HAST and Ctl: FreeBSD's Built-In Storage Replication and iSCSI Target
How HAST mirrors block devices across two hosts over the network, how Ctl serves them out as an iSCSI target, and where each one actually fits versus ZFS's own replication tools.
The ports tree, ZFS, jails, pf, and the internals of a Unix built for correctness.
How HAST mirrors block devices across two hosts over the network, how Ctl serves them out as an iSCSI target, and where each one actually fits versus ZFS's own replication tools.
Setting up FreeBSD's Basic Security Module audit framework to log security-relevant events with the right level of detail without drowning in noise.
A complete walkthrough creating a boot environment before a risky change, and rolling back to it instantly from the boot loader if something goes wrong.
A practical walkthrough of Capsicum's capability mode — how to check if a program supports it, and how sandboxed services actually differ from ordinary ones at the syscall level.
Configuring CARP for automatic IP failover between two FreeBSD hosts, and the parts of a real HA setup that CARP alone doesn't handle for you.
Getting DTrace enabled and running real diagnostic scripts on FreeBSD, from syscall counting to finding exactly which function is burning CPU, without recompiling anything.
A complete walkthrough creating, configuring, and managing jails using iocage — a much friendlier layer over raw jail.conf management.
Setting up multiple routing tables (fibs) on FreeBSD for policy routing across several uplinks, and what MPTCP actually offers versus simple multi-fib load distribution.
Building a real network-attached storage box on FreeBSD: pool layout decisions, dataset structure, and getting Samba to serve it with correct permissions to Windows and Mac clients.
A complete walkthrough building your own signed FreeBSD package repository — useful for internal packages, pinned versions, or a local mirror.