Contributed by jose on from the uptime dept.
I've always found stability depends on what I was doing with a system, but overall haven't had any complaints about OpenBSD releases. Thoughts?
(Comments are closed)
OpenBSD Journal
Contributed by jose on from the uptime dept.
I've always found stability depends on what I was doing with a system, but overall haven't had any complaints about OpenBSD releases. Thoughts?
(Comments are closed)
Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]
By Anonymous Coward () on
By Anonymous Coward () on
Comments
By Anonymous Coward () on
that OpenBSD does not scale as well as FreeBSD ?
doesn't mean it is unstable.
By Anonymous Coward () on
Yes, I love my OBSD edge boxes, too, but I wish they ran a bit more efficiently. You can actually watch the box grown under a big Perl CGI startup on a lightly loaded Apache box. A Pentium 133 will actually hang the console for a few seconds while it shutdowns Apache.
However, the issue at hand is "stability". Though perhaps not mutually-exclusive to "security" and "scalability", lack of stability (even on marginal hardware) does not seem to be an OpenBSD hallmark.
And anyway, OBSD is fast enough for most of us. We got two OBSD boxes running nothing but Postfix and spam filtering between them, at a reasonably busy pace. Correction: *very* busy. Internally we use Exchange, with several co-located servers through-out the world. The OBSD servers handle *all* external mail, including incoming spam.
Outoging spam I don't know about. I don't think we do that, but who knows?
*shrug*
By supabeast () on
By chris () chris@unixfu.net on http://unixfu.net
updating software has been the real bane for me if it isnt just a fw or router box, as there is no easy way to upgrade packages. say like openssl.
but though i know people that say it crashes more for them than others, and i know people that say it crashes less for them.
i personally have seen it crash and lock up just like anything else.
By Hardwark () on
They've been running for soon 3 years, with an upgrade and reboot every 6 months (some month after release).
I've had a grand total of 2 crashes.
One was hardware failure and the other was a bug in arp decode (it was on a lab net and the bug was found when a network tech was playing rough with a network analyzer/tester).
(Bug found in /sys/netinet/if_ether.c, a fix was submitted and added to CVS).
Now, I don't whip the crap out of these machines, but they do their stuff, year in and years out.
// hdw, Exec Pope @ Kallisti
By Anonymous Coward () on
Comments
By Anonymous Coward () on
You're running a service...
Open to the public...
That's known for being poked and prodded by those who are on it...
And you're blaming the OS?
I mean, if I'm off, let me know; otherwise I think your time would be a little better invested in finding a better IRC daemon.
Comments
By krh () on
I can say that OpenBSD has been, in my experience, mostly stable. I was once trying to use it on an old 486, and there was a race condition in the Ethernet driver for the card I was using that caused crashes roughly once every two days. Getting it fixed took a very long time--I submitted multiple bug reports with as much documentation as I could, but unfortunately that Ethernet card was rather old and not very popular, so nobody bothered to do anything about it for months. Once it was fixed, the system was solid again.
That experience aside, OpenBSD has not crashed regularly for me. If I were in a situation such as that described by the first poster, I'd try my best to figure out what's going on, and then submit a bug report.
Comments
By Gimlet () on
By Anonymous Coward () on
Comments
By Anonymous Coward () on
... because system software can always handle a hardware failure.
It should be rare that a userland process crashes the entire system. However, things like device drivers and the like are in the kernel space (more-or-less). Failures here are nearly impossible to completely guard against. Panics and lockups due to hardware are endemic to any "modern" OS based on 30-yr old tech, like Unix.
By Anonymous Coward () on
By Anonymous Coward () on
Have you ever though about hardware? Electricity? Flaky ram is especially bad at causing intermittent crashes.
By Teknoenie () teknoenie@site-fx.net on http://www.site-fx.net
By m () on
no problems so far and the only downtimes were
for upgrades.
i did have to tune the usual suspects in the
kernel, running an ircd can be fairly taxing
on GENERIC.
Comments
By Anonymous Coward () on
By tedu () on
By Anonymous Coward () on
I've got a dozen or so Squid proxy servers /w a custom PostgreSQL, Apache, PHP proxy log summary (by user, by site, by date). On Pentium II 400 /w 128mb RAM... and 400+ users...
These servers have been in use for years (I just upgraded a v2.9 server to v3.4), without any problems.
By Anonymous Coward () on
By jens () on http://jens.powerpuff.org
I think that guy whos machine crashes daily is either a sucessful troll, suffers from bad HW, need a braincheck or all_of_the_above
regards /jens
By Tony () aschlemm@comcast.net on mailto:aschlemm@comcast.net
I've tried swapping NICs with a different SMC card but the problem persists. I have SMC cards in other systems that don't exhibit this behavior so I don't know if it's an OpenBSD problem or I guess it's just the right combination of hardware causes this problem. If I've needed the system to be connected at 100BaseTX I've used a cheap Netgear FA311 NIC. Just in case it is a SMC problem though I tend to use the SMC cards on the WAN connection side of dual-home firewalls as the connection speed is 10BaseT on the broadband side and the cards are solid performers at that speed even in my one flakey system.
By Ryvar () on
Win9x
That's just a generality gathered from talking to hundreds of admins, swapping stories/advice/etc.
There are good reasons for each of these, too - WinNT is (in theory) a server product and thus more stable than 9x, Linux is an open source product and many eyes makes for better debugging, FreeBSD is a cathedral-variety project and thus better on the stability front, OpenBSD isn't focused on performance and thus tops FreeBSD, and finally NetBSD is crossplatform so any bugs will turn be glaring on at least one of those platforms.
I'm hesitant to place Solaris/HP-UX/AIX/OS/400 (especially Solaris) on that list because I've heard a *WIDE* range of tales as to where each belongs on it. Someone else with more experience with those four want to take a stab?
Comments
By Anonymous Coward () on
We have/had OpenBSD installed on about 8 machines,
on 4 it woruld work with no problems (inclusing the fw/gateway). However the webserver and the mailserver would crash once every month orso, the maximum uptime we had with OpenBSD was about 60 days.
This unstability coupled with a forced upgrade every 6 months, made us change to Debian/Linux.
On the same hardware (dell 1" rackmounts) we have
uptimes well in excees over two years (database server). The linux machines haven't crashed (yet,
two years of operations) and they feel more 'snappy', this coupled with the availability of more software (free AND commercial) and the 'wonders' of apt-get made us very happy.
Comments
By Anonymous () on
This unstability coupled with a forced upgrade every 6 months, made us change to Debian/Linux.
Wow, this statement floors me.
I don't see anyone putting a gun to your head, to upgrade to the new releases. Guess what? Every OS has updates/patches. Just because Debian doesn't release a new dotted version every six months means it's more stable - haven't you applied patches since?
By CMF () cfuhrman atta spamcop dotta net on mailto:cfuhrman atta spamcop dotta net
I also have OpenBSD 3.2 running on a P-90 w/32MG of RAM ... mainly a firewall/gateway box. Haven't had an *ounce* of problems with it which is pretty good for a relatively ancient piece of hardware.
Comments
By Tom Buskey () on
I'm always amazed at how well the various *ixen work on PC hardware. For example: sun has used between 5-8 different ethernet chipsets. How many chipsets are there for PC ethernet?
By Simon Lok () simon@lok.net on mailto:simon@lok.net
doesn't show up during the installation
or burn in. If it works when you get
the machine up and test it for a week,
it will tend to work for years (I'm not
exaggerting, I literally mean, years).
I perform updates when they're critical, and
when they don't pertain I leave the machines
be. I do all of my updating without access
to the console. I have had machines with
uptimes of over 365 days.
The real problem is getting the boxes to
go to begin with. At one point, I helped
Theo by providing the hardware for the 82802
RNG on the 82840 (the then brand spanking
new 1.4 GHz P4s) to fly. I spent days
trying to figure it out before I posted on
misc@openbsd.org only to find out they
didn't have access to this equipment before.
Not their fault, just didn't realize stuff
like that happened this way with OpenBSD.
That was my first real schooling into the
way things go with OpenBSD.
Over the years, it has primarily been the hardware
variation that have hurt... echoing my first
experience related above. However, with
enough effort, getting the first box to go
has usually resulted in a "formula" that I
can use to get other similar boxes to go. And
like I said, once they get up and running, they're
rock solid.
Oh, BTW, everything I've been doing is with
x86, so I'm talking about variability WITHIN
a port, which you would not think would be
as much as an issue. I have run all sorts
of crazy stuff on the boxes, not just the
built in stuff. Once again, if there's an issue
with say, AMD, SQUID or some other service
I just have to use, it shows up pretty
quickly during installation or test.
Comments
By marklar_ () marklar_@hotmail.com on mailto:marklar_@hotmail.com
>doesn't show up during the installation
>or burn in. If it works when you get
>the machine up and test it for a week,
>it will tend to work for years (I'm not
>exaggerting, I literally mean, years).
Agreed!
I've used x86, Alpha and SPARC ports since 2.7 and have found that things either "just work", or "just don't". This is unlike my experience with Linux and Windoze OSes where things seem to work for a while and then break, or don't work for some strange reason, but get fixed by the three R method (retry, reboot, reinstall).
By Anthony () on
By Joe Price () on
the other two run tomcat/jdk/apache/samba/pf/dhcpX/ntp/isakmpd/dns/spamd
which is pretty much our web servers..
I've had or have about 5 openbsd boxes at my home where I do various testing and things.. All my experience (since obsd 2.6) has been VERY GOOD. HIGHLY RECOMMEND OPENBSD.
The biggest complaint with OpenBSD I have is the lack of a 1.4 JDK..
By Anonymous Coward () on
I am going to be deploying a setup of about 5 (FreeBSD) web servers, 3 (Windows) media servers, and a (FreeBSD) database server. I'm planning on having these on a private subnet, with a firewall in front that will do NAT-style port redirection and load balancing. A simple, secure solution, assuming I can find the right firewall/loadbalancer.
We expect the firewall will have to pass about 100mbit/s of traffic, and it needs to be up 100% of the time. If its down, we lose money, and lots of it!
Under these circumstances, is OpenBSD a good choice? Anyone running a similar get-up? If so, what hardware is it on?
A note, I have a lot of OpenBSD experience, but have not deployed it in such a mission-critical fashion. Just looking for people who have!
Comments
By Anonymous Coward () on
Comments
By Anonymous Coward () on
Comments
By rankor_industries () on
http://www.deadly.org/article.php3?sid=20031018101733
Comments
By Anonymous Coward () on
I'm trying to find a "tried and true" solution, something that won't cost me a plane ticket and a 3AM wakeup to fix :D
By Dom () on
Multiple BGP'd upstreams links (A and B), going out different sides of the building and never going along the same road/building/transit.
Two switches, trunked together TWICE.
A switch connects to A upstream router, likewise B switch/router.
A pair of Cisco PIX, in failover, one on each switch. (or PIX blades, on in each 6500 switch)
A pair of Cisco CSSs, one on each switch in failover mode.
A web server on each switch.
two of everything else, always one on each switch.
All the 'A' stuff is on one UPS, the 'B' stuff on another. Both UPSs should be fed from (preferably) different supplies.
I make sure that our two main datacentres are link this (better), as they did cost $10bn each :-)
By Anonymous Coward () on
Remember: 99,999% uptime means only 5.3 minutes downtime a year. That means there is so much more inolved than the choice of your favorite OS. It helps to have a pair of diesel genererators on hand...
Comments
By Anonymous Coward () on
What the grandparent needs to do is determine the acceptable level of down time versus cost and go from there. Just saying 'no down time' is silly.
By Anonymous Coward () on
I am going to be deploying a setup of about 5 (FreeBSD) web servers, 3 (Windows) media servers, and a (FreeBSD) database server. I'm planning on having these on a private subnet, with a firewall in front that will do NAT-style port redirection and load balancing. A simple, secure solution, assuming I can find the right firewall/loadbalancer.
We expect the firewall will have to pass about 100mbit/s of traffic, and it needs to be up 100% of the time. If its down, we lose money, and lots of it!
Under these circumstances, is OpenBSD a good choice? Anyone running a similar get-up? If so, what hardware is it on?
A note, I have a lot of OpenBSD experience, but have not deployed it in such a mission-critical fashion. Just looking for people who have!
Comments
By Anonymous Coward () on
My experiences as a general network consultant are that management tend to prefer 'hardware' firewalls or other such commercial solutions rather than an open source, FREE, secure alternative - mostly because of commercial support and wider industry experienced people.
So in this sense, I have a lot of hard times justifying OpenBSD over say Cisco when in fact for what most of them need, OpenBSD is a much better solution all around, from my experiences atleast. Don't get me wrong, I do believe in using the right tool for the job; be it MS, FreeBSD, OpenBSD, Linux, Cisco, or whatever. Many times I find that the options need to be balanced in either direction rather than just one or the other only.
Did this make sense? If not, in essence what I'd like to know most is... How can you convince a consulting company, or management to let you design/implement OpenBSD in situations where it would be more cost effective and logical in a technical perspective?
Any howto's on such a thing on convincing management or how to better market OpenBSD as an alternative solution to security than commercial products? ;)
Thank you all in advance for those who understand and can help.
PS: (To the poster above me here) I hope things go well for you however you get things done.
Sincerely,
Another *BSD advocate.
Comments
By Anonymous Coward () on
Comments
By Anonymous Coward () on
By Fred Flintstone () on
Comments
By Anonymous Coward () on
I agree that a PII-400 runs just as well, but I've had no luck convincing some management this in the past or that OpenBSD could be locked down even more than they think.
I know the Nokia's use FreeBSD as the underlying OS, atleast last time I console'd into one and even use a HD as a normal PC would... Which is what it is.
I also don't know why CheckPoint sells the software FW for Windows, Solaris and Linux but not FreeBSD if after all, it runs ontop of FreeBSD in the Nokia boxes? Perhaps because of marketing reasons?
By Anonymous Coward () on
That having been said, I have also not had any trouble with a NT 4.0 PDC, proxy server, and print server that I installed sometime in 1997, I think. It generally gets rebooted by local power failures, if anything. Go figure.
By Gryp () gryp@dakin.be on http://gryp.dakin.be
Comments
By Anonymous Coward () on
By kremlyn () on
I run OpenBSD at home only (unforutnately, I can't find a job that would have me administering a *BSD), however I have many machines doing many things with OpenBSD. I run:
samba (for fileserving and domain logons)
isakmpd (for home wifi)
pf (duh!)
httpd/mysql/php
named (for local naming)
central syslogd for all *NIX machines
postfix/maildrop/courier-mta/sqwebmail
I have never, ever had a machine crash on me. Not once. Admittedly, my hardware is tried and true.. all very stable PII based hardware with Intel NIC's. I guess as the story goes, the things OpenBSD does support, it supports VERY well.
NOTE: I am moving to FreeBSD for non-internet-enabled services (such as samba) due to its SMP, ability to mount NTFS and easier upgradability. On the internet side though, there is NO substitute for quality.
Cheers,
kremlyn
Comments
By kremlyn () on
ppp
ddclient (for updating dyndns)
dhcpd and dhcpc
ntp
ftpd/proftpd
nfs
All these work without a hitch too...
Comments
By Anonymous Coward () on
Comments
By kremlyn () on
By Chris Humphries () chris@unixfu.net on http://unixfu.net
anything can sit there all day and do next to nothing, what matters is handling cruchtimes and heavy usage.
By Anonymous Coward () on
Comments
By Anonymous Coward () on
By Anonymous Coward () on
By Anonymous Coward () on
WARNING! Don't let the "look" of the configuration scare you away, it can be changed. ;)
Comments
By Anonymous Coward () on
http://www.igs.net/~tril/fvwm/index.html
By Chris () on
$ cat .xinitrc
startkde
$ PATH=$PATH:/usr/X11R6/bin
$ startkde
That should work for you, as it just di for me.
By Anonymous Coward () on
`echo "exec startkde" >> ~/.Xsession`
By Anonymous Coward () on
startkde
By Juanjo () on
The wi drivers sometimes hangs my PRISM 2.5 MINI-PCI based WLAN card. I post a bug repport and I applied a little patch that fixes the problem (I sent the patch too).
Just reset via software the card when it has a timeaut and all works fine again.
My OpenBSD experience is good... but I've not stressed the system and I've got by now the same reliability that with FreeBSD or Linux.
By oblek () oblekNOSPAM@lug.stikom.edu on mailto:oblekNOSPAM@lug.stikom.edu
Comments
By Anonymous Coward () on
By Makaveli () makaveli@nwps.ws on http://-
First of all, I had problems with my Realtek NIC's, I had two of them on my server:
*reboot after panic: uvm_mapent_alloc: out of static map entries, check MAX_KMAPENT (currently 1000)*
Instead starting to tweak OBSD's kernel I decided to buy a new NIC, 3Com 3CR990-TX-97, which I thought was supported by OpenBSD (is listed on Supported platforms page)
First I had this problem:
txp0 at PCI0 dev 10 function 0 `3Com 3CR990-TX-97` rev 0x02: IRQ 10: fw not waiting for segment txp0: fw wait failed, section 0
Oct 21 23:13:01 bsd /bsd: vendor `3Com`, unknown product 0x9901 (class network, subclass ethernet , rev 0x02) at pci0 dev 10 function 0 not configured
I received a patch from one of OBSD's developers which helped me to get my card working...well, not for long. It worked 6 hours until system paniced and flooded this onto screen:
"No free cmd descriptors"
So I installed Gentoo Linux and everyhing has worked well so far. I still use OpenBSD on another server though and have had no problems.
I love OpenBSD, I just wish it'd be easier to update e.g. from 3.2 to 3.4 and had better hardware support. And I think the OBSD community just need more beta-testers to test hardware and stuff like that.
Comments
By Anonymous Coward () on
I suppose this is a common thread in this discussion. How can we discuss "stability" of an OS, and yet expect the kernel to be able to handle Realtek cards?
Realtek doesn't even work on Windows , for crying out loud. It's not the ethernet part -- if the card works for you, it's because you have a robust PCI system. The bus-level stuff on the cards of totally broken.
I'd use stronger language to describe how utterly garbage these cards are, but there are small children present (Theo, I'm looking in your direction).
Oooh. A cheap jab at Theo from an AC. I'm such a l0s3r.
Anyway, I don't know nothin' about the 3COM cards, but you were running an essentially untested driver patch.
I've said it before, and I'll say it again: stability _starts_ at the hardware level -- all the way down to the metal. Build and test good drivers (which the teams seems to be able to do) that run on robust hardware, and OpenBSD is as stable as a rock.
Look for stability on your old spare WinTel PC, and you may get it -- but only if you are lucky. Don't install it on my LAN, though.
By Anonymous Coward () on
Comments
By Benjamin Walkenhorst () krylon@gmx.net on mailto:krylon@gmx.net
They don't perform exactly great, but so far they got detected correctly and worked, under a variety of operating systems: Linux 2.4 and 2.6, Windows 2000 Professional, FreeBSD 4.8, NetBSD 1.6 and 1.6.1, OpenBSD 3.2.
Most of these systems I had installed for toying around (my primary system is Slackware 9.1 for desktop and NetBSD 1.6.1 on the server); so I can't really tell you how they behave in the long run under various OS'es, but the Linux-NetBSD setup works okay. Also, under Win2000 the card worked well.
Performance is another issue, but I rarely put the cards under heavy load, so that's not a problem to me...
By Anonymous Coward () on
However, when stumbling upon an old OpenBSD installation, maintaining it is a nightmare. Upgrading is hard if not impossible. Compared this with Debian and Gentoo which are rather easy to upgrade and sustain, even given the box may be a couple of revisions behind.
By Anonymous Creepard () on
My 2.8 box was a P90, with 48 Megs of ram, it was slowly dying the death of old hardware, at boot it somehow managed to use a random number generator to decide homw much RAM it had, (never more than 48Megs of coruse) but the sucker kept running long after that. the machine would not giv eup the ghost till I finally tried to upgrade it to 3.0, at that point it gave up and wound up in the recycling pile.
Then there was the 200MMX that replaced it, which happened to have bad RAM, causing a segfault everytime you logged into the thing, yet it kept chugging along like nothing was wrong. It would run for 6 -9 months till it exhausted it's 128Megs of bad RAM before it would die. It usually got rebooted by hand before that. (power outages, moving the rack etc.)
IMHO Open is a rather solid OS.
By Anonymous Coward () on
I am experiencing some issues with 3.4 and 3.3. It happened twice, so I am not sure how to reproduce this. Anyway, the issue is that the termnial console will write in CAPS regardless of the CAPS LOCK position. Making it impossible to log in the machine. I can ssh and restart the machine though.
As paranoic as we are, I am thinking if I have been root, and the criminal is trying to avoid usage of the terminal.
Comments
By Anonymous Coward () on
Comments
By Anonymous Coward () on
PS: That should be added to the FAQ...
Thanks!
By djm () on
By Joe Schmoe () on
1. I get XFree86 config'ed correctly with the mouse.
2. I switch to another machine (via the KVM) and do other things.
3. I switch back to OpenBSD and the mouse goes crazy, as if it was config'ed with the wrong protocol.
A reboot solves the problem, but that's not a really good solution.
Comments
By Anonymous Coward () on
a Trendnet TK400, if I use the keyboard shortcut to switch back to my OpenBSD box. When I use the button on the KVM switch itself, the mouse driver stays sane. Have you tried using the button on the switch?
hope it works for you-
By Anonymous Coward () on
Comments
By Anonymous Coward () on
By c.roberts () on http://www.physicalplant.ttu.edu
By Enrique () enmartinez@yahoo.com on mailto:enmartinez@yahoo.com
By Anonymous Coward () on
Of course, it is not really suited for building a rendering cluster. It is not the design goal. It provides a secure, stable base for system building.
How well it performs depends on the function, the installer's knowhow and various unpredictable hardware interactions. However, that's the case for every OS, and I've never really expected my hardware to always work on the first go nor at full capacity. I've also never seen it do that for other people. If something doesn't work, consider changing it for something readily supported, funds permitting, costs a little more but so does frustration. You can also check before buying.
Also, consider that the BIOS on i386 is an often overlooked source of problems.
btw, I have an as/400 that ran for five years straight next to me which I still haven't switched on...
By Chas () on http://rhadmin.org
By sander () sander@skyberate.ent on http://www.skyberate.net
0 times since openbsd.
We have good uptimes with it.
only mysql crashes at least every week.
By Anonymous Coward () on
However, the hardware is the determining factor in the success I got. For example, I seldom get any issue with the Intel Ethernet 10/100 adapters. However, some 3COM card has been more troublesome. The Broadcom Gigabit (build-in on the DELL P2650) work well but has strange reaction at time with some software such as ZEBRA.
Finally, the latest hardware is not always very well supported. The DELL P2650 with a PERC 3/DI controler is generally working well but the controler will timeout at time.