about, what he's up to now and a whole lot more. We'll be back next week with a normal episode of BSD Now - the place to B.. SD. This episode was brought to you by Interview - Pawel Jakub Dawidek - pjd@freebsd.org (mailto:pjd@freebsd.org) Porting ZFS, GEOM, GELI, Capsicum, various topics
61: IPSECond Wind
This week on the show, we sat down with John-Mark Gurney to talk about modernizing FreeBSD's IPSEC stack. We'll learn what he's adding, what needed to be fixed and how we'll benefit from the changes. As always, answers to your emails and all of this week's news, on BSD Now - the place to B.. SD. This episode was brought to you by Headlines BSD panel at Phoenix LUG (https://www.youtube.com/watch?v=3AOF7fm-TJ0) The Phoenix, Arizona Linux users group had a special panel so they could learn a bit more about BSD It had one FreeBSD user and one OpenBSD user, and they answered questions from the organizer and the people in the audience They covered a variety of topics, including filesystems, firewalls, different development models, licenses and philosophy It was a good "real world" example of things potential switchers are curious to know about They closed by concluding that more diversity is always better, and even if you've got a lot of Linux boxes, putting a few BSD ones in the mix is a good idea *** Book of PF signed copy auction (http://bsdly.blogspot.com/2014/10/the-book-of-pf-3rd-edition-is-here.html) Peter Hansteen (who we've had on the show (http://www.bsdnow.tv/episodes/2014_04_30-puffy_firewall)) is auctioning off the first signed copy of the new Book of PF All the profits from the sale will go to the OpenBSD Foundation (http://www.openbsd.org/donations.html) The updated edition of the book includes all the latest pf syntax changes, but also provides examples for FreeBSD and NetBSD's versions (which still use ALTQ, among other differences) If you're interested in firewalls, security or even just advanced networking, this book is a great one to have on your shelf - and the money will also go to a good cause Michael Lucas (http://www.bsdnow.tv/episodes/2013_11_06-year_of_the_bsd_desktop) has challenged Peter (https://www.marc.info/?l=openbsd-misc&m=141429413908567&w=2) to raise more for the foundation than his last book selling - let's see who wins Pause the episode, go bid on it (http://www.ebay.com/itm/321563281902) and then come back! *** FreeBSD Foundation goes to EuroBSDCon (http://freebsdfoundation.blogspot.com/2014/10/freebsd-foundation-goes-to-eurobsdcon.html) Some people from the FreeBSD Foundation went to EuroBSDCon this year, and come back with a nice trip report They also sponsored four other developers to go The foundation was there "to find out what people are working on, what kind of help they could use from the Foundation, feedback on what we can be doing to support the FreeBSD Project and community, and what features/functions people want supported in FreeBSD" They also have a second report (http://freebsdfoundation.blogspot.com/2014/10/eurobsdcon-trip-report-kamil-czekirda.html) from Kamil Czekirda A total of $2000 was raised at the conference *** OpenBSD 5.6 released (http://www.openbsd.org/56.html) Note: we're doing this story a couple days early - it's actually being released on November 1st (this Saturday), but we have next week off and didn't want to let this one slip through the cracks - it may be out by the time you're watching this Continuing their always-on-time six month release cycle, the OpenBSD team has released version 5.6 It includes support for new hardware, lots of driver updates, network stack improvements (SMP, in particular) and new security features 5.6 is the first formal release with LibreSSL, their fork of OpenSSL, and lots of ports have been fixed to work with it You can now hibernate your laptop when using a fully-encrypted filesystem (see our tutorial (http://www.bsdnow.tv/tutorials/fde) for that) ALTQ, Kerberos, Lynx, Bluetooth, TCP Wrappers and Apache were all removed This will serve as a "transitional" release for a lot of services: moving from Sendmail to OpenSMTPD, from nginx to httpd (http://www.bsdnow.tv/episodes/2014_09_03-its_hammer_time) and from BIND to Unbound Sendmail, nginx and BIND will be gone in the next release, so either migrate to the new stuff between now and then or switch to the ports versions As always, 5.6 comes with its own song and artwork (http://www.openbsd.org/lyrics.html#56) - the theme this time was obviously LibreSSL Be sure to check the full changelog (http://www.openbsd.org/plus56.html) (it's huge) and pick up a CD or tshirt (http://www.openbsd.org/orders.html) to support their efforts If you don't already have the public key releases are signed with, getting a physical CD is a good "out of bounds" way to obtain it safely Here are some cool images of the set (https://imgur.com/a/5PtFe) After you do your installation or upgrade (http://www.openbsd.org/faq/upgrade56.html), don't forget to head over to the errata page (http://www.openbsd.org/errata56.html) and apply any patches listed there *** Interview - John-Mark Gurney - jmg@freebsd.org (mailto:jmg@freebsd.org) / @encthenet (https://twitter.com/encthenet) Updating FreeBSD's IPSEC stack News Roundup Clang in DragonFly BSD (https://www.dragonflydigest.com/2014/10/22/14942.html) As we all know, FreeBSD got rid of GCC in 10.0, and now uses Clang almost exclusively on i386/amd64 Some DragonFly developers are considering migrating over as well, and one of them is doing some work to make the OS more Clang-friendly We'd love to see more BSDs switch to Clang/LLVM eventually, it's a lot more modern than the old GCC most are using *** reallocarray(): integer overflow detection for free (http://lteo.net/blog/2014/10/28/reallocarray-in-openbsd-integer-overflow-detection-for-free/) One of the less obvious features in OpenBSD 5.6 is a new libc function: "reallocarray()" It's a replacement function for realloc(3) that provides integer overflow detection at basically no extra cost Theo and a few other developers have already started (https://secure.freshbsd.org/search?project=openbsd&q=reallocarray) a mass audit of the entire source tree, replacing many instances with this new feature OpenBSD's explicit_bzero was recently imported into FreeBSD, maybe someone could also port over this too *** Switching from Linux blog (http://bothsidesofthence.tumblr.com/) A listener of the show has started a new blog series, detailing his experiences in switching over to BSD from Linux After over ten years of using Linux, he decided to give BSD a try after listening to our show (which is awesome) So far, he's put up a few posts about his initial thoughts, some documentation he's going through and his experiments so far It'll be an ongoing series, so we may check back in with him again later on *** Owncloud in a FreeNAS jail (https://www.youtube.com/watch?v=z6VQwOl4wE4) One of the most common emails we get is about running Owncloud in FreeNAS Now, finally, someone made a video on how to do just that, and it's even jailed A member of the FreeNAS community has uploaded a video on how to set it up, with lighttpd as the webserver backend If you're looking for an easy way to back up and sync your files, this might be worth a watch *** Feedback/Questions Ernõ writes in (http://slexy.org/view/s2XEsQdggZ) David writes in (http://slexy.org/view/s21EizH2aR) Kamil writes in (http://slexy.org/view/s24SAJ5im6) Torsten writes in (http://slexy.org/view/s20ABZe0RD) Dominik writes in (http://slexy.org/view/s208jQs9c6) *** Mailing List Gold That's not our IP (https://mail-index.netbsd.org/source-changes/2014/10/17/msg059564.html) Is this thing on? (https://lists.freebsd.org/pipermail/freebsd-acpi/2014-June/008644.html) ***
60: Don't Buy a Router
This week on the show we're joined by Olivier Cochard-Labbé, the creator of both FreeNAS and the BSD Router Project! We'll be discussing what the BSD Router Project is, what it's for and where it's going. All this week's headlines and answers to viewer-submitted questions, on BSD Now - the place to B.. SD. This episode was brought to you by Headlines BSD Devroom CFP (https://lists.fosdem.org/pipermail/fosdem/2014-October/002038.html) This year's FOSDEM conference (Belgium, Jan 31st - Feb 1st) is having a dedicated BSD devroom They've issued a call for papers on anything BSD-related, and we always love more presentations If you're in the Belgium area or plan on going, submit a talk about something cool you're doing There's also a mailing list (https://lists.fosdem.org/listinfo/bsd-devroom) and some more information in the original post *** Bhyve SVM code merge (https://lists.freebsd.org/pipermail/freebsd-virtualization/2014-October/002905.html) The bhyve_svm code has been in the "projects" tree of FreeBSD, but is now ready (https://svnweb.freebsd.org/base?view=revision&revision=273375) for -CURRENT This changeset will finally allow bhyve to run on AMD CPUs, where it was previously limited to Intel only All the supported operating systems and utilities should work on both now One thing to note: bhyve doesn't support PCI passthrough on AMD just yet There may still be some issues (https://lists.freebsd.org/pipermail/freebsd-virtualization/2014-October/002935.html) though *** NetBSD at Open Source Conference Tokyo (https://mail-index.netbsd.org/netbsd-advocacy/2014/10/20/msg000671.html) The Japanese NetBSD users group held a booth at another recent open source conference As always, they were running NetBSD on everything you can imagine One of the users reports back to the mailing list on their experience, providing lots of pictures and links Here's an interesting screenshot of NetBSD running various other BSDs in Xen (https://pbs.twimg.com/media/B0NnfcbCEAAmKIU.jpg:large) *** More BSD switchers every day (https://www.reddit.com/r/unix/comments/2il383/question_about_the_bsd_community_as_a_whole/) A decade-long Linux user is considering making the switch, and asks Reddit about the BSD community Tired of the pointless bickering he sees in his current community, he asks if the same problems exist over here and what he should expect So far, he's found that BSD people seem to act more level-headed about things, and are much more practical, whereas some FSF/GNU/GPL people make open source a religion There's also another semi-related thread (https://www.reddit.com/r/BSD/comments/2jpxj9/question_about_the_current_state_of_freebsd/) about another Linux user wanting to switch to BSD because of systemd and GNU people There are some extremely well written and thought-out comments in the replies (in both threads), be sure to give them all a read Maybe the OPs should've just watched this show *** Interview - Olivier Cochard-Labbé - olivier@cochard.me (mailto:olivier@cochard.me) / @ocochardlabbe (https://twitter.com/ocochardlabbe) The BSD Router Project News Roundup FreeBSD -CURRENT on a T420 (https://www.banym.de/freebsd/install-freebsd-11-on-thinkpad-t420) Thinkpads are quite popular with BSD developers and users Most of the hardware seems to be supported across the BSDs (especially wifi) This article walks through installing FreeBSD -CURRENT on a Thinkpad T420 with UEFI If you've got a Thinkpad, or especially this specific one, have a look at some of the steps involved *** FreeNAS on a Supermicro 5018A-MHN4 (https://www.teckelworks.com/2014/10/building-a-freenas-server-with-a-supermicro-5018a-mhn4/) More and more people are migrating their NAS devices to BSD-based solutions In this post, the author goes through setting up FreeNAS on some of his new hardware His new rack-mounted FreeNAS machine has a low power Atom with eight cores and 64GB of RAM - quite a lot for its small form factor The rest of the post details all of the hardware he chose and goes through the build process (with lots of cool pictures) *** Hardening procfs and linprocfs (http://hardenedbsd.org/article/shawn-webb/2014-10-15/hardening-procfs-and-linprocfs) There was an exploit published recently for SFTP in OpenSSH, but it mostly just affected Linux There exists a native procfs in FreeBSD, which was the target point of that exploit, but it's not used very often The Linux emulation layer also supports its own linprocfs, which was affected as well The HardenedBSD guys weigh in on how to best solve the problem, and now support an additional protection layer from writing to memory with procfs If you want to learn more about ASLR and HardenedBSD, be sure to check out our interview with Shawn (http://www.bsdnow.tv/episodes/2014_08_27-reverse_takeover) too *** pfSense monitoring with bandwidthd (http://pfsensesetup.com/bandwidth-monitoring-with-bandwidthd/) A lot of people run pfSense on their home network, and it's really useful to monitor the bandwidth usage This article will walk you through setting up bandwidthd to do exactly that bandwidthd monitors based on the IP address, rather than per-interface It can also build some cool HTML graphs, and we love those pfSense graphs Have a look at our bandwidth monitoring and testing (http://www.bsdnow.tv/tutorials/vnstat-iperf) tutorial for some more ideas *** Feedback/Questions Dave writes in (http://slexy.org/view/s2b5ZZ5qCv) Chris writes in (http://slexy.org/view/s20aVvhv2d) Zeke writes in (http://slexy.org/view/s2Vmwxy1QM) Bostjan writes in (http://slexy.org/view/s2LB6MKoNT) Patrick writes in (http://slexy.org/view/s2xxB9uOuV) *** Mailing List Gold More (https://www.marc.info/?l=openbsd-tech&m=141357595922692&w=2) old bugs (https://www.marc.info/?l=openbsd-cvs&m=141358124924479&w=2) The Right Font™ (https://www.marc.info/?l=openbsd-cvs&m=141332534304117&w=2) (see also (https://twitter.com/blakkheim/status/522162864409546753)) ***
59: BSDって聞いたことある?
This week on the show we'll be talking with Hiroki Sato about the status of BSD in Japan. We also get to hear about how he got on the core team, and we just might find out why NetBSD is so popular over there! Answers to all your emails, the latest news, and even a brand new segment, on BSD Now - the place to B.. SD. This episode was brought to you by Headlines BSD talks at XDC 2014 (https://www.youtube.com/channel/UCXlH5v1PkEhjzLFTUTm_U7g/videos) This year's Xorg conference featured a few BSD-related talks Matthieu Herrb, Status of the OpenBSD graphics stack (https://www.youtube.com/watch?v=KopgD4nTtnA) Matthieu's talk details what's been done recently in Xenocara the OpenBSD kernel for graphics (slides here (http://www.openbsd.org/papers/xdc2014-xenocara.pdf)) Jean-Sébastien Pédron, The status of the graphics stack on FreeBSD (https://www.youtube.com/watch?v=POmxFleN3Bc) His presentation gives a history of major changes and outlines the current overall status of graphics in FreeBSD (slides here (http://www.x.org/wiki/Events/XDC2014/XDC2014PedronFreeBSD/XDC-2014_FreeBSD.pdf)) Francois Tigeot, Porting DRM/KMS drivers to DragonFlyBSD (https://www.youtube.com/watch?v=NdM7_yPGFDk) Francois' talk tells the story of how he ported some of the DRM and KMS kernel drivers to DragonFly (slides here (http://www.x.org/wiki/Events/XDC2014/XDC2014TigeotDragonFlyBSD/XDC-2014_Porting_kms_drivers_to_DragonFly.pdf)) *** FreeBSD Quarterly Status Report (https://www.freebsd.org/news/status/report-2014-07-2014-09.html) The FreeBSD project has a report of their activities between July and September of this year Lots of ARM work has been done, and a goal for 11.0 is tier one support for the platform The release includes reports from the cluster admin team, release team, ports team, core team and much more, but we've already covered most of the items on the show If you're interested in seeing what the FreeBSD community has been up to lately, check the full report - it's huge *** Monitoring pfSense logs using ELK (http://elijahpaul.co.uk/monitoring-pfsense-2-1-logs-using-elk-logstash-kibana-elasticsearch/) If you're one of those people who loves the cool graphs and charts that pfSense can produce, this is the post for you ELK (ElasticSearch, Logstash, Kibana) is a group of tools that let you collect, store, search and (most importantly) visualize logs It works with lots of different things that output logs and can be sent to one central server for displaying This post shows you how to set up pfSense to do remote logging to ELK and get some pretty awesome graphs *** Some updates to IPFW (https://svnweb.freebsd.org/base?view=revision&revision=272840) Even though PF gets a lot of attention, a lot of FreeBSD people still love IPFW While mostly a dormant section of the source tree, some updates were recently committed to -CURRENT The commit lists the user-visible changes, performance changes, ABI changes and internal changes It should be merged back to -STABLE after a month or so of testing, and will probably end up in 10.2-RELEASE Also check this blog post (http://blog.cochard.me/2014/10/ipfw-improvement-on-freebsd-current.html) for some more information and fancy graphs *** Interview - Hiroki Sato (佐藤広生) - hrs@freebsd.org (mailto:hrs@freebsd.org) / @hiroki_sato (https://twitter.com/hiroki_sato) BSD in Japan, technology conferences, various topics News Roundup pfSense on Hyper-V (https://virtual-ops.de/?p=600) In case you didn't know, the latest pfSense snapshots support running on Hyper-V Unfortunately, the current stable release is based on an old, unsupported FreeBSD 8.x base, so you have to use the snapshots for now The author of the post tells about his experience running pfSense and gives lots of links to read if you're interested in doing the same He also praises pfSense above other Linux-based solutions for its IPv6 support and high quality code *** OpenBSD as a daily driver (https://www.reddit.com/r/openbsd/comments/2isz24/openbsd_as_a_daily_driver/) A curious Reddit user posts to ask the community about using OpenBSD as an everyday desktop OS The overall consensus is that it works great for that, stays out of your way and is quite reliable Caveats would include there being no Adobe Flash support (though others consider this a blessing..) and it requiring a more hands-on approach to updating If you're considering running OpenBSD as a "daily driver," check all the comments for more information and tips *** Getting PF log statistics (https://secure.ciscodude.net/2014/10/09/firewall-log-stats/) The author of this post runs an OpenBSD box in front of all his VMs at his colocation, and details his experiences with firewall logs He usually investigates any IPs of interest with whois, nslookup, etc. - but this gets repetitive quickly, so.. He sets out to find the best way to gather firewall log statistics After coming across a perl script (http://www.pantz.org/software/pf/pantzpfblockstats.html) to do this, he edited it a bit and is now a happy, lazy admin once again You can try out his updated PF script here (https://github.com/tbaschak/Pantz-PFlog-Stats) *** FlashRD 1.7 released (http://www.nmedia.net/flashrd/) In case anyone's not familiar, flashrd is a tool to create OpenBSD images for embedded hardware devices, executing from a virtualized environment This new version is based on (the currently unreleased) OpenBSD 5.6, and automatically adapts to the number of CPUs you have for building It also includes fixes for 4k drives and lots of various other improvements If you're interested in learning more, take a look at some of the slides and audio from the main developer on the website *** Feedback/Questions Antonio writes in (http://slexy.org/view/s20XvSa4h0) Don writes in (http://slexy.org/view/s20lGUXW3d) Andriy writes in (http://slexy.org/view/s2al5DFIO7) Richard writes in (http://slexy.org/view/s203QoFuWs) Robert writes in (http://slexy.org/view/s29WIplL6k) *** Mailing List Gold Subtle trolling (https://marc.info/?l=openbsd-cvs&m=141271076115386&w=2) Old bugs with old fixes (https://marc.info/?l=openbsd-cvs&m=141275713329601&w=2) A pig reinstall (https://lists.freebsd.org/pipermail/freebsd-ports/2014-October/095906.html) Strange DOS-like environment (https://lists.freebsd.org/pipermail/freebsd-doc/2014-October/024408.html) ***
58: Behind the Masq
Coming up this week on the show, we'll be talking to Matt Ranney and George Kola about how they use FreeBSD at Voxer, and how to get more companies to switch over. After that, we'll show you how to filter website ads at the gateway level, using DNSMasq. All this week's news and answers to your emails, on BSD Now - the place to B.. SD. This episode was brought to you by Headlines NetBSD's EuroBSDCon report (https://blog.netbsd.org/tnf/entry/netbsd_developer_summit_at_eurobsdcon) This year's EuroBSDCon had the record number of NetBSD developers attending The NetBSD guys had a small devsummit as well, and this blog post details some of their activities Pierre Pronchery also talked about EdgeBSD there (also see our interview (http://www.bsdnow.tv/episodes/2014_04_01-edgy_bsd_users) if you haven't already) Hopefully this trend continues, and NetBSD starts to have even more of a presence at the conferences *** Upcoming features in OpenBSD 5.6 (http://lteo.net/blog/2014/10/01/a-sneak-peek-at-the-upcoming-openbsd-5-dot-6-release/) OpenBSD 5.6 is to be released in just under a month from now, and one of the developers wrote a blog post about some of the new features The post is mostly a collection of various links, many of which we've discussed before It'll be the first version with LibreSSL and many other cool things We will, of course, have all the details on the day of release There are some good comments (https://news.ycombinator.com/item?id=8413028) on hacker news about 5.6 as well *** FreeBSD ARMv8-based implementation (http://www.prnewswire.com/news-releases/cavium-to-sponsor-freebsd-armv8-based-implementation-277724361.html) The FreeBSD foundation is sponsoring some work to port FreeBSD to the new ThunderX ARM CPU family With the potential to have up to 48 cores, this type of CPU might make ARM-based servers a more appealing option Cavium, the company involved with this deal, seems to have lots of BSD fans This collaboration is expected to result in Tier 1 recognition of the ARMv8 architecture *** Updating orphaned OpenBSD ports (https://marc.info/?l=openbsd-ports&m=141235737615585&w=2) We discussed OpenBSD porting over portscout from FreeBSD a while back Their ports team is making full use of it now, and they're also looking for people to help update some unmaintained ports A new subdomain, portroach.openbsd.org (http://portroach.openbsd.org/), will let you view all the ports information easily If you're interested in learning to port software, or just want to help update a port you use, this is a good chance to get involved *** Interview - Matt Ranney & George Kola - mjr@ranney.com (mailto:mjr@ranney.com) & george.kola@voxer.com (mailto:george.kola@voxer.com) BSD at Voxer, companies switching from Linux, community interaction Tutorial Adblocking with DNSMasq & Pixelserv (http://www.bsdnow.tv/tutorials/dnsmasq) News Roundup GhostBSD 4.0 released (http://ghostbsd.org/4.0-release) The 4.0 branch of GhostBSD has finally been released, based on FreeBSD 10 With it come all the big 10.0 changes: clang instead of gcc, pkgng by default, make replaced by bmake Mate is now the default desktop, with different workstation styles to choose from *** Reports from PF about banned IPs (http://ypnose.org/blog/2014/newbrute-pf.html) If you run any kind of public-facing server, you've probably seen your logs fill up with unwanted traffic This is especially true if you run SSH on port 22, which the author of this post seems to A lot can be done with just PF and some brute force tables He goes through some different options for blocking Chinese IPs and break-in attempts It includes a useful script he wrote to get reports about the IPs being blocked via email *** NetBSD 6.1.5 and 6.0.6 released (https://blog.netbsd.org/tnf/entry/netbsd_6_1_5_and) The 6.1 and 6.0 branches of NetBSD got some updates They include a number of security and stability fixes - plenty of OpenSSL mentions Various panics and other small bugs also got fixed *** OpenSSH 6.7 released (https://lists.mindrot.org/pipermail/openssh-unix-announce/2014-October/000119.html) After a long delay, OpenSSH 6.7 has finally been released Major internal refactoring has been done to make part of OpenSSH usable as a library SFTP transfers can now be resumed Lots of bug fixes, a few more new features - check the release notes for all the details This release disables some insecure ciphers by default, so keep that in mind if you connect with legacy clients that use Arcfour or CBC modes *** Feedback/Questions Andriy writes in (http://slexy.org/view/s218tT9C7v) Karl writes in (http://slexy.org/view/s2WY5R5e0l) Possnfiffer writes in (http://slexy.org/view/s20z8MPBVw) Brad writes in (http://slexy.org/view/s21h2Yx5al) Solomon writes in (http://slexy.org/view/s21xu9U0qt) ***
57: The Daemon's Apprentice
We're back from EuroBSDCon! This week we'll be talking with Steve Wills about mentoring new BSD developers. If you've ever considered becoming a developer or helping out, it's actually really easy to get involved. We've also got all the BSD news for the week and answers to your emails, on BSD Now - the place to B.. SD. This episode was brought to you by Headlines NetBSD at Hiroshima Open Source Conference (http://mail-index.netbsd.org/netbsd-advocacy/2014/09/26/msg000669.html) NetBSD developers are hard at work, putting NetBSD on everything they can find At a technology conference in Hiroshima, some developers brought their exotic machines to put on display As usual, there are lots of pictures and a nice report from the conference *** FreeBSD's Linux emulation overhaul (https://svnweb.freebsd.org/ports?limit_changes=0&view=revision&revision=368845) For a long time, FreeBSD's emulation layer has been based on an ancient Fedora 10 system If you've ever needed to install Adobe Flash on BSD, you'll be stuck with all this extra junk With some recent work, that's been replaced with a recent CentOS release This opens up the door for newer versions of Skype to run on FreeBSD, and maybe even Steam someday *** pfSense 2.2-BETA (https://blog.pfsense.org/?p=1449) Big changes are coming in pfSense land, with their upcoming 2.2 release We talked to the developer (http://www.bsdnow.tv/episodes/2014_02_19-a_sixth_pfsense) a while back about future plans, and now they're finally out there The 2.2 branch will be based on FreeBSD 10-STABLE (instead of 8.3) and include lots of performance fixes It also includes some security updates, lots of package changes and updates and much more You can check the full list of changes (https://doc.pfsense.org/index.php/2.2_New_Features_and_Changes) on their wiki *** NetBSD on the Raspberry Pi (http://www.cambus.net/netbsd-on-the-raspberry-pi/) This article shows how you can install NetBSD on the ever-so-popular Raspberry Pi As of right now, you'll need to use a -CURRENT snapshot to do it It also shows how to grow the filesystem to fill up an SD card, some pkgsrc basics and how to get some initial things set up Can anyone find something that you can't install NetBSD on? *** Interview - Steve Wills - swills@freebsd.org (mailto:swills@freebsd.org) / @swills (https://twitter.com/swills) Mentoring new BSD developers News Roundup MidnightBSD 0.5 released (http://www.midnightbsd.org/notes/) We don't hear a whole lot about MidnightBSD, but they've just released version 0.5 It's got a round of the latest FreeBSD security patches, driver updates and various small things Maybe one of their developers could come on the show sometime and tell us more about the project *** BSD Router Project 1.52 released (http://sourceforge.net/projects/bsdrp/files/BSD_Router_Project/1.52/) The newest update for the BSD Router Project is out This version is based on a snapshot of 10-STABLE that's very close to 10.1-RELEASE It's mostly a bugfix release, but includes some small changes and package updates *** Configuring a DragonFly BSD desktop (http://www.dragonflydigest.com/2014/09/19/14751.html) We've done tutorials on how to set up a FreeBSD or OpenBSD desktop, but maybe you're more interested in DragonFly In this post from Justin Sherrill, you'll learn some of the steps to do just that He pulled out an old desktop machine, gave it a try and seems to be pleased with the results It includes a few Xorg tips, and there are some comments about the possibility of making a GUI DragonFly installer *** Building a mini-ITX pfSense box (http://pakitong.blogspot.com/2014/09/jetway-j7f2-four-lan-mini-itx-for.html) Another week, another pfSense firewall build post This time, the author is installing to a Jetway J7F2, a mini-ITX device with four LAN ports He used to be a m0n0wall guy, but wanted to give the more modern pfSense a try Lots of great pictures of the hardware, which we always love *** Feedback/Questions Damian writes in (http://slexy.org/view/s2184TfOKD) Jan writes in (http://slexy.org/view/s20uAdTwLv) Dale writes in (http://slexy.org/view/s20es52IgZ) Joe writes in (http://slexy.org/view/s2mjulpac6) Bostjan writes in (http://slexy.org/view/s2BvNC8cgi) ***
56: Beastly Infrastructure
This week we're on the other side of the Atlantic, attending EuroBSDCon. For now, we've got an awesome interview with Peter Wemm about the FreeBSD web cluster and infrastructure. It's an inside look that you probably won't hear about anywhere else! We'll also get to a couple of your emails today, and be back next week with all the usual goodies, on BSD Now - the place to B.. SD. This episode was brought to you by Interview - Peter Wemm - peter@freebsd.org (mailto:peter@freebsd.org) / @karinjiri (https://twitter.com/karinjiri) The FreeBSD web cluster and infrastructure Feedback/Questions Todd writes in (http://slexy.org/view/s2LRZu3hlI) Brandon writes in (http://slexy.org/view/s21JeoW1rn) ***
55: The Promised WLAN
Coming up this week, we'll be talking with Adrian Chadd about all things wireless, his experience with FreeBSD on various laptop hardware and a whole lot more. As usual, we've got the latest news and answers to all your emails, on BSD Now - the place to B.. SD. This episode was brought to you by Headlines FreeBSD 10.1-BETA1 is out (http://ftp.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/10.1/) The first maintenance update in the 10.x series of FreeBSD is on its way Since we can't see a changelog yet, the 10-STABLE release notes (https://www.freebsd.org/relnotes/10-STABLE/relnotes/article.html) offer a glimpse at some of the new features and fixes that will be included in 10.1 The vt driver was merged from -CURRENT, lots of drivers were updated, lots of bugs were fixed and bhyve also got many improvements from 11 Initial UEFI support, multithreaded softupdates for UFS and many more things were added You can check the release schedule (https://www.freebsd.org/releases/10.1R/schedule.html) for the planned release dates Details for the various forms of release media can be found in the announcement (https://lists.freebsd.org/pipermail/freebsd-stable/2014-September/080106.html) *** Remote headless OpenBSD installation (https://jcs.org/notaweblog/2014/09/12/remotely_installing_openbsd_on_a/) A lot of server providers only offer a limited number of operating systems to be easily installed on their boxes Sometimes you'll get lucky and they'll offer FreeBSD, but it's much harder to find ones that natively support other BSDs This article shows how you can use a Linux-based rescue system, a RAM disk and QEMU to install OpenBSD on the bare metal of a server, headlessly and remotely It required a few specific steps you'll want to take note of, but is extremely useful for those pesky hosting providers *** Building a firewall appliance with pfSense (http://www.get-virtual.net/2014/09/16/build-firewall-appliance/) In this article, we learn how to easily set up a gateway and wireless access point with pfSense on a Netgate ALIX2C3 APU (http://pcengines.ch/alix2c3.htm) After the author's modem died, he decided to look into a more do-it-yourself option with pf and a tiny router board The hardware he used has gigabit ports and a BSD-compatible wireless card, as well as enough CPU power for a modest workload and a few services (OpenVPN, etc.) There's a lot of great pictures of the hardware and detailed screenshots, definitely worth a look *** Receive Side Scaling - UDP testing (http://adrianchadd.blogspot.com/2014/09/receive-side-scaling-testing-udp.html) Adrian Chadd has been working on RSS (Receive Side Scaling) in FreeBSD, and gives an update on the progress He's using some quad core boxes with 10 gigabit ethernet for the tests The post gives lots of stats and results from his network benchmark, as well as some interesting workarounds he had to do He also provides some system configuration options, sysctl knobs, etc. (if you want to try it out) And speaking of Adrian Chadd... *** Interview - Adrian Chadd - adrian@freebsd.org (mailto:adrian@freebsd.org) / @erikarn (https://twitter.com/erikarn) BSD on laptops, wifi, drivers, various topics News Roundup Sendmail removed from OpenBSD (http://undeadly.org/cgi?action=article&sid=20140916084251) Mail server admins around the world are rejoicing (https://news.ycombinator.com/item?id=8324475), because sendmail is finally gone (http://marc.info/?l=openbsd-cvs&m=141081997917153&w=2) from OpenBSD With OpenSMTPD being a part of the base system, sendmail became largely redundant and unneeded If you've ever compared a "sendmail.cf" file to an "smtpd.conf" file... the different is as clear as night and day 5.6 will serve as a transitional release, including both sendmail and OpenSMTPD, but 5.7 will be the first release without it If you still need it for some reason, sendmail will live in ports from now on Hopefully FreeBSD will follow suit sometime in the future as well, possibly including DragonFly's mail transfer agent in base (instead of an entire mail server) *** pfSense backups with pfmb (https://github.com/zinkwazi/pfmb) We've mentioned the need for a tool to back up pfSense configs a number of times on the show This script, hosted on github, does pretty much exactly that It can connect to one (or more!) pfSense installations and back up the configuration You can roll back or replace failed hardware very easily with its restore function Everything is done over SSH, so it should be pretty secure *** The Design and Implementation of the FreeBSD Operating System (http://www.amazon.com/dp/0321968972/) We mentioned when the pre orders were up, but now "The Design and Implementation of the FreeBSD Operating System, 2nd edition" seems to be shipping out If you're interested in FreeBSD development, or learning about the operating system internals, this is a great book to buy We've even had all (http://www.bsdnow.tv/episodes/2013-10-02_stacks_of_cache) three (http://www.bsdnow.tv/episodes/2014_01_29-journaled_news_updates) authors (http://www.bsdnow.tv/episodes/2014_08_13-vpn_my_dear_watson) on the show before! *** OpenBSD's systemd replacement updates (http://undeadly.org/cgi?action=article&sid=20140915064856) We mentioned last week that the news of OpenBSD creating systemd wrappers was getting mainstream attention One of the developers writes in to Undeadly, detailing what's going on and what the overall status is He also clears up any confusion about "porting systemd to BSD" (that's not what's going on) or his code ever ending up in base (it won't) The top comment as of right now is a Linux user asking if his systemd wrappers can be ported back to Linux... poor guy *** Feedback/Questions Brad writes in (http://slexy.org/view/s20jrx0nIf) Ben writes in (http://slexy.org/view/s21hFUJ2ju) Mathieu writes in (http://slexy.org/view/s21RgSzOv4) Steve writes in (http://slexy.org/view/s2P1mzalPh) ***
54: Luminary Environment
This week on the show, it's all about Lumina. We'll be giving you a visual walkthrough of the new BSD-exclusive desktop environment, as well as chatting with the main developer. There's also answers to your emails and all the latest news, on BSD Now - the place to B.. SD. This episode was brought to you by Headlines Portscout ported to OpenBSD (http://blog.jasper.la/portscout-for-openbsd/) Portscout is a popular utility used in the FreeBSD ports infrastructure It lets port maintainers know when there's a new version of the upstream software available by automatically checking the distfile mirror Now OpenBSD porters can enjoy the same convenience, as it's been ported over You can view the status online (http://portscout.jasper.la/) to see how it works and who maintains what (http://portscout.jasper.la/index-total.html) The developer who ported it is working to get all the current features working on OpenBSD, and added a few new features as well He decided to fork and rename it (https://jasperla.github.io/portroach/) a few days later *** Sysadmins and systemd refugees flocking to BSD (https://www.reddit.com/r/freebsd/comments/2fgb90/you_have_your_windows_in_my_linux_or_why_many/) With all the drama in Linux land about the rapid changes to their init system, a lot of people are looking at BSD alternatives This "you got your Windows in my Linux (http://www.infoworld.com/d/data-center/you-have-your-windows-in-my-linux-249483)" article (and accompanying comments) give a nice glimpse into the minds of some of those switchers Both server administrators and regular everyday users are switching away from Linux, as more and more distros give them no choice but to use systemd Fortunately, the BSD communities are usually very welcoming of switchers - it's pretty nice on this side! *** OpenBSD's versioning schemes (http://www.tedunangst.com/flak/post/OpenBSD-version-numbers) Ted Unangst explains the various versioning systems within OpenBSD, from the base to libraries to other included software In contrast to FreeBSD's release cycle, OpenBSD isn't as concerned with breaking backwards compatibility (but only if it's needed to make progress) This allows them to innovate and introduce new features a lot more easily, and get those features in a stable release that everyone uses He also details the difference between branches, their errata system and lack of "patch levels" for security Some other things in OpenBSD don't have version numbers at all, like tmux "Every release adds some new features, fixes some old bugs, probably adds a new bug or two, and, if I have anything to say about it, removes some old features." *** VAXstation 4000 Model 90 booting NetBSD (https://www.youtube.com/watch?v=zLsgFPaMPyg) We found a video of NetBSD booting on a 22 year old VAX workstation, circa 1992 This system has a monstrous 71 MHz CPU and 128MB of ECC RAM It continues in part two (https://www.youtube.com/watch?v=YKzDXKmn66U), where we learn that it would've cost around $25,000 when it was released! The uploader talks about his experiences getting NetBSD on it, what does and doesn't work, etc It's interesting to see that such old hardware isn't necessarily obsolete just because newer things have come out since then (but maybe don't try to build world on it...) *** Interview - Ken Moore - ken@pcbsd.org (mailto:ken@pcbsd.org) The Lumina desktop environment Special segment Lumina walkthrough News Roundup Suricata for IDS on pfSense (http://pfsensesetup.com/suricata-intrusion-detection-system-part-one) While most people are familiar with Snort as an intrusion detection system, Suricata is another choice This guide goes through the steps of installing and configuring it on a public-facing pfSense box Part two (http://pfsensesetup.com/suricata-intrusion-detection-system-part-two/) details some of the configuration steps One other cool thing about Suricata - it's compatible with Snort rules, so you can use the same updates There's also another recent post (http://www.allamericancomputerrepair.com/Blog/Post/29/Install-Snort-on-FreeBSD) about snort as well, if that's more your style If you run pfSense (or any BSD) as an edge router for a lot of users, this might be worth looking into *** OpenBSD's systemd API emulation project (http://bsd.slashdot.org/story/14/09/08/0250207/gsoc-project-works-to-emulate-systemd-for-openbsd) This story was pretty popular in the mainstream news this week For the Google Summer of Code, a student is writing emulation wrappers for some of systemd's functions (https://twitter.com/blakkheim/status/509092821773848577) There was consideration from some Linux users to port over the finished emulation back to Linux, so they wouldn't have to run the full systemd One particularly interesting Slashdot comment snippet (http://bsd.slashdot.org/comments.pl?sid=5663319&cid=47851361): "We are currently migrating a large number (much larger than planned after initial results) of systems from RHEL to BSD - a decision taken due to general unhappiness with RHEL6, but SystemD pushed us towards BSD rather than another Linux distro - and in some cases are seeing throughput gains of greater than 10% on what should be equivalent Linux and BSD server builds. The re-learning curve wasn't as steep as we expected, general system stability seems to be better too, and BSD's security reputation goes without saying." It will NOT be in the base system - only in ports, and only installed as a dependency for things like newer GNOME (http://blogs.gnome.org/ovitters/2014/09/07/systemd-in-gnome-3-14-and-beyond/) that require such APIs In the long run, BSD will still be safe from systemd's reign of terror, but will hopefully still be compatible with some third party packages like GNOME that insist on using it *** GhostBSD 4 previewed (http://www.linuxbsdos.com/2014/05/19/preview-of-ghostbsd-4-0/) The GhostBSD project is moving along, slowly getting closer to the 4 release This article shows some of the progress made, and includes lots of screenshots and interesting graphical frontends If you're not too familiar with GhostBSD, we interviewed the lead developer (http://www.bsdnow.tv/episodes/2014_03_12-ghost_of_partition) a little while back *** NetBSD on the Banana Pi (http://rizzoandself.blogspot.com/2014/09/netbsd-on-banana-pi.html) The Banana Pi is a tasty alternative to the Raspberry Pi, with similar hardware specs In this blog post, a NetBSD developer details his experiences in getting NetBSD to run on it After studying how the prebuilt Linux image booted, he made some notes and started hacking Ethernet, one of the few things not working, is being looked into and he's hoping to get it fully supported for the upcoming NetBSD 7.0 They're only about $65 as of the time we're recording this, so it might be a fun project to try *** Feedback/Questions Antonio writes in (http://slexy.org/view/s28iKdBEbm) Garegin writes in (http://slexy.org/view/s21Wfnv87h) Erno writes in (http://slexy.org/view/s2Fzryxhdz) Brandon writes in (http://slexy.org/view/s2ILcqdFfF) ***
53: It's HAMMER Time
It's our one year anniversary episode, and we'll be talking with Reyk Floeter about the new OpenBSD webserver - why it was created and where it's going. After that, we'll show you the ins and outs of DragonFly's HAMMER FS. Answers to viewer-submitted questions and the latest headlines, on a very special BSD Now - the place to B.. SD. This episode was brought to you by Headlines FreeBSD foundation's new IPSEC project (http://freebsdfoundation.blogspot.com/2014/08/freebsd-foundation-announces-ipsec.html) The FreeBSD foundation, along with Netgate, is sponsoring some new work on the IPSEC code With bandwidth in the 10-40 gigabit per second range, the IPSEC stack needs to be brought up to modern standards in terms of encryption and performance This new work will add AES-CTR and AES-GCM modes to FreeBSD's implementation, borrowing some code from OpenBSD The updated stack will also support AES-NI for hardware-based encryption speed ups It's expected to be completed by the end of September, and will also be in pfSense 2.2 *** NetBSD at Shimane Open Source Conference 2014 (http://mail-index.netbsd.org/netbsd-advocacy/2014/08/31/msg000667.html) The Japanese NetBSD users group held a NetBSD booth at the Open Source Conference 2014 in Shimane on August 23 One of the developers has gathered a bunch of pictures from the event and wrote a fairly lengthy summary They had NetBSD running on all sorts of devices, from Raspberry Pis to Sun Java Stations Some visitors said that NetBSD had the most chaotic booth at the conference *** pfSense 2.1.5 released (https://blog.pfsense.org/?p=1401) A new version of the pfSense 2.1 branch is out Mostly a security-focused release, including three web UI fixes and the most recent OpenSSL fix (which FreeBSD has still not patched (https://lists.freebsd.org/pipermail/freebsd-security/2014-August/007875.html) in -RELEASE after nearly a month) It also includes many other bug fixes, check the blog post for the full list *** Systems, Science and FreeBSD (http://msrvideo.vo.msecnd.net/rmcvideos/227133/dl/227133.mp4) Our friend George Neville-Neil (http://www.bsdnow.tv/episodes/2014_01_29-journaled_news_updates) gave a presentation at Microsoft Research It's mainly about using FreeBSD as a platform for research, inside and outside of universities The talk describes the OS and its features, ports, developer community, documentation, who uses BSD and much more *** Interview - Reyk Floeter - reyk@openbsd.org (mailto:reyk@openbsd.org) / @reykfloeter (https://twitter.com/reykfloeter) OpenBSD's HTTP daemon Tutorial A crash course on HAMMER FS (http://www.bsdnow.tv/tutorials/hammer) News Roundup OpenBSD's rcctl tool usage (http://brynet.biz.tm/article-rcctl.html) OpenBSD recently got a new tool (http://undeadly.org/cgi?action=article&sid=20140820090351) for managing /etc/rc.conf.local in -current Similar to FreeBSD's "sysrc" tool, it eliminates the need to manually edit rc.conf.local to enable or disable services This blog post - from a BSD Now viewer - shows the typical usage of the new tool to alter the startup services It won't make it to 5.6, but will be in 5.7 (next May) *** pfSense mini-roundup (http://mateh.id.au/2014/08/stream-netflix-chromecast-using-pfsense/) We found five interesting pfSense articles throughout the week and wanted to quickly mention them The first item in our pfSense mini-roundup details how you can stream Netflix to in non-US countries using a "smart" DNS service The second post (http://theosquest.com/2014/08/28/ipv6-with-comcast-and-pfsense/) talks about setting ip IPv6, in particular if Comcast is your ISP The third one (http://news.softpedia.com/news/PfSense-2-1-5-Is-Free-and-Powerful-FreeBSD-based-Firewall-Operating-System-457097.shtml) features pfSense on Softpedia, a more mainstream tech site The fourth post (http://sichent.wordpress.com/2014/02/22/filtering-https-traffic-with-squid-on-pfsense-2-1/) describes how to filter HTTPS traffic with Squid and pfSense The last article (http://pfsensesetup.com/vpn-tunneling-with-tinc/) describes setting up a VPN using the "tinc (https://en.wikipedia.org/wiki/Tinc_%28protocol%29)" daemon and pfSense It seems to be lesser known, compared to things like OpenVPN or SSH tunnels, so it's interesting to read about This pfSense HQ website seems to have lots of other cool pfSense items, check it out *** OpenBSD's new buffer cache (http://www.tedunangst.com/flak/post/2Q-buffer-cache-algorithm) OpenBSD has traditionally used the tried-and-true LRU algorithm for buffer cache, but it has a few problems Ted Unangst (http://www.bsdnow.tv/episodes/2014_02_05-time_signatures) has just switched to a new algorithm in -current, partially based on 2Q, and details some of his work Initial tests show positive results in terms of cache responsiveness Check the post for all the fine details *** BSDTalk episode 244 (http://bsdtalk.blogspot.com/2014/08/bsdtalk244-lumina-desktop-environment.html) Another new BSDTalk is up and, this time around, Will Backman (http://www.bsdnow.tv/episodes/2014_03_05-bsd_now_vs_bsdtalk) interviews Ken Moore, the developer of the new BSD desktop environment They discuss the history of development, differences between it and other DEs, lots of topics If you're more of a visual person, fear not, because... We'll have Ken on next week, including a full "virtual walkthrough" of Lumina and its applications *** Feedback/Questions Ghislain writes in (http://slexy.org/view/s21G3KL6lv) Raynold writes in (http://slexy.org/view/s21USZdk2D) Van writes in (http://slexy.org/view/s2IWAfkDfX) Sean writes in (http://slexy.org/view/s2OBhezoDV) Stefan writes in (http://slexy.org/view/s22h9RhXUy) ***