[–]▶ No.935166>>935193 >>935198 >>935488 >>935523 >>935690 >>935784 >>936555 >>937438 [Watch Thread][Show All Posts]
TRIM when?
ZFS when?
Multicore firewall when?
NFSv4 when?
Let's go into those:
TRIM is vital to properly supporting SSDs. Without it, deleting a few pages from the storage would require the deletion of the entire block before putting it all back, creating unnecessary reads and writes and ultimately causing a faster degradation of the SSD.
ZFS, and other filesystems like it, provide numerous features both for better management of your data with subvolumes, as well as better security. The security features include snapshotting, checksumming of all data and metadata, bitrot protection, excellent implementation of software RAID, and so on. Backups should of course always be made, but they can be complimented with a better FS. I can just imagine it now: An OpenBSD admin routinely backing up his system, unaware that data is being silently corrupted. By the time it's a problem, it's too late. Imagine how far back he'd have to roll back to get to a stable state? If only he had a filesystem that wasn't written in the 80s, and actually did something to protect his data. OpenBSD has best security? I think not.
PF, at least on OpenBSD, does not support more than one core of one processor. Linux's netfilter on the other hand, does. Not much else to say.
It's been 18 years since NFSv4 was originally standardized, and OpenBSD has still not gotten around to implementing it. This is quite a deficiency, as NFSv4 now allows you to authenticate connections with Kerberos, and even encrypt the data transfers. Once again, you would think such a security-focused OS would care about such benefits, but alas, no.
▶ No.935191
Modern SSDs have garbage collection, so TRIM isn't exactly necessary. (As an anecdote, I haven't run into any issues using a Samsung EVO 850 on my ThinkPad.) ZFS is too monolithic for them - but it seems like a port of HAMMER2 is possible. But really, I think Gentoo is the only sane choice for a desktop; I use OpenBSD on my routers/laptops.
▶ No.935193
>>935166 (OP)
>TRIM is vital to properly supporting SSD
Lol maybe 10 years ago
▶ No.935196>>935213 >>935565
>NFS
>ever
>for any reason
>when not actually employed by Sun
>who don't even exist anymore
▶ No.935198
>>935166 (OP)
>Multicore firewall when
This is the most valid complaint. A system such as openbsd should really have given how often it is used as a firewall.
▶ No.935208>>935211 >>935567 >>936019
▶ No.935211>>935864
>>935208
BTRFS seems like a decent choice if you don't need parity RAID. If you do though, it's trash. They have been working on fixing it (finally), but it's still very unstable.
▶ No.935213
>>935196
Well how else would you mount directory shares on a server to a client?
SSHFS? It lacks locking capabilities.
▶ No.935468>>935478
SINGLE THREAD ONLY
HAIL P4
▶ No.935478>>935482 >>935727
>>935468
>OpenBSD is single thread only
When will this meme die?
▶ No.935480
>PF, at least on OpenBSD, does not support more than one core of one processor.
The bottleneck is interrupts, anyway.
▶ No.935482>>935491
>>935478
It's crudely multi-threaded. But really; if you have a machine with 4+ cores, install Gentoo.
▶ No.935488>>935490
>>935166 (OP)
>Multicore firewall
What is that ?
▶ No.935490>>935494
>>935488
A firewall that filters packets with more than one thread
▶ No.935491
>>935482
>It's crudely multi-threaded
Wouldn't that benefit from a high number of cores then? Like a threadripper?
Each process gets its own core!
▶ No.935494>>935497
>>935490
I thought the kernel managed that.
▶ No.935497>>935501
>>935494
>I thought the kernel managed that.
And does the kernel handling something automagically make it multi core? No.
▶ No.935501>>935503 >>935789
>>935497
I just thought that since the kernel is the software who redistributes the hardware resources I thought it would handle multi core management for other softwares.
▶ No.935503
>>935501
The kernel can not just reengineer something to support multiple threads.
▶ No.935523>>935546 >>935568
>>935166 (OP)
Somebody's threatened by OpenBSD more and more. I've noticed these issues being brought up on HN, Reddit, cuck chan, etc. It's almost as if there's some kind of checklist of shill points that are being used to diss OpenBSD.
Could our glow in the dark friends be feeling anxious about the one OS they don't appear to control directly? Time to install OpenBSD.
▶ No.935546>>935547
>>935523
Interesting, for my defense the only reason that I don't use it is because of the license otherwise there's to learn from it.
▶ No.935547>>935554
>>935546
>I won't use it because because the license gives me too much freedom
Will you not use public domain code either because that is even more permissive.
▶ No.935554>>935555 >>935556
>>935547
Don't bring that kind interpretation fallacy and endless smug discussions in this the redoxOS thread was enough to prove that permissive license are constantly abused by power tripping fags.
If you have too much power you abuse it and it's normal because it's a human reaction.
▶ No.935555>>935732
▶ No.935556
>>935554
>are constantly abused by power tripping fags.
So you personally won't use a project that grants YOU more freedom because someone else has that same freedom.
▶ No.935565>>935611 >>935732
>>935196
what the fuck do you use big boy?
▶ No.935567>>935571
>>935208
ZFS > BTRFS if you need raid5/6.
BTRFS > ZFS if you need to change replication levels on the fly.
▶ No.935568>>935618
>>935523
>OpenBSD has glaring technical flaws
>it must be a conspiracy if someone draws attention to them
▶ No.935571>>935654
>>935567
>BTRFS > ZFS if you need to change replication levels on the fly.
Or if you need to expand/shrink the pools.
▶ No.935611
▶ No.935618>>935622 >>935694
>>935568
>glaring
Every "flaw" mentioned is inconsequential for the target user of OpenBSD, as pointed out already in this thread. My point is the excellent default security and small non-SJW non-CIA nigger OpenBSD team makes people feel threatened and we're seeing a wave of shilling which reflects this. Shills leak metadata, if you see this type of thread and post show up everywhere there's OpenBSD talk on the Internet there's a reason for it.
casssunstein.jpg
▶ No.935622>>935638
>>935618
>inconsequential
Yes anon no one ever uses openbsd as a firewall, there is no need for multicore filtering.
▶ No.935631
btrfs is a meme. It will never be good and most of its features are just layering violations that we've had in LVM and mdraid for almost 20 years.
▶ No.935638>>935732
>>935622
Is there really a need for it though?
▶ No.935654
>>935571
>BTRFS
How can anybody seriously suggest this for important data.
▶ No.935690>>935821 >>936533
>>935166 (OP)
Any recommendations for data hoarders and >>>/hydrus/ ?
▶ No.935694
>>935618
I'd still use OpenBSD even if it didn't do SMP at all.
▶ No.935727
▶ No.935732>>935853 >>936374
>>935555
check those quads
>>935565
>he uses anything but FAT16
>hating compatibility
>supporting bloat
>>935638
It would bloody well help 'pf' since quad cores are cheap, and will become even cheaper now that our favorite Israeli processor manufacturer has responded to AMD's 'moar coars' approach.
▶ No.935784
>>935166 (OP)
The pasta smells great. Now fuck off back to 4chan and continue your shilling there.
▶ No.935789
>>935501
The software has to tell the kernel that it needs separate resources. The kernel would have no way of accurately or intelligently assuming a particular process needs something different without being explicity told.
▶ No.935821>>936041
>>935690
GNU/Linux. I hear NetBSD has ZFS now, so if you want BSD, that's one to look at.
▶ No.935822>>935824
>multicore firewall
literally useless at best and botnet at worst
▶ No.935824>>935982
>>935822
>botnet
do you even know what you're talking about?
▶ No.935853>>937272
>>935732
>help 'pf' since quad cores are cheap
Lol you guys do realize these are for servers right? Think 24 cores not 4. And you have 23 of them just sitting idle.
▶ No.935864>>935867
>>935211
The worst part is that they declared it pretty much ready at Kernel 3.19, and some of us believed them. BTRFS is a dead end, already being dropped by some distros. BcacheFS is the the new hope.
▶ No.935867
>>935864
>BcacheFS is the the new hope.
Or you can use ZFS that works right now and has massive real world installations.
▶ No.935982>>935987
>>935824
>do you even know what you're talking about?
Do YOU even know where you are?
▶ No.935987
>>935982
if it exists, you know the drill
▶ No.936019
▶ No.936041>>936049
>>935821
I meant which filesystem?
▶ No.936049>>936053
>>936041
Generally, ZFS. It's been around for a while, has nothing really broken about it, and is the most reliable choice. It's not very flexible though, and is a resource hog, so take that into consideration.
If your usecase would benefit from RAID10 instead of parity RAID, maybe look into btrfs. It's way more flexible with resizing stuff and I think is supposed to be more efficient, while offering the same sort of stability benefits as ZFS. Bonus advantage is that it'll be already available built into the kernel on any distro except RHEL. Just don't dare use RAID5/6 with it
I hear there's some HAMMER2 thing on DragonflyBSD. I don't have any knowledge of that one beyond "it exists" though.
▶ No.936053>>936056
>>936049
So which linux distro + ZFS + Hydrus?
▶ No.936056>>936057
>>936053
For easiest installation and setup, I recommend Ubuntu or Ubuntu Server. They make it like 1 command.
▶ No.936057>>936063
>>936056
Was going to ask, maybe write a tutorial on /hydrus/ about the setup?
▶ No.936063>>936067
>>936057
To be honest i've just now heard of Hydrus. Still not entirely sure what it is. I mainly have been looking into and learning about the advantages and disadvantages of these filesystems for a future project, that being a custom NAS box that is 100% libre hardware. I'm waiting for a proper RISC-V board to be released, most likely from LowRISC.
▶ No.936067
>>936063
Well Ubuntu + ZFS + Hydrus sounds good, but we should have a setup to backup the SQlite DB to make sure things don't fail.
▶ No.936374>>936498 >>937272
>>935732
Why does your firewall consume a whole core of your server all of a sudden? How much bandwidth can pf running on a whole core service? Probably depends on a lot of things. Seems like an extreme edge case only relevant for an extremely small subset of users anyway.
Where has this been a problem, can you point to anybody ever running into a practical barrier because pf only runs on one core?
Is it even true?
▶ No.936498>>937262
>>936374
>Why does your firewall consume a whole core of your server all of a sudden
Because anon some people are routing more data than your 20 megabit home connection.
▶ No.936533>>936534
▶ No.936534>>936535
▶ No.936535>>936548
>>936534
It may be CuckBSD but eventually you'll come back to it on your knees.
▶ No.936548
▶ No.936557>>936559
>>936555
>arch linux
>minimal
What the fuck did I just read?
▶ No.936559>>937438
>>936557
>What the fuck did I just read?
Nothing is installed by default
▶ No.937262
>>936498
So what's the practical limit? How fast of a single core OpenBSD machine do you need to service pf only?
Seems like this is a Pajeet-tier Jewish bullet point complaint, let's hear about practical limits.
▶ No.937272>>937275 >>937285
>>935853
>not running a dedicated firewall machine
>>936374
extreme edge cases, such as estonian IoT botnet DDOS attacks, can cause losses ranging in the millions of shekels.
furthermore, multithreading will help 'pf' scale onto higher thread count hardware, such as server class RISC designs like IBM's POWER9 and Cavium's special sauce ThunderX.
Reliance on single core performance is a reliance on insecure Intel hardware.
▶ No.937275
>>937272
What's the sticking point from the Intel perspective which is keeping pf back? Is it so?
For my money this seems to be a barrier which people will probably rarely run into, years ago I worked on internet backbone hardware running a BSD variant all off of 400MHz Power4 class chips, we could pump a fuckload of data, tens of gigabits per second.
▶ No.937278
pf isn't actually good, the only reason it rose to prominence is because pfSense has a good UI. It is in every way weaker than what is provided in Linux. They both suffer from being designed for the world of yesterday and are absolute hell to automate for modern, non-trivial setups. nftables will improve that a bit and hopefully with more work on netdev replace tc which is currently impossible to use for anything significant without hundreds of lines of code managing the rules externally.
▶ No.937285>>937288
>>937272
>>not running a dedicated firewall machine
Retard the point was that A DEDICATED FIREWALL would have most of its resources idle as it struggles to keep up with its one core.
▶ No.937288>>937290 >>937356 >>937405
>>937285
I make network devices for a living and we use mid-range desktop tier Intel chips for 10Gbit that also do transparent compression. Every packet is pulled into userspace, 'improved', then sent back to the kernel. If I was just running a firewall I'd need like 1/1000th of the power to handle 10Gbit as the packets usually don't even fully enter the kernel let alone get round-tripped to userspace. Is someone really having trouble with single core firewalling or is it a LARP concern?
▶ No.937290>>937322
>>937288
>10Gbit
that's cute anon. come back when you have a real network.
▶ No.937322>>937328
>>937290
>networking is the art of using a single cable to connect all devices
That's stupid even for /tech/.
▶ No.937328
>>937322
If you are claiming you are filtering 100Gbit (10x10) on one core you are lying.
▶ No.937356
>>937288
It is a concern when you want to do complex things on modern low powered hardware.
▶ No.937362>>937363 >>937377 >>937390
unlike freebsd, openbsd isn't pozzed ye-... https://twitter.com/mwlauthor
nevermind
▶ No.937363
>>937362
Nothing surprising here. It's almost impossible to find software projects without weird mentally ill people these days. Programming causes mental retardation it seems...
▶ No.937377
>>937362
>openbsd isn't pozzed ye-...
This has actually been a freebsd guy for the past 10 years or so.
▶ No.937390>>937398 >>937403 >>937409 >>937438
>>937362
This guy does more in a single day than you have ever done in your lifetime.
▶ No.937398
>>937390
Nice projection, not everyone here is necessarily an unemployed attention whore.
▶ No.937403
>>937390
Ahh, the quintessential tripfag's words of wisdom. Did you just got unbanned?
▶ No.937405
>>937288
It's a larp concern, note none of the shills have presented an actual use case where they're running into a barrier because of pf.
▶ No.937409>>937427
>>937390
Why haven't we disabled the name field yet? It seems to work fine for /v/ and /pol/
▶ No.937427
>>937409
>disable name field
>add IDs
This would help a lot but the mods on this board are Intel shills.
▶ No.937438>>937469
>>935166 (OP)
B-But OpenBSD has good docs/man-pages and good coding style. I would like to see HAMMER2 instead of ZFS in OpenBSD and Ghanoo/Loonix
>>936559
>nothing is installed by default
<but lvm, cryptsetup, jfsutils, perl, etc. are included in the default installation
<packages have most options enabled
Just install Alpine or Gentoo
>>937390
pls go away. >>>/oven/
▶ No.937469
>>937438
>B-But
good to see cuteposting is alive and well on this board!
>Just install Alpine or Gentoo
this, although GuixSD is looking pretty good.
▶ No.937520
>>937441
You just got blown out tripfaggot.
OpenBSD is based and the shilling reeks of desperation.