BGP & BSD | BSD Now 1

BGP & BSD | BSD Now 1

We kick off the first episode with the latest BSD news, show you how to avoid intrusion detection systems and talk to Peter Hessler about BGP spam blacklists!

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

Radeon KMS commited

  • Committed by Jean-Sebastien Pedron
  • Brings kernel mode setting to -CURRENT, will be in 10.0-RELEASE (ETA 12/2013)
  • 10-STABLE is expected to be branched in October, to begin the process of stabilizing development
  • Initial testing shows it works well
  • May be merged to 9.X, but due to changes to the VM subsystem this will require a lot of work, and is currently not a priority for the Radeon KMS developer
  • Still suffers from the syscons / KMS switcher issues, same as Intel video
  • More info: https://wiki.freebsd.org/AMD_GPU

VeriSign Embraces FreeBSD

  • \”BSD is quite literally at the very core foundation of what makes the Internet work\”
  • Using BSD and Linux together provides reliability and diversity
  • Verisign gives back to the community, runs vBSDCon
  • \”You get comfortable with something because it works well for your particular purposes and can find a good community that you can interact with. That all rang true for us with FreeBSD.\”

fetch/libfetch get a makeover

  • Adds support for SSL certificate verification
  • Requires root ca bundle (security/root_ca_nss)
  • Still missing TLS SNI support (Server Name Indication, allows name based virtual hosts over SSL)

FreeBSD Foundation Semi-Annual Newsletter

  • The FreeBSD Foundation took the 20th anniversary of FreeBSD as an opportunity to look at where the project is, and where it might want to go
  • The foundation sets out some basic goals that the project should strive towards:
    • Unify User Experience
      • “ensure that knowledge gained mastering one task translates to the next”
      • “if we do pay attention to consistency, not only will FreeBSD be easier to use, it will be easier to learn”
    • Design for Human and Programmatic Use
      • 200 machines used to be considered a large deployment, with high density servers, blades, virtualization and the cloud, that is not so anymore
      • “the tools we provide for status reporting, configuration, and control of FreeBSD just do not scale or fail to provide the desired user experience”
      • “The FreeBSD of tomorrow needs to give programmability and human interaction equal weighting as requirements”
    • Embrace New Ways to Document FreeBSD
      • More ‘Getting Started’ sections in documentation
      • Link to external How-Tos and other documentation
      • “upgrade the cross-referencing and search tools built into FreeBSD, so FreeBSD, not an Internet search engine, is the best place to learn about FreeBSD”
  • Spring Fundraising Campaign, April 17 – May 31, raised a total of $219,806 from 12 organizations and 365 individual donors. In the same period last year we raised a total of $23,422 from 2 organizations and 53 individuals
  • Funds donated to the FreeBSD Foundation have been used on these projects recently:
  • Capsicum security-component framework
  • Transparent superpages support of the FreeBSD/ARM architecture
  • Expanded and faster IPv6
  • Native in-kernel iSCSI stack
  • Five New TCP Congestion Control Algorithms
  • Direct mapped I/O to avoid extra memory copies
  • Unified Extensible Firmware Interface (UEFI) boot environment
  • Porting FreeBSD to the Genesi Efika MX SmartBook laptop (ARM-based)
  • NAND Flash filesystem and storage stack
  • Funds were also used to sponsor a number of BSD focused conferences: BSDCan, EuroBSDCon, AsiaBSDCon, BSDDay, NYCBSDCon, vBSDCon, plus Vendor summits and Developer summits
  • It is important that the foundation receive donations from individuals, to maintain their tax exempt status in the USA. Even a donation of $5 helps make it clear that the FreeBSD Foundation is backed by a large community, not only a few vendors
  • Donate Today

The place to B…SD

Ohio Linuxfest, Sept. 13-15, 2013

  • Very BSD friendly
  • Kirk McKusick giving the keynote
  • BSD Certification on the 15th, all other stuff on the 14th
  • Multiple BSD talks

LinuxCon, Sept. 16-18, 2013

  • Dru Lavigne and Kris Moore will be manning a FreeBSD booth
  • Number of talks of interest to BSD users, including ZFS coop

EuroBSDCon, Sept. 26-29, 2013

  • Tutorials on the 26 & 27th (plus private FreeBSD DevSummit)
  • 43 talks spread over 3 tracks on the 28 & 29th
  • Keynote by Theo de Raadt
  • Hosted in the picturesque St. Julians Area, Malta (Hilton Conference Centre)

Interview – Peter Hessler – phessler@openbsd.org / @phessler

Using BGP to distribute spam blacklists and whitelists

  • Q: Tell us about yourself and your previous contributions to OpenBSD
  • Q: What is BGP spamd
  • Q: What made you start the project?
  • Q: Why use BGP? What are the pros/cons versus the standard DNS distribution model?
  • Q: (How) can others make use of the project?
  • Q: How can other contribute to the project?
  • Q: What else are you working on?

Tutorial

Using stunnel to hide your traffic from Deep Packet Inspection

  • Live demo between two hosts
  • Tunnel any insecure traffic over SSL/TLS
  • Allows you to bypass Intrusion Detection Systems

News Roundup

NetBSD 6.1.1 released

  • First security/bug fix update of the NetBSD 6.1 release branch
  • Fixes 4 security vulnerabilities
  • Adds 4 new sysctls to avoid IPv6 DoS attacks
  • Misc. other updates

Sudo Mastery

  • MWL is a well-known author of many BSD books
  • Also does SSH, networking, DNSSEC, etc.
  • Next book is about sudo, which comes from OpenBSD (did you know that?)
  • Available for preorder now at a discounted price

Documentation Infrastructure Enhancements

  • Gábor Kövesdán has completed a funded project to improve the infrastructure behind the documentation project
  • Will upgrade documentation from DocBook 4.2 to DocBook 4.5 and at the same time migrate to proper XML tools.
  • DSSSL is an old and dead standard, which will not evolve any more.
  • DocBook 5.0 tree added

FreeBSD FIBs get new features

  • FIBs (as discussed earlier in the interview) are Forward Information Bases (technical term for a routing table)
  • The FreeBSD kernel can be compiled to allow you to maintain multiple FIBs, creating separate routing tables for different processes or jails
  • In r254943 ps(1) is extended to support a new column ‘fib’, to display which routing table a process is using

FreeNAS 9.1.0 and 9.1.1 released

  • Many improvements in nearly all areas, big upgrade
  • Based on FreeBSD 9-STABLE, lots of new ZFS features
  • Cherry picked some features from 10-CURRENT
  • New volume manager and easy to use plugin management system
  • 9.1.1 released shortly thereafter to fix a few UI and plugin bugs

BSD licensed \”patch\” becomes default

  • bsdpatch has become mature, does what GNU patch can do, but has a much better license
  • Approved by portmgr@ for use in ports
  • Added WITH_GNU_PATCH build option for people who still need it

  • All the tutorials are posted in their entirety at bsdnow.tv
  • Send questions, comments, show ideas/topics, etc to feedback@bsdnow.tv
  • Watch live Wednesdays at 2:00PM Eastern (18:00 UTC)

11 Responses to “BGP & BSD | BSD Now 1”

  1. arnie Says:

    Love BSD

  2. bsdfan Says:

    Please do a installing freeBSD from cd to desktop env tutorial for beginners
    great show !!

  3. Jim Says:

    Hi Allan & Kris,

    Wow that was an info packed show, thanks for doing it! I was particularly interested in the stunnel setup you showed. Thanks and please keep up the great work!

  4. garegin Says:

    a question. freebsd 9 was the first version to have zfs dedup, right? so when did dedup come to freenas? I googled but couldn’t find an answer.

  5. Ken Degel Says:

    Finally! https://t.co/988G2OvyB8 <3 <3

  6. dupstepallan Says:

    needs more dubstep 😀

  7. Thekid89 Says:

    I have been wanting this since the first month of techsnap!

  8. Linux-King Says:

    “Can it core a apple?”

  9. Don Thornton Jr. Says:

    …good first show but you guys need to stop whining about BSD not being the dominant OS on the Internet or otherwise.

    I started with BSD on Sun3/4 hardware back in 1988 long before Networking Release 1/2 and the BSDi lawsuit fiasco ensued.

    I had all the source code for the 4.xBSD based SunOS 3.x/4.x and several critical applications including IBM/R and Ingres but I failed to realize how unique my situation was.

    I learned a lot from perusing that source code and used that knowledge to propel my systems and software engineering career.

    Much of the BSD source code hit the Internet about the same time Linus released his 0.01 kernel and we hurriedly downloaded and distributed it as fast as possible.

    For the next few years, while Linux continued to develop and improve, the BSD code was mired in legal troubles and failed to capture the enthusiasm of the open source community like Linux did.

    Following the settlement of the lawsuit, the 4.4BSD release became relevant to the world of commercial Unix development but while the BSD crowd focused on the quality of its product, hackers in the open source Linux community focused on the quantity of choices in software hence the large number of different distributions and the abundance of windows managers, shells, editors, databases, media players, etc…

    BSD is a real Unix while Linux pretends to be a real Unix but the main reason that Linux is kicking BSD’s ass is that Linux is the perfect petri dish for innovative ideas in system and software engineering (a.k.a. hacking).

  10. Tonk Says:

    Fantastic production quality!

  11. Tim Says:

    Great first show. Just wanted to point out that during the Peter Hessler interview Kriss Moore’s name still showed up under the video frame. Also you might want to think about having Chris do the intro, might sound better since chris tends to sound a little more upbeat than Allan’s monotone voice, that’s a college professor for you :) In my option this should be an audio only show, unless you show the live chat window. Other than that I am really looking forward to more shows and I’m sure by the third show you will have everything worked out and BSDNOW will become like all of the other jupiter broadcasting shows, great quality content! Keep up the good work.

Leave a Reply