[Soekris] Best way to install openbsd
Bill Maas
bill at stsx.org
Tue Nov 7 19:31:53 UTC 2006
On Tue, 2006-11-07 at 12:33 +0000, Stuart Henderson wrote:
> You probably don't _need_ to worry about ramdisks unless you're writing
> large files on a regular basis. Things like bind/openvpn/pf aren't really
> a problem (you might like to investigate syslogc if you want to have
> openvpn logging turned up high enough for useful debugging but that's
> not really likely to be a problem either).
I don't think file size is an issue here. The problem seems to be the
max. no. of R/W cycles supported CF card, or the number of times that
the same disk area can be written to. But I'm no technician, so correct
me if I'm wrong. Anyway, I can imagein that a log rotating program does
an excellent job at causing the same disk area to be written to over and
over again, if the same disk blocks are allocated each time a log file
is rotated and truncated. I don't know how OpenBSD handles free blocks
lists.
Many documents refer to running a remote syslog server in combination
with a read-only root fs, or mailing out the logs at regular intervals.
Without a syslog server mounting an MFS onto /var has a fundamental flaw
anyway: if the system crashes I would be interested in the logs from the
last few seconds, not from two hours before the crash. And it's these
final logs that will probably be taken down together with the machine.
Also, an intruder could effectively cover his/her tracks simply by
rebooting the machine if an MFS is used. So using an MFS is probably not
suited for production environments, if it isn't used in combination with
a syslog server, to which logs are written out immediately. With of
course the interfaces, cables, switch and router power supply, network
sanity, routing table and so on as possible points of failure. There are
no perfect solutions.. For now, the MFS setup on my net at home works
flawlessly.
Bill
More information about the Soekris-tech
mailing list