[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Etch installation media doesn't boot (neither NETINST CD, nor floppies), but other distros do... :-(




On 16 Feb 2008, at 19:26, Douglas A. Tutty wrote:

On Sat, Feb 16, 2008 at 06:29:30PM -0900, Siraaj Khandkar wrote:
On 16 Feb 2008, at 05:10, Douglas A. Tutty wrote:

This stopped working when the box couldn't upgrade from Sarge to Etch
because libc6 kept killing itself.  I did the drive shell-game from
another computer to get Etch on it only to find out that etch was
way to
slow to be useful.  So now on the old box I use OpenBSD and it is
quite
zippy again.

I hope I won't have to resort to that, as I love apt too much :-)

I'm want to use this box as a gateway, and I'm somewhat split between
Debian and pfSense ( http://www.pfsense.com/ ), but leanning heavily
towards Debian, again, because of apt.

If it is only as a firewall then everything you need is in OpenBSD base with no extra packages required. Their most secure, most up-to- date is
always -current and there are automatic snapshots of it.  So, if you
keep /home on its own partition and copy your configs from /etc/ there,
if a security fix comes out (rarely for base) instead of compiling the
fix, you just download a new snapshot and install it.  Its different
than apt but doesn't take any more time and, as will debian, if the
kernel changes the only downtime is a reboot.

I don't know pfsense but my guess would be that it uses OpenBSD's pf
(packet filter).  However, check to see what code auditing is done by
pfsense.  Packets have to traverse the kernel.  Think how many kernel
updates Debian has had in, say, the last six months.  How many has
pfsense? How many patches for OpenBSD -stable (6-month release cycle)?


http://www.pfsense.com/

Your guess is correct. It is based on m0n0wall, which is a very interesting system - it is based on completely striped-down FreeBSD 4, stores all the system configs in a single XML file, and uses PHP for bootup scripts... I've been using it in production for about 6 months now, and it is quite robust and stable. Now, pfSense takes m0n0wall as a base, but uses FreeBSD 6 kernel, and OpenBSD's pf, AND implements package management on top of that, and this package management feature is the main thing that attracts me to it, as I want to use this box as an all-in-one experimental gateway - router, firewall, DNS (caching, and local authoritative), DHCP, http caching, traffic shaping. Being that I plan to add/remove experimental packages somewhat often, I heavily favor binary packages, Debian being the best at that, AND also considering that I expect this box to do a lot of things at once - performance benchmarks from Scalable Networking raise a concern or two.

http://bulk.fefe.de/scalable-networking.pdf


If your box also has a card reader, there's the neat trick of putting
the OS on a CF card (with some ram fs overlays). Upgrading is making a
new cf card, power off, swap cards, power on, done.  There are scripts
available to automate all but the manual swaping of cards. Actually, if the box has two CF card slots, there are scripts to allow downloading an
updated image to the inactive CF card, reboot to the new card, run
self-diagnostics to ensure that the box is doing everything it should,
with an automatic reboot to the old card if something is wrong.  There
are some very creative people over there.

No, unfortunately no CF cards on this box :-(



Good luck.

Doug.

Thanks :-)


--
Siraaj Khandkar


Ron Paul - Hope for America
http://www.ronpaul2008.com/
http://www.youtube.com/results?search_query=Ron+Paul&search=Search


Reply to: