A Few years ago we had a time problem. Suddenly our linux NTP server, for a reason that I still do not know, started to fail giving us a lot of issues within all the equipment and services within our network. After a quick and brief meeting with management, I found out that there was not sufficient budget left for a fancy and well-suited appliance. So, with no time (literally) and no money to spend, I decided to give it a try and utilized a homemade open source solution, and the operating system of choice was FreeBSD 10.0.
The first step was to do some reading. Since this was the first BSD machine within my environment, it was important to clarify points like: minimum specs for the installation, how to setup the NTP service, and how to secure the OS once it was installed. This was very important because at that moment my network was 80% Solaris, 19% Linux, and 1% Windows.
Now, let’s pause for a second. You may be thinking, why in the world is this guy doing this, when he has never installed a BSD machine in his life? The answer is very simple; here, in the Dominican Republic, in the heart of the Caribbean, FreeBSD has a very good reputation when it comes to reliability and security. In fact, there is some collective thought within the sysadmin community that says something like: “If you want to deal only once with a service, install it over FreeBSD.”
Resuming step one, when it comes to the specs part, this was just amazing. The fact that I can have a real server running with a very low RAM, disk, and CPU requirements really blew my mind. Taking advantage of this, I even did some testing using old and out-of-service hardware (recycling for fun) in order to see how the OS behaves, and the results were simply great.
Once installed, the FreeBSD configuration for the NTP service was really easy; especially because there are tons of how-to and blogs on the Internet available explaining the whole process. Just after installation, I performed some vulnerabilities scanning on the machine, and found out that no big security issues were present, without any initial fine tuning from myself.
At the end, the service ended up running inside a tiny virtual machine with 1 GB of RAM, 8 GB HD, and 2 virtual CPUs. Once it went into production, this “mini” server synced with a stratum 2 without any problems at all, the NTP clients successfully synced with this local master as well.
Fascinated with the whole experience, we migrate one of our internal dns servers to a second FreeBSD machine and at the moment of this writing we are testing haproxy, an open source load-balancing proxy into a another server with the same OS.
After all this, no time issues have been reported in the past 2 years, so at least for my environment, FreeBSD came just in time.
About the Author: