

Ask HN: Is OpenBSD's relayd production quality? - JoelJacobson

We picked OpenBSD as the OS for our external firewalls, due to it&#x27;s reputation for security and networking features (pf+relayd).<p>Yesterday we had an outage which was tracked down to the relayd daemon, which had apparently crashed.<p>I would be <i>very</i> surprised if for instance sshd would crash, which has never happened to me.<p>Is the relayd code of about the same quality when it comes to stability and security as OpenSSH?<p>We are using OpenBSD 5.3&#x2F;amd64, and will upgrade to 5.4, which I read will fix some crashes with relayd. Just curious if I should expect more crashes, or if the bugs in the relayd shipped with 5.3 was exceptional or not.
======
runjake

      > due to it's reputation for security and networking 
      > features
    

Let me fix that statement for you: "due to it's _largely self-perpetuated_
reputation". That reputation falls apart when you start installing software
upon the minimal default install and someone breaks in and there's no decent
RBAC/MAC/TE/etc in the OS to further stop them.

But to answer your question, I've had a lot of stability issues with the
FreeBSD port of relayd.

~~~
JoelJacobson
Any alternatives to relayd?

