BSDCan2018 - 1.54
BSDCan 2018
The Technical BSD Conference
| Speakers | |
|---|---|
|
Peter Hansteen |
| Schedule | |
|---|---|
| Day | Tutorials #2 - 7 June - 2018-06-07 |
| Room | DMS 1110 |
| Start time | 09:00 |
| Duration | 03:00 |
| Info | |
| ID | 971 |
| Event type | Workshop |
| Track | Tutorial |
PF and networking tutorial with OpenBSD
This networking tutorial has a strong OpenBSD slant. The OpenBSD PF packet filter is at the heart of a family of networking tools that help make the daily life in your network a saner and better experience.
This session is aimed at both experienced or aspiring network administrators who want to expand their knowledge of PF, the OpenBSD packet filter, and have a broader understanding of networking concepts and protocols.
The tutorial is divided in two main parts. The first part covers the basics of PF, while the second part refocuses on the local network and its interactions with the global internet.
The goal of the tutorial is to give participants a very broad understanding of networking in an enterprise network using OpenBSD and PF as the basis.
A basic knowledge of Unix and TCP/IP network configuration is expected and required. The session content will be largely determined by your questions, if possible sent to tutorial@bsdly.net in advance, but a certain amout of ad-lib workshopping is to be expected.
This networking tutorial has a strong OpenBSD slant. The OpenBSD PF packet filter is at the heart of a family of networking tools that help make the daily life in your network a saner and better experience.
This session is aimed at both experienced or aspiring network administrators who want to expand their knowledge of PF, the OpenBSD packet filter, and have a broader understanding of networking concepts and protocols.
The tutorial is divided in two main parts. The first part covers the basics of PF, while the second part refocuses on the local network and its interactions with the global internet.
The goal of the tutorial is to give participants a very broad understanding of networking in an enterprise network using OpenBSD and PF as the basis for all the communication needs.
A basic knowledge of Unix and TCP/IP network configuration is expected and required. The session content will be largely determined by your questions, if possible sent to tutorial@bsdly.net in advance, but a certain amout of ad-lib workshopping is to be expected.
The tutorial is divided in two main parts. The first part covers the basics of PF, such as:
Configuration on OpenBSD, FreeBSD and NetBSD (and possibly Solaris) PF ruleset basics and rule interactions: block, pass, match Writing maintainable rulesets Address families: IPv4 NAT vs IPv6 Redirection, divert and services with odd dependencies (ftp-proxy, spamd) Adaptive rulesets (state tracking tricks) Traffic shaping with priorities and 'newqueue', OpenBSD 5.5 style Legacy ALTQ traffic shaping Per user filtering with authpf High availability with CARP, relayd Wireless vs wired networks Filtering bridges Logging and monitoring - pflog, pflow and others Testing, debugging, and optimizing your configuration Updates on recent developments and what to expect in upcoming releases
While the second part refocuses on the local network and its interactions with the global internet, covering topics such as:
Revisiting the principles of sensible network design Basic OpenOSPFd configuration, operation and interaction with PF; Basic OpenBGPd configuration, operation and interaction with PF; Introducing VXLAN in your network; Choosing your ISP, a quick guide; Use cases for OSPF, BGP or ECMP; BCP38, the routing manifesto and Internet peering;