OpenBSD Journal

m2k14: Stuart Henderson on Triage

Contributed by tbert on from the cry-packet-and-let-slip-the-dogs-of-war dept.

Stuart Henderson (sthen@) was the first developer to submit a report from the recent m2k14 hackathon:

I set off for Marrakech planning to look at updating DB in ports and taking care of changes needed in ports for a UVM diff for mpi@, but ended up getting swept away by the wave of destruction in ports from removal of the dangerous RAND_egd API in libssl, removal of Heimdal Kerberos from the base OS and (to a lesser extent) the final removal of altq, so frequent port builds and mopping up were the order of the day, and other projects were put on the back-burner.

Additionally I helped with tracking down some network problems - during the hackathon we saw some heavy (90%+) packet loss to an important part of OpenBSD's infrastructure, testing from various points traced this to the radio link we rely on for the bulk of our connectivity in Canada, so we were forced back to the 5Mb leased line plus tunnels over consumer broadband that serve as alternative paths. (We'd love to improve this and are looking for a way to provide a point-to-point fibre to a data centre in Calgary; if anyone is in a position to help fund improved connectivity on a recurring basis, please do get in touch).

Of course it was great to get back together with other developers in person, making conversations possible that just wouldn't happen over the net, and it was nice to have a location in a country where the value of good tea is appreciated :-) Big thanks to those who have donated to the OpenBSD foundation, to those helping with arrangements (especially new developer logan@), and to our hosts at Université Cadi Ayyad for their gracious hospitality, without whom this would not have been possible.

Thanks for the report, Stuart! And for any readers who want to donate, the options are outlined on the Direct Donations page.

(Comments are closed)


Comments
  1. By Anonymous Coward (85.81.131.17) on

    I was sort of upset with Kerberos being removed, but honestly I haven't used it for 10 years.

    Comments
    1. By Anonymous Coward (63.231.28.161) on

      > I was sort of upset with Kerberos being removed, but honestly I haven't used it for 10 years.
      Off-topic.
      Comment was surely meant for Kerberos story (which may be obvious for most viewers, at the time of this posting, because that was the previous story showing on Undeadly.org's main page... but in many months, this may be much less obvious to most new viewers, who only find this thread as the result of some web search that points directly to this page)

  2. By Anonymous Coward (24.113.147.35) on

    Why not piggy-back on a university network? Replication should keep stuff secure if all the source can be checked and verified. (i.e., P2P offers the best scalability, and the closer we get to that, the better, etc.)

    Comments
    1. By Adam Thompson (198.51.75.15) athompso@athompso.net on

      > Why not piggy-back on a university network? Replication should keep stuff secure if all the source can be checked and verified. (i.e., P2P offers the best scalability, and the closer we get to that, the better, etc.)

      Because, IIRC, cvs.openbsd.org is not located in a major, well-connected data center, or anywhere close to a university. It's located in a secure environment under Theo's personal control along with some of the project's other build infrastructure.

      If you're not in Canada, it's hard to grasp how difficult it is to get decent data communications here if you aren't physically located in *just* the right place. Most markets are either a monopoly or duopoly, and none of the incumbents will sell dark fibre at any cost.

      I'm in the middle of a major urban center, and I have to pay over C$500/month to get a symmetric 20Mbps line.

      Comments
      1. By Ed AHlsen-Girard (132.3.37.81) girarde@alum.rpi.edu on

        > > Why not piggy-back on a university network? Replication should keep stuff secure if all the source can be checked and verified. (i.e., P2P offers the best scalability, and the closer we get to that, the better, etc.)
        >
        > Because, IIRC, cvs.openbsd.org is not located in a major, well-connected data center, or anywhere close to a university. It's located in a secure environment under Theo's personal control along with some of the project's other build infrastructure.
        >
        > If you're not in Canada, it's hard to grasp how difficult it is to get decent data communications here if you aren't physically located in *just* the right place. Most markets are either a monopoly or duopoly, and none of the incumbents will sell dark fibre at any cost.
        >
        > I'm in the middle of a major urban center, and I have to pay over C$500/month to get a symmetric 20Mbps line.

        Which may explain the portions of the FAQ that metaphorically threaten death to people who don't use a mirror for downloads.

    2. By sthen (anon) on

      > Why not piggy-back on a university network? Replication should keep stuff secure if all the source can be checked and verified. (i.e., P2P offers the best scalability, and the closer we get to that, the better, etc.)

      This isn't for file distribution, it's for access to core infrastructure (build machines etc). OpenBSD is already a member of Cybera (giving Internet 2 connectivity) and YYCIX (peering exchange) and has good access to various other networks from those points, the problem is with the "last mile" links over which these are run.

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]