squiggleslash

May 14, '08 7:08 AM
for everyone

So crossposting to Slashdot worked - the issue turns out to be OpenBSD not honouring the "wscale" field of the TCP set up handshake packets. This can't, of course, possibly be true because there are no bugs in OpenBSD. Ha. This was fixed in the release of OpenBSD after the version I'm running, but it's a kernel thing (pf) so I can't just download a more recent PPP or something and expect it to work. And upgrading my little Sun workstations is a PITA. So "What had changed in TCP/IP" was that suddenly everyone started using large window sizes, sizes large enough to require wscale be involved.

Well, I haven't much liked Theo since he turned into a hypocritical slimeball liar during the various discussions of unlicensed code appearing in Linux and OpenBSD from each other's respective operating systems, and haven't much liked the OpenBSD community either as they slavishly followed the party line, so I must admit to appreciating an excuse to upgrade and select something other than that operating system.

So... this morning I ordered a new server (or rather lots of parts for a MicroATX system) which will, in time, replace both of my existing OpenBSD servers. I'm thinking of putting Xen on it, and having two VMs, a central server for all the central server stuff, and the NAT firewall/gateway thing. That's more or less the environment I have now, except this will be one box, and it will not be reliant upon SCSI2 hard drives which are close to impossible to find these days and aren't exactly high capacity.

Xen... I have no experience of Xen. I'm not even certain it'll do what I need it to do. I guess I have a lot of reading up to do on this.

And what operating system? I'd appreciate having something I can set up automatic security updates for, but then again they all seem to have that. Ubuntu and Fedora seem the most obvious candidates. I'm running Ubuntu everywhere else after all. I don't know how well Ubuntu runs headless but I doubt it has any serious issues.

It all seems a lot of work, but it'll be an interesting project to do.

Tags: networking

Prev: Last night's House
Next: Xen and the art of firewall maintenance

reply share

2 CommentsChronological Reverse Threaded

nizo505 wrote on May 14

Ubuntu server (differs from the unbuntu workstation version) kicks ass; I use it for my home wiki server. With apache going it has 50 processes running; it doesn't install a pile of crap, but everything is an apt-get away. No gui by default. Recent ssl fiasco aside, it would be the distro I would pick.

Any reason you are avoiding vmware? Client and basic server portions are free, and work fine under ubuntu.

squiggleslash wrote on May 14

I'll have to look into that. I'd prefer something Debiany, and the Ubuntu people are making it easy to upgrade things without destroying anything in the process.

VMWare... not really thought about it. Xen is free and open so it's an obvious choice, together with UML - though the latter requires everything be Linux-based and I'd like to keep my options open even if everything is going to be Linux-based to start with. I guess the advantage of VMWare is that it's (I believe) easy to set up.

The other option is a PowerPC or SPARC type emulator. My problem with those are that they tend to have enough overhead to cause serious heating of the CPU, but the major advantage is that not having an ix86 CPU has been part of my network's guard against generic viruses. No, it doesn't deter a determined attacker, but there's no reason why anyone would want to attack squiggleslash's network so much as send something out to masses of boxes to see what sticks. And people doing the latter really don't see it worth the effort of including non-ix86 CPUs.

I'll be doing a lot of playing with the configuration before switching over to the new box. Should be fun...

audio reply video reply

Add a Comment

squiggleslash

Do you know Squiggle?

Who is on Multiply?

Want to learn more?

Already a Member?

squiggleslash