Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.

Dismiss

freebsd-isp Digest, Vol 105, Issue 7

0 views

Skip to first unread message

freebsd-i...@freebsd.org

unread,

Mar 27, 2005, 7:00:27 AM3/27/05

to freeb...@freebsd.org

Send freebsd-isp mailing list submissions to
freeb...@freebsd.org

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
or, via email, send a message with subject or body 'help' to
freebsd-i...@freebsd.org

You can reach the person managing the list at
freebsd-...@freebsd.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of freebsd-isp digest..."

Today's Topics:

1. Re: Courier-IMAP not starting (Odhiambo Washington)
2. Re: Network oriented services with FreeBSD (Lewis Watson)
3. Re: Network oriented services with FreeBSD (Bob Martin)
4. Re: Network oriented services with FreeBSD (Suporte Matik)
5. Re: ISP Software (wendelmaques)
6. Re: Network oriented services with FreeBSD (Bill Vermillion)

----------------------------------------------------------------------

Message: 1
Date: Sat, 26 Mar 2005 15:58:05 +0300
From: Odhiambo Washington <wa...@wananchi.com>
Subject: Re: Courier-IMAP not starting
To: freeb...@freebsd.org
Cc: smar...@hordehost.com
Message-ID: <20050326125...@ns2.wananchi.com>
Content-Type: text/plain; charset=us-ascii

* Stephen Matlick <smat...@hordehost.com> [20050324 17:53]: wrote:
> I am running FreeBSD 5.3, MySQL 4.1, and Postfix 2.0. All of these are
> running fine (I have also set up Postfix Admin on a separate box from
> Postfix and MySQL and that runs fine also - connects to the db without any
> issues, etc.).
>
> I am trying to set up Courier-IMAP now; I installed it, created
> authmysqlrc, and have followed the instructions I have found on setting it
> up from searches on the Net. However, the app just won't start. When I
> run imapd.sh or impad-ssl.sh I get:

1. Did you install courier-imap via the ports?
2. Did you also install courier-authlib via the ports?
3. Do you have the relevant entries required in /etc/rc.conf for the two
to start?

How did you install courier-imap? Which version did you install?

-Wash

http://www.netmeister.org/news/learn2quote.html

--
+======================================================================+
|\ _,,,---,,_ | Odhiambo Washington <wa...@wananchi.com>
Zzz /,`.-'`' -. ;-;;,_ | Wananchi Online Ltd. www.wananchi.com
|,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 +254 20 313922
'---''(_/--' `-'\_) | GSM: +254 722 743223 +254 733 744121
+======================================================================+
The debate rages on: Is PL/I Bachtrian or Dromedary?

------------------------------

Message: 2
Date: Sat, 26 Mar 2005 08:02:20 -0600
From: "Lewis Watson" <li...@visionsix.com>
Subject: Re: Network oriented services with FreeBSD
To: <freeb...@freebsd.org>
Message-ID: <024001c5320c$6d5858f0$0e41...@visionsix.com>
Content-Type: text/plain; charset="iso-8859-1"

> what kind of network oriented services you guys
> successfully (performance, scalability,...) run on
> can it
> be used for l2tp termination, per user bandwidth
> control, network load-balancing or that kind of very
> network oriented stuff, in an ISP environment and how
> does it scale compared with other solutions.
> Thanks,
> Laurent

Hi Laurent,
We have used FreeBSD in different situations within our network, as well as some of our client networks, always with a positive result.
Examples:
Router with basic packet filtering
Router with stateful packet filtering and bandwidth management.

We have assisted clients in deploying it as a bridge so that they could review where their bandwidth was being used and then configured it to manage bandwidth. We have had other cases where we used FreeBSD as a NAT/ DHCP server. The largest of these I personally have known of was for a network with ~ 3000 active hosts. It seems I have seen information on load balancing but I cannot remember where. Below is a quick list of a few applications to consider; I am sure there are many more that are not included...

Dynamic routing:
Routed
Zebra
OpenBGPD

Packet Filtering/ Firewalling:
IPFW
PF
IPF

Bandwidth Management/ QOS:
Dummynet
ALT-Q

On the hardware side we have used anything from a Pentium 133 w/ 64MB RAM up to a 1GHz PIII with 512MB RAM.

Have Fun!
Lewis Watson

------------------------------

Message: 3
Date: Sat, 26 Mar 2005 08:53:05 -0600
From: Bob Martin <b...@buckhorn.net>
Subject: Re: Network oriented services with FreeBSD
To: laurent LF <lauren...@yahoo.fr>
Cc: freeb...@freebsd.org
Message-ID: <42457751...@buckhorn.net>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed

We do all of our routing and firewalls with FreeBSD, instead of
dedicated equipment like Cisco. In short, a Xeon based PC (we're using
mostly ~2ghz, single processor boxen) that can be bought for less than a
$1000 will do almost anything a $15,000 dollar name brand router will
do. And it will do a few things the named brand units wont, like traffic
analysis. Instead of having the dedicated equipment and a server, we
just have a server.

Most of our servers are in data centers, so a simple NIC handles the
Internet pipe. We do have a couple of boxen with T1 cards, and one with
a T3 card. The prices of the cards are higher than you would pay for
dedicated hardware blades, but the TCO is still much lower.

We don't do QoS. But I've talked to several folks that have had good
luck with 5.3 and ALTQ. You can do some pretty amazing things with
netgraph and dummy net, QoS should be pretty simple.

FreeBSD isn't, to my knowledge, easily clustered. I know we don't have
anything like LVS. But you can use FreeBSD to balance requests to a
server farm.

Like anything, you have to define the job, then the results, and see
what works.

Bob Martin

laurent LF wrote:

> Well, of course my question is too vague.
> Typically, I would be interested to know if people use
> FreeBSD boxen as routers, firewalls, for bandwidth
> management / QoS, service load-balancing (like LVS for
> example) or that kind of stuff in an ISP environment.
> In which cases people prefer FreeBSD to a dedicated
> hardware, why and on which scale. (why you prefer a
> FreeBSD box to a 3660 or 7200 for example and for
> which usage)
>
> I know lots of things can be done but I would like to
> hear real life examples.
>
> Thanks,
>
> Laurent
>
> --- Bob Martin <b...@buckhorn.net> wrote:
>
>>The devil is in the details here...
>>How good/scalable as compared to what?
>>
>>It does l2tp, but there is a much, much better
>>protocol.. SSH. It will
>>also terminate isakmp.
>>
>>Network load balancing? You mean balancing pipe? Or
>>services?
>>
>>We replaced our 3660's and 7200's with FreeBSD boxen
>>2 years ago. We've
>>never missed them.
>>
>>But, like all things, FreeBSD can't be everything to
>>everyone. YMMV
>>
>>Bob Martin
>
>
>
>
>
>
>
>
> __________________________________________________________________
> Découvrez le nouveau Yahoo! Mail : 250 Mo d'espace de stockage pour vos mails !
> Créez votre Yahoo! Mail sur http://fr.mail.yahoo.com/

------------------------------

Message: 4
Date: Sat, 26 Mar 2005 14:29:05 -0300
From: Suporte Matik <ass...@matik.com.br>
Subject: Re: Network oriented services with FreeBSD
To: freeb...@freebsd.org
Message-ID: <200503261429...@matik.com.br>
Content-Type: text/plain; charset="iso-8859-1"

On Saturday 26 March 2005 11:53, Bob Martin wrote:
> We do all of our routing and firewalls with FreeBSD, instead of
> dedicated equipment like Cisco. In short, a Xeon based PC (we're
> using mostly ~2ghz, single processor boxen) that can be bought for
> less than a $1000 will do almost anything a $15,000 dollar name
> brand router will do. And it will do a few things the named brand
> units wont, like traffic analysis. Instead of having the dedicated
> equipment and a server, we just have a server.
>

Hi
probably not a fair comparism since your $15K router will have some
pretty clever interfaces which you possible do not get or at least
have to buy to put them into your PC and configure them if you can.
Lots of things IOS can do FreeBSd can still not, as CEF, class maps,
loadbalance, backuproute, VoIP to call only some
IMO BGP with Zebra on FBSD also is not close and reliable enough to
CISCO BGP .
So what you say may be ok for a simple router with some functions but
a cisco 2xxx does not cost 15k but all depends on size of the
network. May be an ISP with a small link does it well without
dedicated router but if you talk about network services I don't
know ...
And don't forget the disks, I will not even think about if a HD
crashes on a network router. I have some Ciscos running a couple of
years now without touching them.
Hans

_______________________________________________________

------------------------------

Message: 5
Date: Sat, 26 Mar 2005 16:13:46 -0300
From: wendelmaques <wen...@dotpix.com.br>
Subject: Re: ISP Software
To: freeb...@freebsd.org
Message-ID: <4363AD71CC1963C95D2313D7@[192.168.200.198]>
Content-Type: text/plain; charset=us-ascii; format=flowed

Hi Joe,
you can take a look at ISPMan project.

ISPMan allow you to have a distributed servers environment
based on LDAP Infrastructure.

ISPMan work as management to services like: web, dns and mail.

At now it can be configured to manage hosting services with:
Apache, BIND, Postfix, Cyrus and pure-ftpd.

The main authentication is based on LDAP via PAM or called
directly by services, like pure-ftpd or mod_auth_ldap.

ISPMan allow you to manage resellers, clients and domain.

Take a look at: http://www.ispman.org

The basic of ISPMan is:

You have a LDAP directory with all information about
DNS, Web vhosts, Mail accounts, Resellers and clients.

In each ISPMan server you run a agent. Agent connect to
ispman LDAP server and look for task to do, task can
ben add, update or delete, objects, like,
domains, mail accounts or apache vhosts.

--
wendelmaques
http://www.dotpix.com.br/~wendel/site/

------------------------------

Message: 6
Date: Sat, 26 Mar 2005 15:55:11 -0500
From: Bill Vermillion <b...@wjv.com>
Subject: Re: Network oriented services with FreeBSD
To: freeb...@freebsd.org
Message-ID: <20050326205...@wjv.com>
Content-Type: text/plain; charset=us-ascii

On Sat, Mar 26, 2005 at 14:29 , the murky waters churned and seethed,
the dark weeds parted and the water took on the sinister,
shifting visage we recognize as Suporte Matik. The great maw opened,
and the following was heard:

> On Saturday 26 March 2005 11:53, Bob Martin wrote:
> > We do all of our routing and firewalls with FreeBSD, instead of
> > dedicated equipment like Cisco. In short, a Xeon based PC (we're
> > using mostly ~2ghz, single processor boxen) that can be bought for
> > less than a $1000 will do almost anything a $15,000 dollar name
> > brand router will do. And it will do a few things the named brand
> > units wont, like traffic analysis. Instead of having the dedicated
> > equipment and a server, we just have a server.

> probably not a fair comparism since your $15K router will have some
> pretty clever interfaces which you possible do not get or at least
> have to buy to put them into your PC and configure them if you can.
> Lots of things IOS can do FreeBSd can still not, as CEF, class maps,
> loadbalance, backuproute, VoIP to call only some
> IMO BGP with Zebra on FBSD also is not close and reliable enough to
> CISCO BGP .
> So what you say may be ok for a simple router with some functions but
> a cisco 2xxx does not cost 15k but all depends on size of the
> network. May be an ISP with a small link does it well without
> dedicated router but if you talk about network services I don't
> know ...
> And don't forget the disks, I will not even think about if a HD
> crashes on a network router. I have some Ciscos running a couple of
> years now without touching them.
> Hans

I put FreeBSD in as a roouter twice. Once when a brand new Cisco
failed within 3 weeks where even the screen during boot failed.
Infant mortality. 7120. It was replace overnight by air and 4
years later it started rebooting - and I swapped in a FreeBSD.
Turns out something was corrupted - perhaps some intrusion.

Moved over to a Foundry router/switch - and wound up with one piece
of hardware to replace the route plus 2948.

I just prefer hardware for the reasons you do. The 7210 ran 3
years before it developed problems. And at the previous place I
worked we even replaced a quirky DS3 interface card on my huge
7513 while the system was hot and running so we didn't have to
interupt any outbound T1s. We lost global network connectivity for
no more than 30 seconds during that hot swap.

That was a huge beast and overkill for what we were doing but
we got it at awfully good price and what we were doing then
required a DS3 - and that was when only one provider could give us
those connection speeds. Oh how the world has changed in 8 year.

We're small but for many things HW is so much simpler - and if
something happens to one of us there are plenty of people familiar
with the dedicated hardware.

Bill

--
Bill Vermillion - bv @ wjv . com

------------------------------

End of freebsd-isp Digest, Vol 105, Issue 7
*******************************************

0 new messages