Network Administration with FreeBSD 7 is the book that I have been working on for past year. And now it is published by Packt and is available for purchase from various bookstores.
This book is something that I have book looking for since I started with FreeBSD back in 1997. I needed a practical book with working examples of how to optimize your FreeBSD installation for various types of applications. And I never found that book, until I recently decided to write one.
"Network Administration with FreeBSD 7" is unique in several ways:
- I tried to cover the exciting new features and improvements introduced in FreeBSD 7
- It is full of tips and tricks on how to optimize your installation from optimizing disk I/O, network, virtual memory, etc.
- It covers IPv4 and IPv6 configuration as well and bridging and routing in FreeBSD
- It has working examples of different IPSec, GRE, PPP and GIF scenarios
- I tried to cover Jail virtualization in working real world examples
- Keeping your system up to date and customizing system for specific applications is thoroughly covered
I tried to stop telling stories in the book and give more real world examples instead, so reading this book would not make you smile ;-)
An article named Tunneling with FreeBSD (taken from book) is also available on PACKT website.
I accidentally noticed today that my recent WebKit nightly 31667 passes ACID3 test flawlessly.
Kudos to WebKit team for their great browser!
I came across this interesting article about upcoming FreeBSD 7 that outlines some of the most important changes in this release.
The upcoming release of FreeBSD 7 is a major milestone for all FreeBSD developers and users. It is the most amazing release I have ever had the chance to play with. There are plenty of new features and many improvements, especially in networking (which is my area of interest).
I have had this chance to play with MySQL 5.1 running on FreeBSD 7 on top of 8 cores of Xeon processor in 64-bit mode. My impression was that it was almost as fast as kris's benchmarks and totally kicked linux 2.6 in threading and SMP performance.
This is something I expected to see in FreeBSD 6. However FreeBSD seems to be catching up with linux again.
Colin Percival (The original author of freebsd-update and binary diff), spent a few hours to resurrect the dead Depenguinator from ashes.
Using Depenguinator 2.0, you can remotely upgrade a happily living Linux system to the latest version of FreeBSD. To me its extremely useful when upgrading a Linux box to FreeBSD in a hosting facility that does not offer any FreeBSD servers.
The project needs help from community to test and report issues back to the developer in order to improve the software. However it is worth giving a try on your Ubuntu box.
On a related note, I was thinking of porting this into the package repository of various Linux distributions. :-)
Yes, Finally I did it. I was quite unhappy with the old theme, and I was also not using the cutting edge features such as Tags, Widgets, etc.
So here you are: The new theme. I will definitely update it in a few days to make it look better.
Now that Mac OS X 10.5 (Leopard) is due to be released in 26 October, everyone is curious to see what is new in this version and upgrade as soon as its released.
Among the many new features, there has been a few of them that seemed interesting to me:
Create Instruments with DTrace
Monitor system activity from high-level application behavior down to the operating system kernel, all thanks to the power of DTrace and the instrument builder.
Sounds familiar? Yes, its the same DTrace you know from Solaris (also in FreeBSD). It would be very interesting for system developers to get the best out of OS X core system. Of course, there is an eye-candy interface for using DTrace called Xray.
Self-Tuning TCP
Let Leopard adjust TCP buffer size automatically. Get optimum application performance, especially in high-bandwidth/high-latency environments.
Using a BSD kernel, OS X already enjoys a fine-grained TCP/IP protocol stack, which supports latest enhancements and extensions. This self-tuning feature will definitely improve the network throughput in many situations. However I hope this can be disabled since some expert users prefer to configure the low level TCP/IP parameters based on their experience.
Application-Based Firewall
Gain more control over the built-in firewall. Specify the behavior of specific applications to either allow or block incoming connections.
This one was really missing in previous releases and many people were relying on Little Snitch to achieve this feature. Of course I believe brilliant people in Apple were smart enough to make it so it does not annoy users like windows firewall does.
Sandboxing
Enjoy a higher level of protection. Sandboxing prevents hackers from hijacking applications to run their own code by making sure applications only do what they’re intended to do. It restricts an application’s file access, network access, and ability to launch other applications. Many Leopard applications — such as Bonjour, Quick Look, and the Spotlight indexer — are sandboxed so hackers can’t exploit them.
Something that I am sure has equivalent in Windows, almost like running an application in a chrooted environment. However it sounds more complicated. This will hopefully improve the security in application level and reduce application level exploits (buffer overflow,...) risks.
Multicore Optimized
Take full advantage of modern architectures with multiple processor cores with improved scheduling, memory management, and processor affinity algorithms.
OS X was obviously not optimized for multi-core systems (despite the fact that apple has been shipping multi-core systems for more than a year). This enhancement will definitely improve the core system performance by getting the most out of processor power.
Conclusion
After using OS X for more than a year now, its my favorite Desktop environment. I like the eye-candy user interface while enjoying enterprise grade FreeBSD system core. I cannot wait to upgrade to the latest release, but I am certain that it is worth to wait a few days more.
# uname -a
FreeBSD shaun.farrokhi.net 8.0-CURRENT FreeBSD 8.0-CURRENT #10: Sun Oct 14 11:33:16 IRST 2007 root@shaun.farrokhi.net:/usr/obj/usr/src/sys/SERVER i386
Viva FreeBSD!
If you haven't seen roundcube webmail yet, it's an eye-candy web based email client based on IMAP protocol. The project has not released version 1.0 yet after two years but being actively developed. If you are interested, there is also a trac website available for the project.
I used to create nightly snapshots from the cvs since 2005, however the project recently announced they are publishing nightly snapshots on their website (finally!).
Enough for an introduction to roundcube.
I have been the maintainer of this project in FreeBSD ports tree for more than a year now, and tried to keep the port up to date using the snapshots I make once in a while.
Using ports, you can easily install and update roundcube on a FreeBSD server.
If you are interested, there are a few tutorials on the net that can help you installing roundcube on your server and get the most out of it:
- Setup Roundcube on FreeBSD
- HOWTO: Install Roundcube Webmail from SVN (was CVS) on FreeBSD
- HOW TO: Setup RoundCube Webmail on Your Server
I have been lazy in updating the ports I maintain in ports tree recently. However a number of patches are ready to be tested and committed once I find sometime during next weekend.
From an engineering point of view, IPv6 is an excellent protocol. It is well suited for our today internet. But it is rarely used.
The story begins. Some people are rambling about hardware upgrade headaches, other about learning curve, and some people about application transition issues.
As a home user, it is highly unlikely that your service provider offers you native IPv6 connectivity. I tell you, it is highly unlikely that your service provider even have native IPv6 connectivity to its upstream, and in most cases, ISPs even do not have their own IPv6 allocation yet. So if you are that type of geek who wants to see how IPv6 works, you should get an IPv6 tunnel from tunnel brokers.
Forget about hardware upgrades and training courses for now. Let's see what an IPv6 connectivity will offer you. I am doing some basic DNS AAAA record lookups here. If you are not familiar with that, it means the DNS query for IPv6 address of a host, to see which web sites are offering you services over IPv6.
I start from major websites you will mostly use on a daily basis:
$ host -tAAAA www.google.com
www.google.com is an alias for www.l.google.com.
$ host -tAAAA www.l.google.com
www.l.google.com has no AAAA record
$ host -tAAAA www.yahoo.com
www.yahoo.com is an alias for www.yahoo-ht3.akadns.net.
$ host -tAAAA www.yahoo-ht3.akadns.net
www.yahoo-ht3.akadns.net has no AAAA record
$ host -tAAAA www.microsoft.com
www.microsoft.com is an alias for toggle.www.ms.akadns.net.
toggle.www.ms.akadns.net is an alias for g.www.ms.akadns.net.
g.www.ms.akadns.net is an alias for lb1.www.ms.akadns.net.
$ host -tAAAA lb1.www.ms.akadns.net
lb1.www.ms.akadns.net has no AAAA record
$ host -tAAAA www.amazon.com
www.amazon.com has no AAAA record
$ host -tAAAA www.paypal.com
www.paypal.com has no AAAA record
So far so good. None of major web sites support IPv6. What about people who sell you pricey IPv6 gear? Lets see:
$ host -tAAAA www.cisco.com
www.cisco.com has no AAAA record
$ host -tAAAA www.juniper.net
www.juniper.net has no AAAA record
Interesting. None of them support IPv6 too. And the people who encourage you to use IPv6:
$ host -tAAAA www.ietf.org
www.ietf.org has IPv6 address 2610:a0:c779:b::d1ad:35b4
$ host -tAAAA www.iana.org
www.iana.org has no AAAA record
$ host -tAAAA www.arin.net
www.arin.net has IPv6 address 2001:500:4:1::80
$ host -tAAAA www.runningipv6.net
www.runningipv6.net has IPv6 address 2001:1af8:2:5::2
$ host -tAAAA playground.sun.com
playground.sun.com has no AAAA record
$ host -tAAAA www.ipv6forum.com
www.ipv6forum.com has IPv6 address 2001:a18:1:20::22
$ host -tAAAA www.ipv6tf.org
www.ipv6tf.org has IPv6 address 2001:7f9:1000:1::103
The result is very interesting. Most services on internet are only available on IPv4. Most service hosting providers have no native IPv6 connectivity. And most ISPs do not offer native IPv6 connectivity to customers.
I am not sure if I am actually helping this transition, but I started using IPv6 at home. My excellent super efficient IPv6 is tunneled over the deficient and weakly designed IPv4. Without IPv4 my IPv6 will not even work. And I am still visiting google.com on IPv4.
This was a rant from an end-user's point of view. The IPv6 is far from the wide adoption. A hard 10 years is ahead of users and service providers, and 10 good years for network hardware vendors.
Ivan Voras has done a very good job by putting together a FreeBSD 7.0 based LiveCD.
The CD contains a very recent 7.0 installation + ZFS patches (usable!) and XFCE 4.2.
I spent half an hour to try the LiveCD and it worked fine for me on two different boxes.
I am sure Ivan is planning to bundle a firefox with the LiveCD, along with the graphical installer.
For a while, I have been switching browsers on Mac on a daily basis.
1- Safari is a very nice and polished browser, but has major problems with internationalized pages and crashes once in a while. Does not support plug-ins. Not my preferred browser at all. Excellent for simple searches and general web browsing. However, the development builds (Webkit nightly builds) shows there are numerous improvements I hope we see soon in next releases.
2- Firefox was my favorite browser in windows. But in OS X it is far from perfect. Its very slow, and is a different beast in comparison with other OS X softwares. It is excellent to have all those nice plug-ins I had on Windows, here on a Mac. Firefox in OS X is very slow and is no way like its windows version. Firefox is a software which is designed for Windows, not for Mac.
3- Camino is the little sister of Firefox, using the same engine with a Mac interface. It is something between Safari and Firefox. So far I had the best web browsing experience with this browser on Mac. However, It is almost as unstable as safari. And no plug-in support. But its very fast and feels much more like a OS X native software than Firefox.
4- Other browsers including Opera, Shiira, SeaMonkey, ... . I would suggest you do not waste time on these browsers (on Mac). They seem to lost their goal. People want to enjoy web browsing. I really don't want to switch from one browser to other on my daily browsing journey.
I have always been an ATI fan since nVidia did not exist. And so far it served well on my workstations. I don't even care that they are part of AMD now.
However, something that was annoying me for a while was ATI's driver which seems to not as good as nVidia's in *nix, especially for their newer and high-end cards. I am not sure why ATI does not care much about their non-windows drivers, but I am sure that they are loosing lots of faithful customers and a good market share for just the same reason.
