FreeBSD9 and the sheer number of problem reports
George Kontostanos
gkontos.mail at gmail.com
Fri Feb 24 00:16:01 UTC 2012
> Short introduction in order:
>
> See, we use FreeBSD at work for our firewall boxes, running:
> - PF + CARP + PFsync
> - nagios-nrpe
> - munin-node
> - bacula client
>
> and either
> - nginx and/or haproxy
> - relayd
>
> These boxes serve as frontend firewalls for all our projects/products,
> including a few high traffic ones.
>
>
> For example our most traffic intense project has 4 firewalls, 2 each on
> 2 different datacenters, sharing 4 CARP IPs with automagic failover.
>
> These firewalls total ~200mb/s , serving only minifi'ed javascript pages.
> In the current state of things, I have *absolutely* no wish to run it in
> production :(
>
>
>
> I'd love to hear feedback.
This is really a bad example and we shouldn't jump into the .0
releases comparison.
Firewalls are supposed to be super stable. The last thing you need in
a firewall is trying to troubleshoot OS related issues.
Most major brands use well patched long tested OS to build their
firewall software.
So, no you shouldn't jump to 9 before it has been thoroughly tested.
That doesn't mean of course that you should let others do the testing
for you. If you plan on moving your environment to 9 at some point in
the future then you have to start your own testing now.
Best Regards,
--
George Kontostanos
Aicom telecoms ltd
http://www.aisecure.net
More information about the freebsd-stable
mailing list