BSD in 60 Days

The team had a limited budget and time frame to move services in-house and the business was technology agnostic, making it easier to use the right tool for the job.

While LCHS was purely a Microsoft and IBM shop with aging Cisco network gear, it was my initiative to use BSD to solve key problems and gaps in the network where they were identified.

This presentation will outline the various design considerations that were part of the migration project along with how else we have used OpenBSD and FreeBSD within the business.

OpenBSD was primarily used for network core facilities and edge devices. Using OpenBSD technologies such as OpenIKED iked(8) for remote office interconnectivity workloads, OpenBGPD’s ripd(8) for network routing over our ISP’s MPLS network, PF(4) with Squid and an ACL subscription for various firewall workloads and enforcing business values. Edge mail systems were also in-scope with OpenSMTPD’s smtpd(8), spamd(8) and other tools used to scrub in-bound email.

Where we had critical business systems backups to deal with, FreeBSD was chosen to be the target due its rock-solid implementation of ZFS(8) and the ability seamlessly replicate those backups to our DR site.

I will discuss the wins and some of the pitfalls on these implementations with the hope to help attendees in being able to sell BSD as a viable, cost effective and flexible option to solve problems that they may be having in their organisation.