OpenBSD Journal

c2k15: florian@ on building the hackathon network, httpd and pflow

Contributed by tj on from the how-should-this-sound dept.

Our next c2k15 report comes from Florian Obser (florian@).

My hackathon started over a week earlier with Peter Hessler (phessler@) arriving at my place in Amsterdam. We were on the same flight to Calgary via Toronto the next morning.

The first flight was uneventful and after breakfast, elevenses, lunch and Air Canada constantly carrying my butt around (we had the help of two very nice people to find ridiculously cheap business class tickets - thank you very much!) we arrived in Toronto.

It became obvious that this will be a great hackathon on our second flight from Toronto to Calgary when this happened:
Flight attendant: Good evening Sir!
Me: ?
Flight attendant: Will you be joining us for dinner this evening?
Me: Good evening. Yes, can I have the beef tenderloin please?
Flight attendant: Excellent choice Sir! If you are flying to Alberta
you should start early with meat to get used to it.

After arriving in Calgary and checking in, Theo de Raadt (deraadt@) invited us to come over and we had burgers and beer. At this point I'm running out of names for the meals I ate that day. Second dinner maybe? Stupid time zones.

At this point Peter and me were awake for over 24 hours and we are in full Zombie mode. Theo gives us a lift home and after a complete system crash, reboot and a quadruple espresso breakfast I'm more or less alive again.

We spent the next days wandering around in Calgary, Peter introducing me to healthy North American cuisine ("Let's go to Arby's for lunch and wash it down with a root beer floater from A&W!"), driving to Drumheller for the dinosaur museum and to the Rocky Mountains. All very impressive.

Since OpenBSD is basically a hiking club we got a fair amount of mocking and eye-rolling from fellow hackers for not going hiking.

Because we arrived early Peter and me were volunteered to setup the hackathon network. We met up with Theo who handed us 3 APUs, 3 mSATA disks, 2 APs, 3 switches and some network cables ("Do you guys have a screw driver?"). On day -3 we started assembling, installing and setting up the the stuff in my kitchen. After some time the question was raised if we should continue fighting with triple NAT or go for beer. Since we knew that we will have a public IP at SAIT and only single NAT that we control, the decision was reached to fsck it and go for beer. Seems like solid reasoning me.

We originally planned to continue working on the network on day t -2 but since we still had a rented car we decided to surprise Jeremie Courreges-Anglas (jca@) and Martin Pieuchot (mpi@) and pick them up at the airport.

After dropping both of them off and returning the car we ran into a lot of hackers at SAIT and we decided to go out for a late lunch or early dinner (probably breakfast for some of them?). So much for our plan to continue working on the network.

Day t -1! We have access to the hackroom, now we really need to get the network going. There will be 40+ people here tomorrow who pretty much can't work without network.

While Peter finalized the configuration of the routers I rejiggled the wifi APs and we had the net working in no time.

I spent some time setting up the 3rd APU to monitor various metrics on our carp(4)'ed border routers. Having network problems at a hackathon involves Bob Beck (beck@) standing behind you and quietly whispering "fix it! fix it! fix it!" in your ear, so it's a good idea to know what the hell is going on if stuff breaks.

Our table top switches didn't support dhcp snooping or nd raguard so we asked the Foundation for better switches. This was rejected as being a stupid idea but we might be provided with a cricket bat at the next hackathon. Seems sensible and functionally equivalent.

At the hackathon I dug up an httpd(8) bug fix on which I was slacking for way too long. The diff had two problems. It contained two magic numbers for which I had no other explanation than it seems to be a good trade off on my system for some reason. The other problem was that I failed to explain via email to Sebastian Benoit (benno@) and Reyk Floeter (reyk@) what the diff is actually doing and why it's not already working.

A hackathon is a great oportunity to quickly resolve this. I dragged Benno and Reyk to the whiteboard, drew a diagram and they understood me within seconds. We couldn't come up with any explanation what the magic numbers should be so we went with my numbers put behind nice defines.

I gave a repeat performance later when Alexander Bluhm (blum@), Benno, and Reyk were working on a similar issue in relayd(8).

When Claudio Jeker (claudio@) arrived late in the evening he came over to our table (Bret Lambert (blambert@), phessler and me).
claudio: So, what are you working on?
phessler: BFD (Bidirectional Forwarding Detection)
claudio: How are you sending the packets?
phessler: I'll just shove them into ip_output() like carp(4), pfsync(4) or pflow(4).
claudio: Pffft. wrong!

claudio pointed out that the kernel socket api (socreate(9) etc) would be a better way to do this. benno, claudio, phessler and me had a chat about how that api works and we woke the great old ones - nfs is using this.

I set off to try this out in pflow(4) while phessler continued working on bfd. When I get it to work he can just copy it over, no need for both of us working on it in parallel.

One evening when I had enough of pflow(4) and wanted to do something else I quickly implemented HSTS (HTTP Strict Transport Security) for httpd(8). What can I say, I was bribed with beer and traditions are traditions...

Thanks to Nayden, the OpenBSD Foundation, SAIT and Theo for making this great hackathon possible.

Thanks for the report Florian.

(Comments are closed)

  1. By Stefan Sperling (stsp) on

    > what APs are the official APs for OpenBSD hackathons? There's a picture here.

    1. By Anonymous Coward ( on

      > what APs are the official APs for OpenBSD hackathons?
      > There's a picture here.

      Ubiquity Rocket ... M5, maybe.

    2. By Daniel Gracia ( on

      > what APs are the official APs for OpenBSD hackathons?
      > There's a picture here.

      hahahaha, crazy stuff! Loving the picture :)

      Let me throw a WiFi junkie trick: Next time you may try to pile up Rockets/antennas in a single vertical pole; that should help performance wise, minimizing the RX stages overload caused by too near/same band transmitters in the vicinity.

  2. By afh (2003:45:4932:3800:e5d6:95b5:bd9:f926) on

    Best hackathon report I've ever read. Thank you and keep 'em coming!

    1. By Josh Grosse ( on

      > Best hackathon report I've ever read. Thank you and keep 'em coming!

      Absolutely agree! As they say on the interwebs, "+1" !! This was a cricket bat-wielded, meat-overloaded, jet-lagged, hike-deprived, character-driven ball of fun.

  3. By Marc Espie (espie) on

    funniest report ever! great write-up florian!

    1. By Just Another OpenBSD User ( on

      Now imagine only if these came with hw.spec.sheet and reproducible research manpage(s). Hack-hack-doc-doc. Great hackathon reports everyone, this is the best part of any event to all users! Thank you.


Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]