Network Iodometry | BSD Now 46

Network Iodometry | BSD Now 46

We’re back and this week we’ll be showing you how to tunnel out of a restrictive network using only DNS queries.

We also sat down with Bryan Drewery, from the FreeBSD portmgr team, to talk all about their building cluster and some recent changes.

All the latest news and answers to your emails, on BSD Now – the place to B.. SD.

Thanks to:



Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

Become a supporter on Patreon:


– Show Notes: –


EuroBSDCon 2014 registration open

  • September is getting closer, and that means it’s time for EuroBSDCon – held in Bulgaria this year
  • Registration is finally open to the public, with prices for businesses ($287), individuals ($217) and students ($82) for the main conference until August 18th
  • Tutorials, sessions, dev summits and everything else all have their own pricing as well
  • Registering between August 18th – September 12th will cost more for everything
  • You can register online here and check hotels in the area
  • The FreeBSD foundation is also accepting applications for travel grants

OpenBSD SMP PF update

  • A couple weeks ago we talked about how DragonflyBSD updated their PF to be multithreaded
  • With them joining the SMP ranks along with FreeBSD, a lot of users have been asking about when OpenBSD is going to make the jump
  • In a recent mailing list thread, Henning Brauer addresses some of the concerns
  • The short version is that too many things in OpenBSD are currently single-threaded for it to matter – just reworking PF by itself would be useless
  • He also says PF on OpenBSD is over four times faster than FreeBSD’s old version, presumably due to those extra years of development it’s gone through
  • There’s also been even more recent concern about the uncertain future of FreeBSD’s PF, being mostly unmaintained since their SMP patches
  • We reached out to four developers (over week ago) about coming on the show to talk about OpenBSD network performance and SMP, but they all ignored us

Introduction to NetBSD pkgsrc

  • An article from one of our listeners about how to create a new pkgsrc port or fix one that you need
  • The post starts off with how to get the pkgsrc tree, shows how to get the developer tools and finally goes through the Makefile format
  • It also lists all the different bmake targets and their functions in relation to the porting process
  • Finally, the post details the whole process of creating a new port


  • After three RCs, FreeBSD 9.3 was scheduled to be finalized and announced today but actually came out yesterday
  • The full list of changes is available, but it’s mostly a smaller maintenance release
  • Lots of driver updates, ZFS issues fixed, hardware RNGs are entirely disabled by default, netmap framework updates, read-only ext4 support was added, the vt driver was merged from -CURRENT, new hardware support (including radeon KMS), various userland tools got new features, OpenSSL and OpenSSH were updated… and much more
  • If you haven’t jumped to the 10.x branch yet (and there are a lot of people who haven’t!) this is a worthwhile upgrade – 9.2-RELEASE will reach EOL soon
  • Good news, this will be the first release with PGP-signed checksums on the FTP mirrors – a very welcome change
  • 9.2’s EOL was extended until December of this year
  • With that out of the way, the 10.1-RELEASE schedule was posted

Interview – Bryan Drewery – / @bdrewery

The FreeBSD package building cluster, pkgng, ports, various topics


Tunneling traffic through DNS

News Roundup

SSH two-factor authentication on FreeBSD

  • We’ve previously mentioned stories on how to do two-factor authentication with a Yubikey or via a third party website
  • This blog post tells you how to do exactly that, but with your Google account and the pam_google_authenticator port
  • Using this setup, every user that logs in with a password will have an extra requirement before they can gain access – but users with public keys can login normally
  • It’s a really, really simple process once you have the port installed – full details on the page

Ditch tape backup in favor of FreeNAS

  • The author of this post shares some of his horrible experiences with tape backups for a client
  • Having constant, daily errors and failed backups, he needed to find another solution
  • With 1TB of backups, tapes just weren’t a good option anymore – so he switched to FreeNAS (after also ruling out a pre-built NAS)
  • The rest of the article details his experiences with it and tells about his setup

NetBSD vs FreeBSD, desktop experiences

  • A NetBSD and pkgsrc developer details his experiences running NetBSD on a workstation at his job
  • Becoming more and more disappointed with graphics performance, he finally decides to give FreeBSD 10 a try – especially since it has a native nVidia driver
  • “Running on VAX, PlayStation 2 and Amiga is fun, but I’ll tell you a little secret: nobody cares anymore about VAX, PlayStation 2 and Amiga.”
  • He’s become pretty satisfied with FreeBSD, a modern choice for a 2014 desktop system

PCBSD not-so-weekly digest

  • Speaking of choices for a desktop system, it’s the return of the PCBSD digest!
  • Warden and PBI_add have gotten some interesting new features
  • You can now create jails “on the fly” when adding a new PBI to your application library
  • Bulk jail creation is also possible now, and it’s really easy
  • New Jenkins integration, with public access to Poudriere logs as well (
  • PkgNG 1.3.0.rc2 testing for EDGE users


  • All the tutorials are posted in their entirety at
  • Send questions, comments, show ideas/topics, or stories you want mentioned on the show to
  • We love hearing from listeners – tell us what you think of the show or what you’d like to see!
  • If you want to come on for an interview or have a tutorial you’d like to see, let us know
  • Congrats to the new FreeBSD core team members
  • The first (and second.. and third..) portable release of LibreSSL is available on the OpenBSD FTP sites, with a brief announcement email
  • Test it on your platform of choice, including building ports against it, and report your findings to either the LibreSSL team or the port maintainers so we can increase compatibility
  • Watch live Wednesdays at 2:00PM Eastern (18:00 UTC)

Question? Comments? Contact us here!