BSDCan2017 - 0722d
BSDCan 2017
The Technical BSD Conference
| Speakers | |
|---|---|
|
Philipp Buehler |
| Schedule | |
|---|---|
| Day | Talks #1 - 9 June - 2017-06-09 |
| Room | DMS 1110 |
| Start time | 14:45 |
| Duration | 01:00 |
| Info | |
| ID | 792 |
| Event type | Lecture |
| Track | System Administration |
| Language used for presentation | English |
pf+rdomains create splendid multi-tenancy firewalls
Put all the tenants on one machine
This talk presents a working OpenBSD environment establishing a multi-tenant firewall with pf(4), rdomain/pair(4) and relayd(8) as work horses only.
The environment shows how to provision, operate, isolate and manage all the components needed - and what isn't. It'll reveal how even complex setups can be developed, tested and provisioned in a straightforward way.
Besides detailing on the OpenBSD bolts, there will be quick walkthrough how to create testing setups easily using Vagrant in preparation for live usage.
For easy re-enacting all configuration of OpenBSD and Vagrant being used are available online at https://github.com/double-p/smtf .