This article discusses the importance of setting up and managing your own DNS server to improve network performance, privacy, and control. It highlights the limitations of relying on ISP-provided DNS servers and provides a step-by-step guide to configuring a local DNS server using FreeBSD. Key points include the basics of DNS queries, the benefits of caching DNS lookups locally, and how to mitigate issues with IoT devices. The article also covers the configuration of Unbound, a popular DNS server software, and offers insights into optimizing DNS performance.
The latest version of OPNsense, 25.1, has arrived - and it’s packed with exciting updates and improvements. This video walks you through all the major updates and new features packed into this release, including the upgrade to the latest version of FreeBSD, 14.2-RELEASE. This base system upgrade ensures better performance, enhanced stability, and cutting-edge compatibility for your network environment.
The FreeBSD Project has released a security advisory addressing a vulnerability in OpenSSH that affects keystroke timing obfuscation. The flaw, identified as CVE-2024-39894, allows a passive observer to detect keystrokes based on packet timing. This issue impacts FreeBSD versions 14.1 and earlier. Users are advised to upgrade their systems to the latest stable or release branch to mitigate the risk. The advisory provides detailed instructions for applying binary and source code patches.
The FreeBSD Project has released an errata notice for an update to the IANA Time Zone Database. This update affects all supported versions of FreeBSD and is crucial for users who rely on accurate time zone information. The notice provides detailed instructions for updating the system via binary patches or source code patches. Users are advised to update their systems to avoid displaying incorrect times and to ensure the proper functioning of applications that depend on the system time.
FreeBSD has released an errata notice addressing an issue where system call auditing is disabled by DTrace. This notice affects all supported versions of FreeBSD. The problem arises from a logic error when both system call auditing and DTrace system call tracing are enabled, leading to auditing being silently disabled. Privileged users can exploit this by running a DTrace script, which inhibits system call audit logging. The issue has been corrected in the latest stable and release branches, and users are advised to update their systems accordingly.
The FreeBSD Project has released an errata notice addressing a NULL pointer dereference in the NFSv4 client. This vulnerability can cause a kernel panic in FreeBSD systems mounting a NFSv4 server with delegations enabled. The issue affects FreeBSD 14.1 and has been corrected in stable and release branches. Users are advised to update their systems and reboot to apply the fix.
This article discusses the importance of setting up and managing your own DNS server to improve network performance, privacy, and control. It highlights the limitations of relying on ISP-provided DNS servers and provides a step-by-step guide to configuring a local DNS server using FreeBSD. Key points include the basics of DNS queries, the benefits of caching DNS lookups locally, and how to mitigate issues with IoT devices. The article also covers the configuration of Unbound, a popular DNS server software, and offers insights into optimizing DNS performance.
FreeBSD at FOSDEM 2025, Valuable News weekly series, BSD Now 595 highlights and more.
It's not all serious work with FreeBSD, we users can have a little bit of fun too....and in this video we present some games that we have picked for you to try during February. They all revolve around shapes ...sort of.
FreeBSD is known for its robust design, reliability, and advanced networking features, but like any operating system, it benefits significantly from performance tuning. This guide provides an extensive overview of FreeBSD performance tuning, covering kernel parameters, memory management, storage subsystems, networking, and more. It highlights key principles such as evaluating workloads, applying incremental modifications, and documenting changes thoroughly. The article also delves into specific tuning areas like process limits, virtual memory, network stack settings, and storage optimizations. Experienced BSD users will find detailed instructions on using sysctl, adjusting ZFS and UFS settings, and configuring network offloading. Additionally, it emphasizes the importance of monitoring and benchmarking to ensure that tuning efforts yield the desired performance improvements.
Heading to FOSDEM 2025? Visit the FreeBSD Stand in Building K to connect with contributors and learn about the latest updates. The event features several FreeBSD-focused talks, including discussions on security audits, modern standby implementation, and more. This is an excellent opportunity for BSD enthusiasts to deepen their knowledge and engage with the community. Don't miss the chance to grab some cool swag and meet fellow enthusiasts.
The Valuable News weekly series is dedicated to provide summary about news, articles and other interesting stuff mostly but not always related to the UNIX/BSD/Linux systems.
This episode of BSD Now covers the application of the ARC algorithm, advancements in cloud-native containers on FreeBSD with Podman testing highlights, and running web browsers in a FreeBSD jail. It also discusses fixing pf to allow IPv6 traffic on FreeBSD, the history of Minitel in France, and why Google stores billions of lines of code in a single repository.
This guide walks you through setting up a fault-tolerant reverse proxy using FreeBSD and HAProxy. It covers configuring CARP for failover, installing and setting up HAProxy, and adjusting firewall rules. This setup ensures high availability and reliability for your services, making it valuable for BSD users looking to enhance their network infrastructure.
This article delves into the key factors that influence network storage performance, focusing on protocols like SMB, NFS, and iSCSI. It highlights the importance of understanding these protocols and their unique challenges when testing NAS setups. The article provides insights into optimizing NAS configurations for accurate benchmarking, making it valuable for BSD users looking to enhance their network storage performance. It covers specific considerations for each protocol, including the use of tools like CrystalDiskMark and fio, and discusses the impact of multi-channel support and record sizes on performance.
The FreeBSD Foundation has initiated a project to deliver zero-trust builds starting January 2025. Commissioned by the Sovereign Tech Agency, this project aims to enhance the security of FreeBSD's build process by enabling release processes to run without root access and ensuring build artifacts are reproducible. The updates will simplify the build process and are expected to be completed before the release of FreeBSD 15.0. This initiative is part of a broader effort to advance Zero Trust builds, Software Bill of Materials (SBOM), and other security improvements.
NixBSD fork for FreeBSD, GhostBSDCon 2025 announced, new FreeBSD Journal and more.