tarballed
August 11th, 2003, 21:00
Well, check this out. I was at work today discussing things with my manager. We talked about our Mail Gateway which I was in the process of trying to get it up and running, but i've been hamstringed lately. (Long story).
Anyway, he says to me, "So do you want to put OpenBSD on the Mail gateway? I read the article you sent me and OpenBSD sounds very secure, more secure than Linux."
I was stoked! I told hime that OpenBSD has a great track record for being secure and should really suit our needs as well. I also told him that OpenBSD makes a great web server.
So im breaking through here. He even gave me the Ok to setup FreeBSD as a server on our LAN! The walls are crumbling down!
So just a few things I wanted to ask.
The server that will be running the Mail Gateway is a IBM Server, with 2 removable SCSI drives. They are 18gig SCSI drives each.
So wanted to get your thoughts on this. I was going to run postfix of course as the gateway and make it do some basic checking as email comes in.
Anyone care to comment on the server and any recommendations? I have the How-To by lawmonkey, but the only thing that would apply to me really is setting up OpenBSD and configuring Postfix.
On a side note, how bad of an idea would it be to run the Mail Gateway and a Web server on the same box?
Things are definitely looking good!
Tarballed
tarballed
August 12th, 2003, 13:35
Ok...im back...quick question.
Can anyone tell me how well OpenBSD 3.3 will work with SCSI drives?
Reason I ask is that I currently am planning on putting OpenBSD 3.3 on our mail gateway. It is an IBM server with two removable SCSI drives; 18gig SCSI's to be exact.
Now, I've heard that OpenBSD does not handle RAID and SCSI as well as FreeBSD.
With that in mind, anyone have any thoughts or suggestions?
More specs on the IBM Server:
PIII 1ghz CPU
256mb RAM
(2) 18gig SCSI drives
If anyone has some insight or recommendations, i'm all ears and eyes. :)
Thanks guys.
Tarballed
|MiNi0n|
August 12th, 2003, 13:39
Check to see if the scsi cards in the box are supported by OpenBSD.
I believe frisco knows a lot about RAID in OBSD.
tarballed
August 12th, 2003, 15:19
Here is the link to this particular server:
http://www5.pc.ibm.com/us/products.nsf/$wwwPartNumLookup/_865451Y
Im currently looking to see if OpenBSD supports the SCSI, but a quick glance shows it does not. :(
Any comments?
Tarballed
tarballed
August 12th, 2003, 15:57
Oof...It did not detect the drives. When I go to (I) it says "No drives found."
When I watch the output, it shows that it detected the 2 SCSI targets as well as the "ServRworks" and shows it is not configured...
Possible I need to setup the drives prior to install? I thought I could do that before hand.
Any suggestions here?
I'm pretty stoked...I'm getting *BSD on the network here...Woot!
T.
tarballed
August 12th, 2003, 16:58
Here is the dmesg output from the initial boot from the floppy:
[code:1:61a2d15517]OpenBSD 3.3 (RAMDISKB) #40: Sat Mar 29 13:49:28 MST 2003
deraadt@i386.openbsd.org:/usr/src/sys/arch/i386/compile/RAMDISKB
cpu0: Intel Pentium III (Coppermine) ("GenuineIntel" 686-class) 1 GHz
cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SYS,MTRR,P GE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SIMD
real mem = 267931648 (261652K)
avail mem = 244629504 (238896K)
using 3296 buffers containing 13500416 bytes (13184K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(00) BIOS, date 03/30/01, BIOS32 rev. 0 @ 0xfd5e1
pcibios0 at bios0: rev. 2.1 @ 0xf0000/0xffff
pcibios0: PCI BIOS has 7 Interrupt Routing table entries
pcibios0: no compatible PCI ICU found
pcibios0: Warning, unable to fix up PCI interrupt routing
pcibios0: PCI bus #0 is the last bus
bios0: ROM list: 0xc0000/0xa000 0xca000/0x1800 0xcb800/0x5200
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "ServerWorks CNB20LE Host" rev 0x06
pchb1 at pci0 dev 0 function 1 "ServerWorks CNB20LE Host" rev 0x06
pci1 at pchb1 bus 1
"Adaptec AIC-7892 U160" rev 0x02 at pci1 dev 3 function 0 not configured
vga1 at pci0 dev 1 function 0 "S3 Savage 4" rev 0x04
wsdisplay0 at vga1: console (80x25, vt100 emulation)
fxp0 at pci0 dev 2 function 0 "Intel 82557" rev 0x08: irq 10, address 00:02:55:ad:0c:1e
inphy0 at fxp0 phy 1: i82555 10/100 media interface, rev. 4
fxp1 at pci0 dev 10 function 0 "Intel 82557" rev 0x08: irq 10, address 00:02:55:ad:0c:1f
inphy1 at fxp1 phy 1: i82555 10/100 media interface, rev. 4
pcib0 at pci0 dev 15 function 0 "ServerWorks ROSB4 SouthBridge" rev 0x50
pciide0 at pci0 dev 15 function 1 "ServerWorks OSB4 IDE" rev 0x00: DMA
atapiscsi0 at pciide0 channel 0 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: <DELTA, OIP-SD2400A/BM, 5.6i> SCSI0 5/cdrom removable
cd0(pciide0:0:0): using PIO mode 4, DMA mode 2, Ultra-DMA mode 2
"ServerWorks OSB4/CSB5 USB" rev 0x04 at pci0 dev 15 function 2 not configured
isa0 at pcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
npx0 at isa0 port 0xf0/16: using exception 16
pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec
biomask c040 netmask c440 ttymask c442
rd0: fixed, 3560 blocks
root on rd0a
rootdev=0x1100 rrootdev=0x2f00 rawdev=0x2f02
[/code:1:61a2d15517]
Tarballed
elmore
August 12th, 2003, 16:59
Well assuming you're booting from floppies have you tried floppy b or floppy c? There are three different kernels that have three different sets of SCSI drivers. Between the three of them one should work if the card is in fact supported.
Now with that being said, I have a server where the raid card is supported and the drives are recognized but when I boot up the installer it can't see the drives no matter what kernel I use. I have gotten around this by using a seperate SCSI card for the install and then once OBSD is loaded hooking the old SCSI card back up.
Now with that being said, obviously if I were running some sort of hardware based raid I couldn't do that.
Hope this helps.
tarballed
August 12th, 2003, 17:10
Thanks Elmore...
Well, I solved the issue..*sigh*
Pretty stupied really. I used both the floppyB and floppyC drives testing out. I did not even attempt to use the first floppy because it said it was geared towards "personal type computers" and floppyB was geared towards "high end servers".
Well, floppy.fs worked without a hitch...
Man, dont I feel like a reject. Should have just tested them all first, then cried for help... :(
Anyways, it detected both scsi drives....
Now im in the dilema of what would be the best way to cut up these drives...
Any thoughts here?
Thanks guys for your help.
Tarballed, who is pulling his head out of his arse right now :oops:
frisco
August 12th, 2003, 17:20
"Adaptec AIC-7892 U160" rev 0x02 at pci1 dev 3 function 0 not configured
This is your scsi card. You can verify against http://www.openbsd.org/i386.html to see which floppy should have the drivers for that card. Also, note that as of 3.3 there is a boot cdrom image available for download - look for cd33.iso - and generally the cd image has most of what's available on the three floppies. As a final resort, you can look in the config files for the kernels to see which config might have the drivers you need: http://www.openbsd.org/cgi-bin/cvsweb/src/sys/arch/i386/conf/ For some rarer equipment, the driver is only available in GENERIC, and some stuff is not even available in GENERIC but can be compiled in.
tarballed
August 12th, 2003, 19:39
Thanks Frisco...I did not know about the new boot cdrom image...thats' pretty slick. I will have to check it out.
Last question: What do you guys recommend for a partition layout?
This machine is going to be used as a mail gateway and most likely, a web server.
The mail gateway will only be running postfix, no other items like amavis or anti-virus. Possibly razor in the future.
The specs on the box:
IBM Server
2 PIII 1ghz cpus
256mb RAM (We are going to upgrade to 512mb)
2 Ultra 160 SCSI drives: 18gigs each
Any thoughts here?
I thought about putting apache to itself all on one drive, but then I thought that would be bad idea..
Any thoughts on the best way to utitlize these drives?
Thanks guys..
Tarballed
Feels good to have a *BSD box on the network..i think im converting my manager...he just went out and ordered Absolute OpenBSD :)
tarballed
August 12th, 2003, 19:58
Or, maybe putting /var and something else on the second drive?
I dunno...im brainstorming here.
Does OpenBSD run apache in a chroot environment by default?
Someone mentioned that somewhere and I wanted to ask here and verify it.
Tarballed
|MiNi0n|
August 13th, 2003, 01:29
Yes. apache is chrooted by default in OpenBSD... since 3.2 if I'm not mistaken.
tarballed
August 13th, 2003, 01:44
Thanks Minion for clearing that up...
Any thoughts on a partition setup for this particular server?
I have not come up with any schemes that I really like.
Kicking around a few, but nothing solid...
Any suggestions?
Tarballed
|MiNi0n|
August 13th, 2003, 01:49
http://www.openbsd.org/faq/faq4.html#SpaceNeeded
tarballed
August 13th, 2003, 01:54
hehehe
I read that...the only question I have is that I have 2 SCSI drives with 18gigs a piece....
I was just curious if anyone had any thoughts on a pretty good partition scheme that I could setup on both drives...
It throws a wrench into the loop and has the option for a lof of ideas on how to set it up...
I've thought about setting up an apache directory and possibly a tempdirectory on the second drive...
Just thoughts i'm kicking around.... :)
Tarballed
frisco
August 13th, 2003, 02:55
Start with something like this:
200m /
1g swap
1g /tmp
1g /usr
2g /usr/local
1g /var
5g /var/mail
2g /var/www
1g /home
You may want to add something to /var/www or /var/mail. Keep in mind that b/c of chroot apache /var/www must contain all web accessible files. You may need to make /var larger if you're expecting larger mail attachments (or school users on 1g+ attachments) or lots of logs.
Do you have any usage stats to know what to expect? Total web space use? Total of all inboxes? If mailboxes are kept in user's $HOME, increase /home partition size too. Otherwise, you may want to plan for growth and leave some free space lying around (how about one disk blank?). Or, do you need to mirror the data? Use the other disk as an rsync backup?
Take the above numbers as a starting point and work with what you already know about the use to determine what you'll need. Also, since you have to ask for suggestions, you can be assured that you'll regret, in some way, the choices you make. Partition sizing is really tricky, unless you assign one disk as / and the other as swap.
By the way, -current (which is now tagged 3.4-beta) has growfs.
tarballed
August 13th, 2003, 12:13
Do you have any usage stats to know what to expect? Total web space use? Total of all inboxes? If mailboxes are kept in user's $HOME, increase /home partition size too. Otherwise, you may want to plan for growth and leave some free space lying around (how about one disk blank?). Or, do you need to mirror the data? Use the other disk as an rsync backup?
Well, at this time, as far as web usage is concerned, is hard to say. The attempt is to make our web site more up-to-date here pretty soon to attract more attention...so its hard to say at this time.
The server itself will not be holding any mail on the it locally. It will be forwarding everything to our internal mail server where I have everything setup; maildir, spamassassin, clamav, amavis etc.
The good thing is that we have ordered some backup drives for this system (2 in fact). What I was thinking of doing is what you suggested: Possibly Mirror the setup on one of the new disks when they arrive. That way, if one of the disks dies somehow on the server, I could just throw the backup back in and we should be good to go.
I have many things to consider, but its cool...I like it...im just really glad i've convinced management to look elsewhere besides Linux....
Thanks guys.
Tarballed
tarballed
August 13th, 2003, 15:45
Ok...I should have asked this question a long time ago, but didnt. :(
200m /
1g swap
1g /tmp
1g /usr
2g /usr/local
1g /var
5g /var/mail
2g /var/www
1g /home
Being that im coming from a Linux background, my understanding of how and where applications on *BSD is slightly screwed up. Normally, on Linux installs, I like to give / and /usr a larger partition *just in case*. Reason is that all applications for Linux go in /usr and if you get a full / partition in Linux, your pretty much up a tree.
With that in mind and in regards to OpenBSD, how much space would the / and /usr partition need on just a normal install, and how quickly does that space fill up?
Reason I ask is that I want to make sure that I have enough room on my partitions, just in case...If *BSD does it differently, that is good to know. :)
Thanks everyone.
T.
frisco
August 13th, 2003, 16:08
I usually make my / 100 or 200mb. Packages get installed into /usr/local, otherwise /usr is only stuff that comes with OpenBSD. In other words, after an initial install, /usr won't grow (excepting /usr/local, /usr/ports, /usr/src, and /usr/obj) and / will grow minimally (some ports install stuff there, like config files, and some tasks like adding users will change stuff in /). If you're not building anything on /usr (or have separate /usr/src /usr/obj /usr/ports) then you can mount /usr readonly. If you mount an mfs for /dev then you can mount / readonly too.
`man hier` for more info.
My theory for / being small is that it should never grow by more than a few megs. If it does, something Bad is happening and i want it to stop. Having it small will make it stop sooner. Also, it is easier to notice a 20mb change on a 100mb partitions (as that's 20%) than on a 1gb partition (as that's 2%).
cod3fr3ak
August 14th, 2003, 16:35
Good inof on partition sizes Frisco. I was thinking the same thing but was afraid to mess around with the / on my OBSD router. Since I am A Solaris admin I've gotten used to have 1gb+ / partitions. Even for mail servers and such.