[toc] In my Putting Jails to Work entry, I detailed how I set up the jails on joker. Part of that entry dealt with the null filesystem mounts that I had to do on joker so that the jails would have access to an NFS-mounted filesystem. It turns out that I did a lot more work than was necessary, because the…
Author: Jason Van Patten
VXLAN Configuration and Deployment
[toc] In my VXLAN: Providing Ponies for Bad System Designers entry, I discussed using an L2 overlay technology such as VXLAN to provide virtually spanned L2 VLANs over an L3 infrastructure. In this document, I’ll show via diagrams and config snippets how to build a poorly-designed network and why it’s a problem. Then I’ll use VXLAN to build a similar…
Final Linux to FreeBSD Conversion: The Router
[toc] This post will show up in both the FreeBSD section as well as the Network one. It’s sort of a combination of the two. I’ve been detailing my server conversions from Linux to FreeBSD on this blog, but I held off on the final device, and that’s the router. It turned out to be a hell of a challenge…
Spamilter in a Jail
[toc] If you’ve been following my two sub-threads on this blog regarding FreeBSD jails and fighting spam, you know the status: I have a FreeBSD server called joker that has multiple jails on it. One jail is riddler, and it handles all outbound SMTP connections. But not inbound. Further, you know that I have a reasonably complex anti-spam system set…
Spamilter and SpamAssassin Working Together
[toc] In my Killing Spam(mers) entry, I discussed getting both SpamAssassin and Neal Horman’s spamilter installed and working on joker. Doing so made a significant impact on the amount of spam I was seeing. However, they were working independently of one another, and what I really wanted was some sort of feedback loop. Should a message get through spamilter and be…
FreeBSD Jails: Putting Them to Work
[toc] In the last entry, I explained how I decided to remove the Linux hypervisor from my network and replace it with a beefy FreeBSD server named joker. Instead of all of the VMs running on the former KVM server, I instead created a collection of FreeBSD jails. This post will serve to document what I did to get them…
Dropping Linux and KVM in Favor of FreeBSD and Jails
[toc] Before the Overhaul… As mentioned previously, most of the services that I run out of my house have been via virtual machines. For a long while, I was using VMWare’s ESXi, but I got tired of its stupid Windows admin tool, and also tired of its restrictions on what hardware it would run on. I had a Mac Pro…
VXLAN: Providing Ponies for Bad System Designers
[toc] Preface This write-up will consist of technical concepts, architecture ideas, and lots of opinion. All of which are based on 20 years of building big networks in datacenters. I’ve heard it all, seen it all, and have probably already built it. Some of the opinions in this article may come across as a bit cruel. They’ve been forged over…
Killing Spam(mers)
[toc] I’m writing this ex post facto, so me referring to things like, “I did this” actually happened months ago. I’m just now recounting it. Note that the assumption with this document is sendmail. You’re running sendmail as your MTA, right? No? Well go back to the beginning and try again. So.. you’re running sendmail as your MTA, right? No?…
FreeBSD as my Network Storage Server (Part 2)
[toc] In the last entry, I went through the thought processes and steps behind bringing up a new storage server called bane using FreeBSD (10.1) as the OS. The intent with this post is to explore the filesystem exports. Bear in mind that bane is doing a few other things like acting as a MySQL server, a local GIT server,…