Wed, 23 Jul 2003
Been plowin' away at a whole bunc of projects of late, both home and work oriented. I upgraded a while back to OpenBSD 3.3 on my firewall and that gave me some nice advantages.
The new pf code has plenty niceties in it. Probably the nicest of which is the TCP ACK prioritization capabilty as described here. It also offers a nifty spam tarpitting functionality that I'm playing with. In addition to these nifty features, it has an app, pfstat, that can generate lovely little graphs. But the TCP ACK stuff is nice. It's nice not having your upload activity interrupt your download.
I've built a few more gentoo boxes. One is destined to be a file/www server for a site I'm helping to manage. The cool trick on this one is that I built gentoo completely under RedHat and then replaced it.
The box came with a RedHat install as it is a highly optimized Dual Athlon 1U server. I was able to build a copy of Gentoo in a chrooted subdirectory, boot off of a temporary CD and move all the original RedHAT out of the way and move the gentoo inplace, then reboot with my highly optimized system. I really like Gentoo for system management.
With that same site I've had plenty of work tuning a replicated www server environment with a custom php app and doing a mysql master-slave setup that's quite busy. Lots of db tuning to reduce load on those guys. I'll detail some of that here later.
I've also built myself a nifty little mini-itx fileserver for the home. I was going to build a custom case but ended up purchasing one instead. For under $300 I built a complete box with 256MB RAM and 120GB storage. The only part I didn't purchase was an old CD-ROM used to load the initial OS. I'm running Gentoo on this one as well. It is replacing a very old Sun E150 that I started losing disks on some time ago. Tons more storage, vastly reduced power consumption and noise, and a vastly smaller footprint.
Lastly for my work I am working on integrating qmail, OpenLDAP, and Samba 3.x into a single environment. I'll detail these many many parts in a separate post. It's really pretty involved and I need to keep track of my notes. It's also slow going since I can only do this work off-hours as my regular contract job for this company is my 40 hour job. Plus I'm having to do the work in such a way to provide minimal interruption to the current corporate LAN. But at least it's mine to do as I wish.