Search results

Which features of OpenVPN do you need? Wireguard-go has been ported to FreeBSD as well. It is a lot simpler to deploy correctly than OpenVPN and should offer slightly better performance.

Did you document your setup somewhere?

tmux, mosh, sudo, vim(-console), i3, rofi, zxfer, ...

The kern.kq_calloutmax sysctl isn't related to open files per queue or process. Instead it limits the number timers that may be created through kqueue system wide. It is better to store events in a time ordered priority queue and invoke the kevent() syscall with the min() of that queue as timeout.

These days pkgng has enough metadata about packages to deal with most cases and help you build the reverse dependencies as well or at least fail at install time (look at synth for an example of how that can work).

A lot of the warnings against mixing ports and packages are old and outdated. The old pkg_* tools were unable to detect the conflicts caused by mixing ports and packages. The resulting breakage could be very tedious to clean up. These days can start with packages an build a few ports in...

Running unencrypted tunnels through the internet is not the best of ideas even with static endpoint addresses. One way to fix both problems at once would be to use strongSwan to encrypt the GRE tunnel in transport mode with NAT-T and a updown script to sync the tunnel configurations. Just make...

The APIC is required for SMP.

Does your Mainboard and BIOS version support the X6 1045T?

Yes OFED is supported, but it requires you to (re-)build your system with OFED support enabled.

It is burned into some small flash area buy the manufacturer and normally doesn't have to be installed. Some old Marvell devices (e.g. Dockstar) shipped with u-boot versions lacking USB boot support but had enough flash to install a full featured u-boot. Only on such devices should you replace...

Add your request to https://wiki.freebsd.org/WantedPorts and get someone to look at it.

IIRC this regression and the tearing problem was introduced by the switch to KMS.

PostgreSQL no longer uses SysV shared memory for buffers as such tuning those is no longer required.

I would use StronSwan to protect a GRE or IPIP tunnel with IPsec in transport mode and NAT-T as required. Use a leftupdown script to move the tunnel endpoints and a firewall (IPFW or PF) to prevent traffic leaks.

Personally I prefer to run all daemon under runit supervision, but the FreeBSD rc can handle your usecase just fine. You can use daemon to daemonize (and optionally supervise) your script. This article provides a good introduction to FreeBSD rc scripting including writing non-trivial rc scripts...

While the EdgeRouter Lite is a nice piece of gear without drivers for most of the offloading hardware it is just a slow 500MHz scalar dual-core MIPS64 big-endian system. By installing anything but EdgeOS you are limited to what those CPUs can get out of NICs without offloading hardware, but...

Maybe the old userspace iSCSI target daemon can export tape drives as iSCSI targets.

Please post your ip6addrctl and sockstat -l output.

If both endpoints support it you can already combine IPsec in transport mode with GRE to get a tunnel interface suitable for dynamic routing at the cost of a 4 byte GRE header. The performance improvements alone are very useful and getting rid of the GRE header is the icing on the cake.