Re: FreeBSD or OpenBSD for my (server/router) purposes? (Total n00b)
In what way? If you mean the hypervisor does not provide adequate separation between VMs then that is not really an issue as I control the host and all VMs. If any are compromised then I have bigger issues. -Matt â Matt Hamilton Quernus m...@quernus.co.uk +44 117 325 3025 64 Easton Business Centre Felix Road, Easton Bristol, BS5 0HE Quernus Ltd is a company registered in England and Wales. Registered number: 09076246 > On 27 Sep 2015, at 16:10, Stuart Henderson <s...@spacehopper.org> wrote: > >> On 2015-09-27, Quernus <m...@quernus.co.uk> wrote: >> >> I actually run OpenBSD in a VM on FreeBSD using bhyve which gives me the best >> of both worlds. > > This has an impact on security, of course.
Re: FreeBSD or OpenBSD for my (server/router) purposes? (Total n00b)
I've used both FreeBSD and OpenBSD for the best part of two decades. I'd say that OpenBSD is definitely the simpler of the two in terms of configuration. Much simpler and purer I'd say. Both will be capable for what you are looking for. Although I'd say OpenBSD is slightly lighter on resources and smaller footprint so better for embedded devices and the likes. The one thing OpenBSD misses in the file server role is a modern file system. That said for FreeBSD and ZFS you want at least 4GB of ram anyways. I actually run OpenBSD in a VM on FreeBSD using bhyve which gives me the best of both worlds. -Matt â Matt Hamilton Quernus m...@quernus.co.uk +44 117 325 3025 64 Easton Business Centre Felix Road, Easton Bristol, BS5 0HE Quernus Ltd is a company registered in England and Wales. Registered number: 09076246 > On 27 Sep 2015, at 11:27, Adam <m8r-hqr...@mailinator.com> wrote: > > Asking this on the OpenBSD list gives it a tone: > > I have no background in IT security and operating systems other than Windows (I hated it less than Ubuntu, actually). I have found in the archives that in general you can recommend OpenBSD to anyone without any background to start tinkering with. So, there might be no benefit of a learning curve of FreeBSD --> OpenBSD, as I, may have wrongly guessed? > > What I'd like is a secure wireless router and a file server (for my mobile devices in the first place, really). Many suggested the PC Engines APU board here. Check. Can it handle both roles, router and file server, or, is it a good idea to have one device for these 2 roles in the first place? It would encounter very modest load on both of its roles. > > I have no intention whatsoever to run any x86/amd64 desktop software on NIX in the post-PC world (in the desktop space, really). > > It would also be an interesting side-note on how do you see the future of (NIX on) desktop PCs (already a dead market as and old post here suggested), or embedded/ARM mobile devices and NIX, perhaps other than iOS/Android derivatives of the latter. > > But the main point of my question is, the server. Thank you.
Re: Cheap hardware for router, perhaps fileserver?
I faced a similar conundrum and in the end went for an HP Microserver G8. They have 4 sata bays, plus as card slot. They have USB3. ILO remote management. Very quiet and cheap. I pimped mine up a bit with more memory and a CPU supporting VT-d: https://www.quernus.co.uk/2015/08/26/upgrading-hp-microserver-g8-with-xeon/ I wanted ZFS for storage and OpenBSD due to easier IPSec configure and general networking and security awesomeness. So I went for hybrid approach and run OpenBSD under bhyve on FreeBSD: https://www.quernus.co.uk/2015/07/27/openbsd-as-freebsd-router/ This gave me the best of both worlds on a single physical box. -Matt â Matt Hamilton Quernus m...@quernus.co.uk +44 117 325 3025 49b Easton Business Centre Felix Road, Easton Bristol, BS5 0HE Quernus Ltd is a company registered in England and Wales. Registered number: 09076246 > On 20 Sep 2015, at 02:33, Predrag Punosevac <punoseva...@gmail.com> wrote: > > Router and file server are two very different things. I recently went > through similar process. Even though at work I use Atom servers > (naturally running OpenBSD amd64 port) for all our core network > infrastructure and services I entertain the idea of buying non amd64 > hardware. I looked at the state of armv7 port. I vetted all PR claims > about Ubiquiti ERLite-3 and ended up buying this > > http://www.mini-box.com/Intel-D2500CCE-Mini-ITX-Motherboard > > as a router for my home network. (Don't worry the board is available and > you can buy it from Amazon). > > File server is more interesting problem in my opinion. At work I use ZFS > as our main file system to store data and run dozen of FreeBSD file > servers. I also tested DragonFlyBSD and HAMMER1. I am three-way split > when it comes to a home file server. > > 1. I don't like diversity at home so OpenBSD would be the first choice. > 4TB HDD are cheap enough and I could mirror (RAID 1) all my personal > data on two of them. There are two options for mirroring. Either use > softraid or get a cheap used Areca hardware RAID card of e-bay. Those > cards according to man pages have excellent support on OpenBSD (they are > true open hardware). Use one of inexpensive Celeron based motherboards > (you can get them under $50). I would be curious what OpenBSD gurus have > to say about their experience with Areca on OpenBSD and building a > OpenBSD file server in general. > > > 2. Use the same hardware as above with DFBSD but take advantage of > HAMMER1. You could use just 2HDD. Set master PFS in one hard disk and a > slave PFS in the other disk. For more than 2 disks I would use Areca > hardware RAID cards. Note that HAMMER1 is network aware so it is > tempting to set up slave PFS on a remote machine. > > > 3. Just use ZFS/FreeBSD as I am doing at work. End up paying big bucks > for Celeron or Atom motherboard which supports ECC RAM and at least 8 > perhaps 16 GB of it. You will not find those for $100 and the RAM ain't > going to be cheap either. You might want to consider HBA like LSI SAS > 9211-8i (those themself cost on e-bay around $100). This is by far the > most expensive solution. Having a "proper" remote backup using ZFS > replication would involve seting up two such server. > > > Predrag
