BSDCan2017 - 0722

BSDCan 2017
The Technical BSD Conference

Speakers
Philipp Buehler
Schedule
Day Talks #1 - 9 June - 2017-06-09
Room DMS 1110
Start time 14:45
Duration 01:00
Info
ID 792
Event type Lecture
Track System Administration
Language used for presentation English
Feedback

pf+rdomains create splendid multi-tenancy firewalls

Put all the tenants on one machine

This talk presents a working OpenBSD environment establishing a multi-tenant firewall with pf(4), rdomain/pair(4) and relayd(8) as work horses only.

The environment shows how to provision, operate, isolate and manage all the components needed - and what isn't. It'll reveal how even complex setups can be developed, tested and provisioned in a straightforward way.

Besides detailing on the OpenBSD bolts, there will be quick walkthrough how to create testing setups easily using Vagrant in preparation for live usage.

For easy re-enacting all configuration of OpenBSD and Vagrant being used are available online at https://github.com/double-p/smtf .