[toc] I’m Back(?) It’s been almost a year since my last entry which would imply that this blog isn’t that important to me. I’d say more accurately, it’s less important to me than other things in my life. Those would be things like my job, raising my dogs, taking care of my house, enjoying my new Corvette, etc. It’s not…
Author: Jason Van Patten
Blocking Spammers at the Router: IPFWMTAD
[toc] Assuming you’ve followed my spam-fighting adventures, you’ll know that I have a fairly successful installation of Neal Horman’s spamilter running in a FreeBSD jail, and his ipfwmtad daemon running on the jail’s host. Meaning the ipfw rules being added by ipfwmtad are done on a server different from where spamilter is running. Along with all of that, you’ll recall…
FreeBSD Jails: Filesystems and FIBs
[toc] In my Putting Jails to Work entry, I detailed how I set up the jails on joker. Part of that entry dealt with the null filesystem mounts that I had to do on joker so that the jails would have access to an NFS-mounted filesystem. It turns out that I did a lot more work than was necessary, because the…
VXLAN Configuration and Deployment
[toc] In my VXLAN: Providing Ponies for Bad System Designers entry, I discussed using an L2 overlay technology such as VXLAN to provide virtually spanned L2 VLANs over an L3 infrastructure. In this document, I’ll show via diagrams and config snippets how to build a poorly-designed network and why it’s a problem. Then I’ll use VXLAN to build a similar…
Final Linux to FreeBSD Conversion: The Router
[toc] This post will show up in both the FreeBSD section as well as the Network one. It’s sort of a combination of the two. I’ve been detailing my server conversions from Linux to FreeBSD on this blog, but I held off on the final device, and that’s the router. It turned out to be a hell of a challenge…
Spamilter in a Jail
[toc] If you’ve been following my two sub-threads on this blog regarding FreeBSD jails and fighting spam, you know the status: I have a FreeBSD server called joker that has multiple jails on it. One jail is riddler, and it handles all outbound SMTP connections. But not inbound. Further, you know that I have a reasonably complex anti-spam system set…
Spamilter and SpamAssassin Working Together
[toc] In my Killing Spam(mers) entry, I discussed getting both SpamAssassin and Neal Horman’s spamilter installed and working on joker. Doing so made a significant impact on the amount of spam I was seeing. However, they were working independently of one another, and what I really wanted was some sort of feedback loop. Should a message get through spamilter and be…
FreeBSD Jails: Putting Them to Work
[toc] In the last entry, I explained how I decided to remove the Linux hypervisor from my network and replace it with a beefy FreeBSD server named joker. Instead of all of the VMs running on the former KVM server, I instead created a collection of FreeBSD jails. This post will serve to document what I did to get them…
Dropping Linux and KVM in Favor of FreeBSD and Jails
[toc] Before the Overhaul… As mentioned previously, most of the services that I run out of my house have been via virtual machines. For a long while, I was using VMWare’s ESXi, but I got tired of its stupid Windows admin tool, and also tired of its restrictions on what hardware it would run on. I had a Mac Pro…
VXLAN: Providing Ponies for Bad System Designers
[toc] Preface This write-up will consist of technical concepts, architecture ideas, and lots of opinion. All of which are based on 20 years of building big networks in datacenters. I’ve heard it all, seen it all, and have probably already built it. Some of the opinions in this article may come across as a bit cruel. They’ve been forged over…