The POSIX.1-2024 specification now is available to the general public.

As of May 1, 2024, Internet routing security passed an important milestone. For the first time in the history of RPKI (Resource Public Key Infrastructure), the majority of IPv4 routes in the global routing table are covered by Route Origin Authorizations (ROAs), according to the NIST RPKI Monitor.

Nope. Keep in mind you don't need those tools to use wg. Wg was integrated in such a way that you use it with the normal tools like ifconfig

I'm an OpenBSD developer and fully agree anjbe here.

OpenBSD is for REAL HUMANS. Not real "men". OpenBSD is build and designed for everyone. It is a system you can give to your 5 year old and as they learn how to use the computer they'll learn how to safely connect to the Internet. The base install literally comes with games targetting children, to help their Internet experience.

Your whole life you have been using non-free, non-functional, and insecure software.

I'm here for fun - if we want to keep as many pufferfish alive as possible until the heat death of the universe, for me it starts with installing OpenBSD. OpenBSD is nothing other than love for other humans, and we don't know if we can trust them.

Haha, imagine who got my Loongson Laptop with OpenBSD for playing around?

My little cousin 9 y/o ...he knows how to update the system and packages, he plays with it very often and started to type some python programs i send him..often he tweaks them..like changing the color of the square. He has so much fun when he can 'magically' change whats drawn on the screen. Thank you all for that great system

if you want to record one for the project, let me know! :)

If you like the OpenBSD artwork poster - you can support future OpenBSD artists through the merch shop at https://openbsdstore.com/

Just another OpenBSD developer chiming in that this is the official store link; profits from the sales go towards paying artists for the next release.

The artwork for 6.7 was done by Jonni Phillips!

I wish I knew about this for 6.5!

They have BSD music!!

I've made an actual study of implementing RPKI's outcome in the route-map language, and its not pretty: https://github.com/job/rpki-ov-route-map

I recommend using RTR and native origin validation, not to depend on the route-map language to accomplish the task ;-)

For the BGP portion of the work they absolutely do.

Took me a minute to realize you were Job Snijders too lol.

We both know there are still garbagey nets out there using ARM32, MIPS and who knows what else out there for control plane processing. Only the big guys are gonna upgrade to support this.

I'm not sure which platform you're talking about, mine uses PPC, which hasn't been in a desktop in quite some time.

kern.version: JUNOS 18.XXX.X #0: XXXX-XX-XX 03:28:10 UTC builder@svl-junos-p001:/volume/build/junos/18.X/release/18.XXX.X/obj/powerpc/junos/bsd/kernels/JUNIPER-PPC/kernel

There certainly are some routers that use x86 based CPUs, but they're embedded versions which you'd be unlikely to use on a PC.

You can easily do origin validation on that type of CPU. It’s a very efficient lookup.

I guess we'll see what happens TBH. I didn't realize it'd been available in JunOS since 12.2 which covers a variety of devices (even some old stuff I've seen on customer sites), I've yet to come across a site with it deployed. Maybe I should do some consulting for folks.

Big isp core and edge routers absolutely use large Xeon CPUs.

If you count a single multicore 1.9Ghz CPU as a "Large Xeon" then you'd be right, otherwise thats incorrect.

8 cores in Cisco rsp880, released a few years ago so not that small back then.

Nothing stops you hooking up a regular PC to do route validation and run the BGP protocol and stuff, and load validated routes into any router you choose.

There are lots of things stopping that...

The first namely being that nobody is going to do that unless they have too much time on their hands and don't actually run a real network. "Just loading routes" into a router is not really that straightforward.

A lot of people, including very large companies are doing this in production. Using a route reflector/route server isn’t new, and it is very common.

Doing it right is not easy, and most people don't do it correctly nor do they know how to make it work all the time.

Isn't that the entire idea behind the "software defined networking" craze?

There's certainly an aspect to that, but generally no.

> mine uses PPC, which hasn't been in a desktop in quite some time

Raptor sells desktops with IBM POWER9 CPUs – https://www.raptorcs.com/content/base/products.html – they are expensive, and the same amount of money would buy you a much more powerful x86 system, but they exist.

please check back in a few days, we are almost there.

you can also work with https://github.com/rpki-client/rpki-client-portable currently runs on a bunch of systems! coming to packages in the popular formats close to you soon!

Thanks for the update!

a really cool way to explain RPKI, thanks for sharing!