FreeBSD9 and the sheer number of problem reports
gkontos.mail at gmail.com
Fri Feb 24 00:16:01 UTC 2012
> Short introduction in order:
> See, we use FreeBSD at work for our firewall boxes, running:
> - PF + CARP + PFsync
> - nagios-nrpe
> - munin-node
> - bacula client
> and either
> - nginx and/or haproxy
> - relayd
> These boxes serve as frontend firewalls for all our projects/products,
> including a few high traffic ones.
> For example our most traffic intense project has 4 firewalls, 2 each on
> 2 different datacenters, sharing 4 CARP IPs with automagic failover.
> In the current state of things, I have *absolutely* no wish to run it in
> production :(
> I'd love to hear feedback.
This is really a bad example and we shouldn't jump into the .0
Firewalls are supposed to be super stable. The last thing you need in
a firewall is trying to troubleshoot OS related issues.
Most major brands use well patched long tested OS to build their
So, no you shouldn't jump to 9 before it has been thoroughly tested.
That doesn't mean of course that you should let others do the testing
for you. If you plan on moving your environment to 9 at some point in
the future then you have to start your own testing now.
Aicom telecoms ltd
More information about the freebsd-stable