What is your favourite/best firewall on FreeBSD and why?
Peter Wemm
peter at wemm.org
Fri May 23 21:03:19 UTC 2014
On 5/23/14, 10:18 AM, Mike Tancsa wrote:
> On 5/22/2014 6:50 PM, Peter Wemm wrote:
>
>> For what it's worth, we use FreeBSD-11 pf + carp on the FreeBSD.org
>> clusters. The main reasons:
>
> Hi Peter,
> Just curious, but what is in 11 that is not in 10 that you decided
> to deploy HEAD ? I thought all those features you listed are in
> RELENG_10 ?
>
> ---Mike
>
>
Two reasons.
1) back when 10.x was head, machines were set up to build from
svn.f.o/base/head and never quite made the switch to stable/10. I was
willing to do the extra work to make sure that 10-current was well
shaken out before it became 10-stable and that's why the cluster ran head.
2) for the most part there hasn't been any need to pull them back to
-stable. So long as we can handle it on clusteradm I felt that
deploying dogfood was a good way to find out if things are going off
into the weeds before it gets too far out of control. Having committers
aware that their changes are going to run live seems to make folks think
a little more carefully about committing destabilizing things.
In other words, 11.x is reliable enough that we can, so we are. It's not
for features though.
-Peter
More information about the freebsd-stable
mailing list