OpenBSD is a fun platform to immerse in software, networking, security, and Operating Systems principals. Although many users choose to use it for their desktop, it is also not too shabby filling in as the foundation for Border (Edge) Systems such as Firewalls and Gateway Servers.
The OpenBSD focus on documentation in man(ual) pages, and online Frequently Asked Questions(FAQ) is a great foundation for you to experiment, and maintain.
These notes reference how we got/keep OpenBSD up and running. It is partly a reflection of our journey, and may be totally wrong for your context. Verify what you read here through the official OpenBSD documentation, ask questions on the mailing lists, use search engines such as Google or Bing and Practise Safe Computing (tm).
Preview | Install | Consistency
Putting together an OpenBSD box is fun and easy, although there are a few hurdles that can seem daunting for the new user. The installation process is well defined, documented. We include here a few areas that might be interesting to review before a system install (especially for new users.)
Likewise, we try to put here general issues to consider when planning to roll-out a consistent deployment of OpenBSD. 3
Chat | Mail | VPN | Web | Miscellaneous
Your first step in connecting your new OpenBSD box, to anything, is to read the OpenBSD FAQ 6 - Networking document. And then, read it again.
Afterwards, we can explore end-user communication services with your OpenBSD.
E-mail may just be the lifeblood of the Internet, unless you’re younger than 25. Various tools come together to provide what is generally termed an E-mail Server, (MTA) and we bring together some of these key tools on OpenBSD.
Install and configure a VPN using OpenVPN
Configure the base Apache Server and complementary services such as.
High Availability | Firewall | Routing
OpenBSD is a great tool for securing your borders and gateways and comes pre-configured with foundation tools for such services.
With the base install of OpenBSD you can readily configure border services such as a Packet Filtering Firewall (pf), Encrypted VPNs (ipsec), and routing gateways (bgpd).
In this section, we review facilities in OpenBSD common in our border system deployments such as redundancy.
Maintenance involves a lot of monitoring, not only monitoring your host resources, but other factors that together define the service delivery you wish to supply. Monitoring involves passive accumulation of events, and the decision process from these.
It’s important to re-iterate that the OpenBSD project extends a good effort to documenting it’s toolkit. The OpenBSD FAQ 6 - Networking is required reading. When you know your sh*t, you can refer back to the FAQ to
The FAQ is a good guide and foundation knowledge that will serve you well as most services your configure or install will need Network access.