Re: NetBSD in production

[Adriel Torres <ladr.torres%gmail.com@localhost>]

-what kind of application/service
-what platform (type, configuration)
-what branch
-what critically
-what version(s) of NetBSD
-what pros do you see
-what is missing / could be improved

Greetings list,

For production, I run a DNS Caching Server/Firewall Appliance for a
medium-size business. The machine is an IBM ThinkCentre M52 (i386) and runs
a custom kernel tailoring it to the hardware. It runs the formal (Stable)
5.1 release.

The pros for me are the 'clean' minimal feel which doesn't get in the way
and the integrated security(8) features such as the veriexec subsystem.  I
like that veriexec works transparently, monitoring files in real-time, and
gives the ability to 'lock down' the machine in the event of a compromise.
This feature alone is worth everything to me.

Another pro for me is having Postfix in base.

The RUMP Anykernel architecture is great, though i have yet to really
implement anything with it in a production setting. psshfs out-of-the-box is
really neat and useful too.


Cons:

Some people have the perception that the NetBSD community is very loose-knit
which I don't totally agree with : P

But really, as far as cons go, I have not experienced any I can think of off
the top of my head.  I do work with other BSD systems but NetBSD is my
favorite, although for firewalls, FreeBSD's ipfw is probably my favorite
firewall package.

IPF and PF are also great, however I am really looking forward to the new
npf firewall package in NetBSD 6.0.  I do run a spare multiboot machine at
home which on one partition has NetBSD
-Current though.

Regards