View previous topic :: View next topic |
OpenBSD or Gentoo |
OpenBSD |
|
36% |
[ 30 ] |
Gentoo |
|
62% |
[ 51 ] |
Other(please say what in your comment) |
|
1% |
[ 1 ] |
|
Total Votes : 82 |
|
Author |
Message |
MADcow l33t
Joined: 23 Jan 2003 Posts: 742 Location: RIT (Henrietta, New York, United States)
|
Posted: Mon Sep 01, 2003 1:36 am Post subject: Gentoo VS. OpenBSD? |
|
|
alright, no flame wars please, but i was wondering what your take on this was:
I need to set up a router and small web/mail/shell/FTP server. the ftp will almost NEVER be in use. the shells are only for trusted people, and the webiste is very small. the mail will be my personal account, and maybe 2 or 3 others, again very light use. it will only be serving NAT for ~10 computers. most of them are used lightly. some have slightly more intensive jobs on the net. the target machine is an AMD K6-2...
ok. now that you are all bored, the real question: OpenBSD or Gentoo? I already have gentoo on 3 of my computers, and i love it. i was wondering though, OpenBSD supposedly has some of the fastest networking code of any of the alternitaves. it also has a reputation for being incredibly secure. i have never actually administered a *BSD box, but i do have shells on a few, and have heard that the ports system is very good.
so here is what i'm interested in: is ports better than portage? (no flames, pleeeease)
is openbsd more secure than gentoo? (in my opinion, gentoo is very secure, because you can set a cron job to automatically update all the packages you have installed, thus removing a lot of potential volunerabilities...)
is openbsd FASTER for networking than gentoo is?
is there decent BSD software for setting up an internal DNS server (for computer names ie, mapping 'madbull' to 192.168.2.21, that way i dont have to use /etc/hosts on every computer, which will also enable windows computers to use the hostnames)?
do all of these considerations outway the experience of administrating a BSD box?
Thanks a LOT in advance, i know this is a lot to ask of anyone, but i really want to hear your opinions. |
|
Back to top |
|
|
antik Apprentice
Joined: 01 Oct 2002 Posts: 212
|
Posted: Mon Sep 01, 2003 7:55 am Post subject: Re: Gentoo VS. OpenBSD? |
|
|
MADcow wrote: | Thanks a LOT in advance, i know this is a lot to ask of anyone, but i really want to hear your opinions. |
*BSD just works! (tm) _________________ "Yes, I know Linux runs faster, but they can do that because they have thrown out the weight of the airbag, collision frame and safety belt." —Poul-Henning Kamp |
|
Back to top |
|
|
silverter Guru
Joined: 10 Apr 2002 Posts: 491 Location: Ulm, DE
|
Posted: Mon Sep 01, 2003 9:40 am Post subject: |
|
|
Yup... I second that.. *BSD just works... shame the desktop support on BSD ist not as advance as on linux... _________________ -- A Guru was once a Beginner -- |
|
Back to top |
|
|
humpback Retired Dev
Joined: 19 Oct 2002 Posts: 394 Location: Coimbra - Portugal
|
Posted: Mon Sep 01, 2003 10:25 am Post subject: |
|
|
Gentoo is Linux (maybe one day we will see Gentoo/BSD) And in some ways i still like the Linux kernel better thant the *BSD kernels. _________________ Gustavo Felisberto
Humpback @ #gentoo-pt
------------
It's most certainly GNU/Linux, not Linux. Read more at
http://www.gnu.org/gnu/why-gnu-linux.html .
------------- |
|
Back to top |
|
|
Ari Rahikkala Guru
Joined: 02 Oct 2002 Posts: 370 Location: Finland
|
Posted: Mon Sep 01, 2003 11:13 am Post subject: |
|
|
A router/server for primarily light stuff, with some services that are likely to be neglected sometimes? OpenBSD, definitely. Having never used Ports, I don't know if it's really better or worse than Portage, but I can tell that:
1) automatic upgrades cause breakage
2) privsep and all the other good stuff in the design of OpenBSD ensure that your box will not necessarily get rooted even if you don't always update all of your software five seconds after somebody notices a vulnerability (of course you *should* update your software, but hopefully it's not necessary to do it all the time with OpenBSD) _________________ <laurentius> gentoo linux?
<ari> Yesh.
<laurentius> they look horny |
|
Back to top |
|
|
antik Apprentice
Joined: 01 Oct 2002 Posts: 212
|
Posted: Mon Sep 01, 2003 12:04 pm Post subject: |
|
|
humpback wrote: | Gentoo is Linux (maybe one day we will see Gentoo/BSD) And in some ways i still like the Linux kernel better thant the *BSD kernels. |
Maybe some day I have FreeBSD with portage installed....ohh.. _________________ "Yes, I know Linux runs faster, but they can do that because they have thrown out the weight of the airbag, collision frame and safety belt." —Poul-Henning Kamp |
|
Back to top |
|
|
think4urs11 Bodhisattva
Joined: 25 Jun 2003 Posts: 6659 Location: above the cloud
|
Posted: Mon Sep 01, 2003 6:49 pm Post subject: |
|
|
Hi!
1) With a K6-2... the bottleneck woudn't be the networking speed - it would be processing power. So it doesn't really matter whether you choose BSD or Gentoo or WinXP
2) Speaking of security 'by default' OpenBSD is the one to beat, no question about it.
3) bind+djbdns should both be available for BSD.
4) It would be a good idea to seperate the router/firewall from the servers - means put it on two machines.
The only services a FW should have are firewall (of course )/syslog(-ng)/ssh - much easier to secure!
5) If you are experienced in administering gentoo stay with it. Each and every box is just as good as its admin. By using GR-Security and chrooted server daemons and secured configs and ... i think you can get a very secure setup with gentoo too.
Every OS can be hardened and secured, even WinXP (but only the most insane of us will survive this task )
6) Doing automatic updates is no good idea. It is not on XP (believe me!) it can get you in trouble with gentoo and BSD... well software is written by humans, humans make errors...........
OTOH we're all here on this planet to learn new things, so maybe OpenBSD is the one you should choose.
HTH
T. _________________ Nothing is secure / Security is always a trade-off with usability / Do not assume anything / Trust no-one, nothing / Paranoia is your friend / Think for yourself |
|
Back to top |
|
|
MADcow l33t
Joined: 23 Jan 2003 Posts: 742 Location: RIT (Henrietta, New York, United States)
|
Posted: Mon Sep 01, 2003 8:06 pm Post subject: |
|
|
Thanks for all the input guys! i think i'll be able to make my decision soon, but unfortunatly with the onset of school, it could be a while before i get back to you...
think: i had considered using different boxes for the router/firewall and the server, but unfortunatly i don't have the resources
actually... i suppose i could serve stuff on this box... that's an idea. although i don't know how i feel about giving shells on my little toy out to people... well, i'll definatly consider it more.
thanks again! |
|
Back to top |
|
|
zenlunatic Guru
Joined: 09 Apr 2003 Posts: 312
|
Posted: Mon Sep 01, 2003 8:43 pm Post subject: |
|
|
I personally like the fact that the linux kernel is under the GPL. BSD kernels are free software, but not copyleft, which means that a company can take it and use without adding to it. Nothing good comes from this situation. |
|
Back to top |
|
|
TGL Bodhisattva
Joined: 02 Jun 2002 Posts: 1978 Location: Rennes, France
|
Posted: Mon Sep 01, 2003 9:10 pm Post subject: |
|
|
antik wrote: | humpback wrote: | Gentoo is Linux (maybe one day we will see Gentoo/BSD) And in some ways i still like the Linux kernel better thant the *BSD kernels. |
Maybe some day I have FreeBSD with portage installed....ohh.. |
The work in progress is here: http://dev.gentoo.org/~g2boojum/ |
|
Back to top |
|
|
Lycander Guru
Joined: 10 Apr 2003 Posts: 468
|
Posted: Mon Sep 01, 2003 11:46 pm Post subject: Re: Gentoo VS. OpenBSD? |
|
|
antik wrote: | *BSD just works! (tm) |
Well then maybe there's something wrong with me. Been trying to get FreeBSD 4.8 to install on my dual P3 system. The hardware should be compatible, I've ran several Linux distros on it. From random reboots to errors pointing at the kernel, I just can't get FreeBSD to *work* as you say.
I find myself coming back to Gentoo time and time again. _________________ * Blessing /dev/hda2 with holy penguin pee |
|
Back to top |
|
|
antik Apprentice
Joined: 01 Oct 2002 Posts: 212
|
Posted: Tue Sep 02, 2003 7:29 pm Post subject: Re: Gentoo VS. OpenBSD? |
|
|
Lycander wrote: | antik wrote: | *BSD just works! (tm) |
Well then maybe there's something wrong with me. Been trying to get FreeBSD 4.8 to install on my dual P3 system. The hardware should be compatible, I've ran several Linux distros on it. From random reboots to errors pointing at the kernel, I just can't get FreeBSD to *work* as you say.
I find myself coming back to Gentoo time and time again. |
try 5.1 _________________ "Yes, I know Linux runs faster, but they can do that because they have thrown out the weight of the airbag, collision frame and safety belt." —Poul-Henning Kamp |
|
Back to top |
|
|
Lycander Guru
Joined: 10 Apr 2003 Posts: 468
|
Posted: Tue Sep 02, 2003 8:07 pm Post subject: |
|
|
See, the funny thing is I had FreeBSD + XFree + KDE up and running on a UP Pentium 4 system. This latest attempt was on a dual P3 system that was giving me grief. So I think I'm blaming my system for hardware compatibility with FreeBSD. _________________ * Blessing /dev/hda2 with holy penguin pee |
|
Back to top |
|
|
antik Apprentice
Joined: 01 Oct 2002 Posts: 212
|
Posted: Tue Sep 02, 2003 10:16 pm Post subject: |
|
|
Lycander wrote: | See, the funny thing is I had FreeBSD + XFree + KDE up and running on a UP Pentium 4 system. This latest attempt was on a dual P3 system that was giving me grief. So I think I'm blaming my system for hardware compatibility with FreeBSD. |
I have 4.8 running without problem on Digital Multia Pentium100 but I can't even boot this system with 5.1 With pentium3-500 freebsd release 5.1 I don't have any problem. _________________ "Yes, I know Linux runs faster, but they can do that because they have thrown out the weight of the airbag, collision frame and safety belt." —Poul-Henning Kamp |
|
Back to top |
|
|
Lycander Guru
Joined: 10 Apr 2003 Posts: 468
|
Posted: Tue Sep 02, 2003 10:21 pm Post subject: |
|
|
Are we here to avocate the use of FreeBSD? I just might give 5.1 a try, I hear there's people trying to bring Portage to BSD. _________________ * Blessing /dev/hda2 with holy penguin pee |
|
Back to top |
|
|
paranode l33t
Joined: 06 Mar 2003 Posts: 679 Location: Texas
|
Posted: Wed Sep 03, 2003 2:29 am Post subject: |
|
|
OpenBSD is a perfect operating system to act as a router/firewall and DHCP/NAT server. I have used it for a long time in this configuration. There are a couple of tweaks you can do to change kernel options to make networking even faster if you want to use it as a bridge, the OpenBSD FAQ will help you there. OpenBSD can also be set up in less than 10 minutes, which is a nice advantage over Gentoo. For the most part, you can leave it be and forget about it, excepting to update any servers (FTP, web, whatever) that need security patches. As for Ports vs. Portage, I think Portage is more mature and flexible, but Ports is for binary packages which fits BSD just fine. I don't even usually install Ports when I set up an OpenBSD box, they have some packages included on the CDs and the website that you can install that aren't part of Ports. _________________ Meh. |
|
Back to top |
|
|
cbreaker Tux's lil' helper
Joined: 05 Feb 2003 Posts: 105 Location: Pawtucket, RI
|
Posted: Wed Sep 03, 2003 4:30 am Post subject: |
|
|
The K6-2 will be able to drive your NAT system with absolutely no problems, even if you ran OS/2 with a DOS based NAT application (I used to do this on a Pentium 60, it worked great.)
Speed isn't really an issue here. Maybe OpenBSD is "faster netcode" - I dunno. Linux can't be far behind. And with your amount of traffic it doesn't matter.
I like iptables. I think it's fantastic. I thought ipchains was good - iptables is much, much better. There's so much you can do. The latest gentoo-sources kernel includes all the latest iptables stuff too, allowing you to do more with packets then you'll know what to do with. The last time I looked at BSD firewall stuff was with my friends' old FreeBSD 4.x box (which I've moved him to Gentoo, mostly because there's no cipe for BSD and cipe is amazingly easy to get VPN's running on rather unreliable connections.) It was pretty simple, advanced enough for what we wanted to do with it, but it was no iptables.
I see no reason to go with OpenBSD, it will just be another system for you to learn and support. I'm sure OpenBSD is a very fine operating system, don't get me wrong. But if you know Gentoo, run Gentoo already... the answer seems simple.
ps. I've run Linux as my firewall for years. And I've also installed Linux routers/firewalls at many businesses with great success. The security of a system is only as good as it's Administrator. If you have experience with Linux and Gentoo (and not OpenBSD) you'll be much more capable of locking down a system you know. |
|
Back to top |
|
|
ba747heavy Apprentice
Joined: 11 Aug 2003 Posts: 216 Location: New Mexico, USA
|
Posted: Wed Sep 03, 2003 4:41 am Post subject: |
|
|
Gentoo, it just works *g* _________________ Fred Clausen
"leet [speak] is a cry for help from a shallow mind" - Doomwookie Jan 05 |
|
Back to top |
|
|
BigBear n00b
Joined: 03 Jul 2003 Posts: 6
|
Posted: Wed Sep 03, 2003 7:28 am Post subject: Firewall |
|
|
For NAT/Firewall application, I went with FreeBSD. Mainly due to the excellent documentation on FreeBSD web site on how to install and configure the whole thing.
Plus I thought the ipfw commandline interface to the firewall pretty simple to learn and yet powerful.
For the actual application serving and desktop usage, I used SuSE and Gentoo. |
|
Back to top |
|
|
|