Kernel 2.2 - It Lives! 502
Build6 writes "For those of us still using 2.2 (how's that for "conservatism" eh?) -- 2.2.24 is out (and has been since last week) - see kernel.org for downloads. I see networking code tweaks, but no changelog. Time to give our old RH 6.2 machines one last kernel-recompile before Red Hat's end-of-life date arrives for 6.2? :-) What I'd like to know is - who else (besides me) out there still has machines running 2.2 and intends to keep it that way?"
Kernel Series 2.2 (Score:4, Insightful)
Re:Kernel Series 2.2 (Score:5, Funny)
Did anyone ever fix the uptime rollover thing? That's what I'm really waiting for. I'm sick of rebooting every year and a half.
Re:Kernel Series 2.2 (Score:4, Funny)
Re:Kernel Series 2.2 (Score:3, Funny)
Re:Kernel Series 2.2 (Score:5, Interesting)
Re:Kernel Series 2.2 (Score:4, Funny)
Re:Kernel Series 2.2 (Score:2, Interesting)
Why? I'd really like to hear why you think that. You offer no "why" in your post. This is not a flame or anything, I'm just VERY curious why you think this.
Re:Kernel Series 2.2 (Score:4, Informative)
I'm not trying to knock you, I'm just plugging a cool product (although I'm just a user, myself).
Re:Kernel Series 2.2 (Score:3, Interesting)
Re:Kernel Series 2.2 (Score:3, Funny)
archeology (Score:2)
Re:Poor Kid (Score:2)
Why 2.2? (Score:4, Interesting)
-Tim
Simple (Score:5, Insightful)
I ran a firewall off of my 2.2.23 box all set up to be secure to the outside and provide a fileserver/print server to the inside as well as being a DSL and dial-up router.
Why would I upgrade and possibly break something?
It does not need X, it is a PII-400, and it does not do anything that is so intensive it needs 2.4
Long live 2.2
Re:Simple (Score:3, Insightful)
I have a Pentium 166 (64 MB RAM, 2GB HD) running RedHat 6.1 w kernel 2.2 set up as a dial-up router, running squid as a web proxy (with sleezeball to block ads), plus a bit of file sharing and a remote X desktop with icewm over VNC. I am pondering loading RH 8.0 onto the machine, but quite frankly, the current system works, and it works well and fast.
Re:Simple (Score:5, Interesting)
Linux Kernel 2.2.X has been continuously updated on this machine without a glitch.
This machine has seen pre-1.0 kernels and was my first PC. I just don't remember the very early Linux distributions I tested on this machine. For sure, Slackware was installed on it at some point in its life.
Re:Simple (Score:3, Informative)
It does not need X, it is a PII-400, and it does not do anything that is so intensive it needs 2.4
Err, I hope you aren't implying that 2.4 is either bloaty or slow or both on older hardware.
I used 2.4.18 just fine for over a year on a Pentium 166 (no MMX) and had absolutely zero problems. This box was my broadband firewall and also served 60 GB of NFS, as well as SMB, ssh, mail, and apache 2.x web pages, both static and generated. (I know you're not supposed to combine your firewall and other stuff, but I had no choice at the time.) Anyway, this box did its job(s) flawlessly without a single complaint and though building a kernel took on the order of 50 minutes, most things happened instantaneously.
I decided to upgrade it to a Celeron 366 only after I started using a python-based wiki on a daily basis for note-taking. If I really wanted to, I could have hacked up my own program in C that would have been 10x faster but I had the spare hardware and figured I might as well retire the 166. Given all of the improvements of the 2.4 kernel series, I highly doubt that 2.2 is significantly faster than 2.4 (for the same tasks) on all but the very oldest hardware.
The only places that I think would want 2.2 over 2.4 are organizations that have mission-critical stuff running on 2.2 and aren't keen to fix that which isn't broken (if you'll pardon the cliche). Other than that, using 2.4 for most tasks is simply NOT going to cause armageddon. And also remember too that just because some piece of software is OLD doesn't automatically mean it's more STABLE.
Re:Simple (Score:4, Informative)
Of course, you may not currently need stateful inspection, but you don't even have the option with 2.2. If you come to a point where you do, you're out of luck. (unless there is a current reliable backport out there, which is possible)
Re:Simple (Score:3, Informative)
It's better to rewrite everything to use iptables, though this does require some effort since the syntax is not quite the same. The biggest hurdle is figuring out how to log and drop a packet. In ipchains it is one command, in iptables you must create a new chain that does both actions and redirect packets to that.
Re:Simple (Score:2)
Re:Why 2.2? (Score:5, Insightful)
Better yet, why would you upgrade if 2.2 does everything you need? Any security patches will be back-ported, and that's the only time you really need to upgrade your kernel so long as it does everything you need already. For example, my bridge/firewall machine (P200MMX) is running a 2.2 kernel, and with the 2.4 bridging code backport, it works perfectly fine. I have absolutely no desire to spend a day with my firewall machine down while I upgrade all of the kernel dependencies, configure and build a 2.4 kernel, rewrite my firewall scripts for iptables (yeah, I know you can use the old ipchains interface with 2.4, but if you're going to do the upgrade, do the upgrade), and then work out all the gremlins from running "new" code.
Desktops are different, because nobody cares if you have downtime with them. Servers on the other hand can cause pain when they're down, and even for a personal server the downtime is not worth the upgrade. You gain nothing, and lose quite a bit of time.
Eventually, I'll decomission the P200 and bring the celeryonion 433 up as my bridge/firewall machine, but that's going to be timed with a move (when the machines will have to be down anyway, and it'll be a week or two before the new place has internet access). Doing it before then is pointless.
Re:Why 2.2? (Score:2)
Re:Why 2.2? (Score:2, Insightful)
Re:Why 2.2? (Score:3, Interesting)
'cause upgrading a server running a bunch of stuff would take a long time to test.
Re:Why 2.2? (Score:3, Insightful)
Another good question is why upgrade?
2.2 is a good system and has served many of us well. Linux 2.4 really only became stable and available in 2002. For people who don't live on the bleeding edge (and there is a reason it is called "bleeding"), 2.4 is just starting to be deployed. When a server runs well, upgrading it is often just a pain. I am guessing that 2.6 will come out in 2004, be stable and available in 2005 and many servers will only start migrating to it in 2006 and on slashdot some simmiliar story will be posted and somebody (maybe you) will post a simmiliar comment/question.
Re:Why 2.2? (Score:3, Insightful)
Developers of software always think they are close but usually software gets delayed much longer than expected. "Linus and gang" wanted the 2.5 series to be done in something like 9 months. When I was reading that, I thought the idea was rediculous. 2.5 was started 11/2001 and it is now 3/2003. A two year development cycle is really as fast as can be expected in such a sophisticated system (if fundamental changes are made) and a three year cycle (like the time given to 2.4) is probably even better. Nobody really needs a new kernel sooner (or they are using the wrong tool for the job) and the time could be used to make the new system better. Distibutions, developers and users should spend more time USING an OS than UPGRADING it. I would be shocked if Linus was actually able to release 2.6 this year and servers should not start deploying it for another year after that.
Re:Why 2.2? (Score:3, Insightful)
One advantage of old versions is that you can get something usable running without much effort or knowledge.
Several production servers (Score:5, Interesting)
Re:Several production servers (Score:2, Informative)
Running the vanilla sources from www.kernel.org means you sometimes miss out on some bugfixes, unless you follow kernel development.
Re:Debian Kernel (Score:2, Insightful)
Why? (Score:5, Interesting)
I've still got 2.2 on my laptop, and really, I'm happy. I don't use it for much more than mobile internet access, and as tightly compiled as I have it, I don't feel a need to go through and upgrade. Just that much more work for an overall unimportant change, a least in this situation.
Of course, my desktop has 2.4.
PS2 Linux users (Score:5, Informative)
Re:PS2 Linux users (Score:3, Informative)
A debian-like 2.4 distribution for ps2. Requires the ps2linux kit though...
Conservatism (Score:5, Funny)
So? I'm still using my Commodore 64!
Re:Conservatism (Score:5, Funny)
Re:Conservatism (Score:2)
Firewall distros (Score:5, Informative)
IPChains is a tried and tested firewall solution, but showing its age compared to stateful packet inpection.
Smoothwall 2.0 is in beta and now has 2.4, IPCop is moving towards 2.4 and Mandrake has MNF using 2.4.
Debian still installs 2.2 by default.
Re:Firewall distros (Score:2)
Re:Firewall distros (Score:3, Insightful)
If it weren't for Redhat EOLing 6.2 I would seriously consider it if I were doing lightly loaded server. In such cases the primary goal is stability, and 6.2 has been extremely stable in my experience.
But basically, unless you need hardware support not well provided in 2.2 (USB, etc.) or are running loads that 2.4 is known to handle better, there just isn't that much difference between 2.2 and 2.4 for most people.
Fancy new software for my old POS? (Score:4, Funny)
Re:Fancy new software for my old POS? (Score:2)
Re:Fancy new software for my old POS? (Score:3, Interesting)
I know people who still have routers (Score:2, Informative)
...that run 2.0... And of course, Debian stable is still 2.2.
Firewalling (Score:2)
Re:Firewalling (Score:2, Informative)
Re:Firewalling (Score:3, Insightful)
A 2.4 box would be "cooler", and would probably even have some extra capabilities that I might find useful, but the simple rule is that you don't change something that works perfectly.
Gateway (Score:3, Informative)
I was able to install RH 6.2 on it and wittle the RPMs I didn't need to get it down to under 200 megs.
While on many of my other servers I run 2.4.x, on this type of box I think 2.2.x suits my needs perfectly.
I have a 2.2 machine... (Score:3, Interesting)
Linux's new target market (Score:5, Interesting)
Honestly, with the advent of Linux being sold at K-Mart, used in schools, and wielded by mouse-clicking Grandma's, there are bound to be lots of people who don't know they should upgrade their kernels. I personally think marketing Linux to these markets is important, but an equal amount of importance should be recognized in educating these new users in the basics of maintaining these systems.
Because what good is the open source movement if the end user doesn't know how to benefit from our work?
Re:Linux's new target market (Score:2, Interesting)
It's quite true what you say Linux for the inexperienced home user, only it's not just kernels either. What about installing new applications? users are used to downloading a setup.exe and running it. With some distros you use a package management tool, others you compile the source code. This will be intollerable for many users, anyway this is deviating from the topic.
Re: (Score:3, Insightful)
Re:Linux's new target market (Score:3, Insightful)
Non-geeks most certainly wouldn't.
When yer mum calls you regarding her shpanky new FreeBSD box and the fact that "some book... or library.. that's it.." needs upgrading are you going to tell her to fire up an xterm, cd into
You've never done tech support right?
Cheers
Stor
Re: (Score:3, Interesting)
Re:Linux's new target market (Score:4, Insightful)
Alex
Re:Linux's new target market (Score:3, Insightful)
Maybe that new USB digital camera they bought is not supported by Linux 2.2? Improved hardware support is the only tangible reason (to a Joe Kmart user).
Re:Linux's new target market (Score:5, Insightful)
"People" should upgrade their installed software as their distribution vendor tests and certifies it as stable and secure (to the best of their knowledge) and released it to the "stable" branch. Else, they should upgrade as new functionality, drivers, driver bases, etc. is desired (GigE, ACPI/APM enhancements, etc.)
People who run Linux as a hobby "should" upgrade as they feel neccesary, but they'll probably have atleast one workstation on the bleeding edge anyways, so they're a moot point.
People who run servers, casually or professionally, "should" track updates and understand their impact on the remainder of their systems. Their professional, corporate, mission-critical, or otherwise important (generally in the context of "to paying customers", "management" or "other employees") "should" be updated on a semi-regular basis as neccesitated by (potentual/actual) stability or security issues, and after a sufficient testbed period and impact analysis.
In general, an upgrade as major as a kernel (major revision) should be taken with all due consideration. Mostly I'd reccomend a distribution version upgrade (ie; an all-encompassing upgrade procedure that will account for the C library and compiler, all system libraries, shells, and related utilities, as well as the userland).
If an "average K-Mart buying linux user"{sic} wishes to keep their computer's performance and features up to par with what's currently available, they should keep their packages, including their kernel, up to date. With modern GUI-based upgrade procedures as simple as scan, select, apply, ignore, the kernel is just another package, and pre-compiled binary kernels will often come with all the requisite modules and configure itself to become bootable. Minimal input is required by the user, except for perhaps "This upgrade didn't work, I'll boot the previous option and revert."
I know that my workstations are noticeably more responsive since upgrading to 2.4, and I make extensive use of much of the added/enhanced functionality. However, if what you're running works for you, does the job, is stable and secure, and still being maintained (which kernels as far back as 2.0.x still are), there's no definite reason to upgrade. If it ain't broke, and all that. That's the very same reason I still service a lot of Windows'98(SE) customers, and the very reason I'll often reccomend that they stick right where they are. To Linux, FreeBSD, etc. users I'll offer the same advise. Anyone doing otherwise is offering a disservice.
Re:Linux's new target market (Score:5, Interesting)
And those benefits would be ...? I was on the kernel upgrade treadmill for years, getting new versions as they were released, upgrading to 2.2 with the very first version, etc. It gained me very little. I reached a point where staying on top of kernel upgrades was more pain than it was worth, and stopped. Now I only upgrade if I need some new feature, better support for an existing feature, or for security reasons. Aside from security patches (which I would hope all of the "Windows Update"-ish tools would handle for these users already), 99.95% of all Linux users have no reason to upgrade their kernel, so long as they're using a sufficiently modern one to begin with. Why, then, is it such a bad thing that these users don't know how to upgrade their kernel? If anything, I'd say it's a testament to Linux that users running it can get by without ever having to touch the kernel (aside from maybe loading a module or two when they get new hardware, though even that could/should be automated).
Re:Linux's new target market (Score:3, Insightful)
In this day and age, when most common PC hardware, and certainly any PC hardware worth anything (ie. not the aforementioned laptop), is well-supported under Linux, why do people feel compelled to have the latest kernel? I compile all my kernels on my Athlon XP build machine and even when the compiles are pretty fast (compared to my old 486 box that I first used Linux on) it's not exactly *fun*.
I consider myself a pretty big geek, being thoroughly integrated into the Slashdot hive mind and all. I'm on top of CVS gaim, xine/totem, Mozilla, and GNOME (hoping it won't suck eventually) because they seem to become noticeably better by the day. But the kernel? Could someone please explain why?
Re:Linux's new target market (Score:4, Insightful)
Like I said, I was on that kernel upgrade treadmill, and I think it's a bit of an addiction. You want the bragging rights to say that you're running whatever the latest and greatest version of the kernel happens to be. For most people, it's about showing off and making themselves feel superior because they're running the latest stuff. I think it goes the same for the rest of the stuff you mentioned as well. Once those projects get to the "good enough" point, what do you gain by using the CVS nightly drop vs. a released version? Why not Mozilla 1.1 (or whatever Mozilla is at now) rather than CVS? I used to do the same thing with Microsoft stuff. I ran various betas of Internet Explorer (IE4, IE5, IE6), and even had various RC releases (all legally acquired) of XP and Win2K (even back before Win2K was Win2K). Now, though, I'd rather get my work done instead of futzing with my system.
Re:Linux's new target market (Score:5, Informative)
Distributions provide well-tested, patched kernels. Compulsively updating kernels is a fine hobby if it makes you happy, but unless there's a new feature you need, the potential for breaking something exceeds any practical benefit. The experience of the 2.4 series, where half the kernels substantially degraded performance because of some new half-assed VM only underscores that lesson.
No, if you don't know why you need to upgrade your kernel, you almost certainly don't.
Re:Linux's new target market (Score:2)
If I've got redhat 6.2 servers with security patches installed that are running 24/7 with no hiccups, what's the point of upgrading?
Re:Linux's new target market (Score:3, Interesting)
This isn't a minor change, major kernel updates usually require updated tools. Hopefully the tools will update cleanly, but it's a non-trivial risk.
The same thing applies to upgrading distro versions. I'm hardly a naive user, yet I have been unsuccessful in every attempt to upgrade my Debian potato systems to woody. I've now given up - I just do a clean install of woody.
Changelog (Score:5, Informative)
Linux 2.2.24-rc5
* Fix n_hdlc globals pollution (Paul Fulghum)
* Fix initialisation of sk->sleep (Holger Smolinksi)
* Handle init_ethdev returning null in tulip (Neale Banks)
* Backport rtc wildcard fix to 2.2 (Paul Gortmaker)
* Correct wireless config help (Neale Banks)
* Fix smc9194 build (me)
Re:Changelog (Score:3, Informative)
why 2.2? simple answer (Score:5, Insightful)
There's some nice things in 2.4, certainly (e.g. USB support that works). My home machines and laptop run it. But many of the servers I admin have been humming along fine with the 2.2 tree for quite some time, so I see very little reason to upgrade (indeed, with the hairiness in the 2.4 tree's virtual memory handling, I can several reasons NOT to upgrade beyond just change management). (Some will say that you should upgrade to 2.4 for the new firewalling features, but I prefer to put firewalling onto a dedicated openbsd machine or an appliance like a netscreen so the issue is moot for me.)
Re:why 2.2? simple answer (Score:5, Insightful)
No kiddin. My headless P100 MP3 player/server has been 2.2.19 since that kernel was released and it's never gone down (except for having to move the machine a few times).
It's behind my 2.4.20 firewall, so I'm not too concerned about security updates or patches on the old box.
So, in the end, a 2.4 upgrade would provide nothing, and waste a day of my time. There's your reason.
I'm running ... (Score:4, Funny)
It kind of itches a little.
I'm still 2.2 (Score:2)
My main reason for keeping 2.2 around... (Score:5, Interesting)
Re:My main reason for keeping 2.2 around... (Score:4, Informative)
Re:My main reason for keeping 2.2 around... (Score:3, Informative)
Ade_
/
Need 2.2 for microsecond packet timing. (Score:5, Interesting)
Re:Need 2.2 for microsecond packet timing. (Score:4, Informative)
Try this:
int immediate = 1;
ioctl(pcap_fileno(pcap), BIOCIMMEDIATE, &immediate);
Does screw with some nonblocking modes, though.
Another quick tip: __attribute__ ((packed)); after your structure declarations will make structs vastly nicer to apply against raw packets in a cross platform manner.
Whatcha trying to write?
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Is this the long awaited (Score:3, Funny)
Kentucky Fried Linux. (Score:3, Funny)
I am sure it would be a Plucky little distro. We could showcase it at a Birds of a Feather meeting in Silicon Valley.
I could relabel the various bits of the OS, Call the whole system 'The Sky' as in 'the skies the limit'and if there was any problems a little yellow baby chicken graphical agent ala Clippy we'll call Chicken Little will run about the screen yelling 'The Sky is Falling! The Sky is Falling!" If you chase him with your mouse and can click on him he won't reboot your system. Kind of like what would happen if you were using a windows box.
If not I could sell it to Jeff Bezo. He could call it One Cluck computing.
Linux 2.2.x? (Score:4, Interesting)
People still use 2.2.x?
Just kidding.
As I recall, I had some old old Slackware machines . I don't even remember the version number, but I think they started out with a 2.0.x kernel. On most of our machines, I didn't really want to take them down til they died of old age or whatever (usually we wanted faster machines over time), but kept upgrading the kernels on some occasionally for new features.. As I recall, we just couldn't get the 2.4.x kernels to even compile on them, without library upgrades, which I wasn't prepared to do (and probably mess up) on a whole bunch of machines.
But, I'm sure there are plenty of people out there with 2.2.x still, who haven't had a need to upgrade. I was just working on a machine a few days ago, that is, and there's no need to upgrade, it works fine.
> uname -a
Linux foo.bar.com 2.2.13 #3 Sun Nov 21 18:45:36 EST 1999 i586 unknown
That machine is still running strong. We just upgraded the CPU, motherboard, and memory, but it was all compatable with the drivers that were compiled in back in 1999..
2.2 kernel... (Score:3, Interesting)
It's been running fine pretty much non-stop for 4 years now. The only time it ever is rebooted is when the power goes out (yeah, I know...)
It's rock solid, and serves as my apache and SSH server to the outside and my FTP, MySQL, NFS, Telnet and AppleTalk server to the inside. To top it off, it's running SETI@Home and it's on a P120 with 32 megs of RAM, with no swap space being used. Not too bad, in my opinion.
Unless I suddenly get a big outgoing bandwidth upgrade, and an increase in activity to go along with it, I don't think I'll ever be upgrading this machine
torn (Score:4, Funny)
arch conservatism at it's finest is (Score:2)
ok, there are some limitations, but, on the whole, i get great performance out of the little beast.
Embedded devices (Score:4, Insightful)
How does the IBM/SCO legal debacle effect this? (Score:2)
I wouldn't throw away the earlier kernels just yet. It may not effect your average mom and pop operation, but a legal injunction would curtail alot of corporate projects that are currently using linux.
It would be nice to see someone respond who is very familiar with the kernel development and these issues.
Re:How does the IBM/SCO legal debacle effect this? (Score:2)
On the flip side of the coin.. (Score:5, Interesting)
I am running Gentoo [gentoo.org] and I first installed the gentoo-optimized 2.4.20 kernel. When I read the article yesterday I decided to make the jump to 2.5.64 + patch. Holy wow, Batman.
I'm running Gentoo under VMware [vmware.com] on a dual 2.2 GHz Xeon (only 1 processor makes it through to the virtual machine, though). After figuring out that I needed new modutils, I had everything up and running. I started up a kernel compile with make -j 2 to really try and saturate the system, and moved the mouse around. The mouse was silky smooth, KDE quickly and properly recognized mouse-overs and everything was just so nice. I then booted back to 2.4.20 and ran the same test. Oh the pain! The mouse was chunky, KDE didn't even try and do mouseover animations.. it was horrible. I've switched grub to default to the 2.5 kernel and I'm not going back.
That said, this is a play machine and does nothing important. So if it crashes more often (no crashes yet), then it doesn't really bother me..
Re:On the flip side of the coin.. (Score:5, Funny)
Re:On the flip side of the coin.. (Score:3, Funny)
Re:On the flip side of the coin.. (Score:3, Interesting)
Because it is actually faster than w/o -j 2. I have a single cpu system and use something like -j 8. Compiling with multiple concurrent processes ensures that cpu keeps doing something while blocking on i/o, instead of just waiting. If your system has a lot of ram (>64MB), it can hack it.
iBCS is one reason (Score:5, Informative)
The 2.4 version of iBCS (ABI) doesn't always work. Everytime I have looked at it, it is still broken for the apps that a client needs it for. So we have stuck with 2.2.x.
And 2.2.x is pretty rock solid, on all of the server configurations I am supporting these days. I have multiple servers with more than a year's worth of uptime, two with uptime counters that have 'wrapped around' and now working on two years of solid uptime.
who needs 2.2? (Score:2)
kernel 2.0 rocks!!11!!
Me. Still one 2.2.x server and a 2.0.x workstation (Score:2)
For the server, I will have to keep this kernel because the onboard Ethernet port is supported through a patched driver - and the patch I found doesn't apply to any version of the kernel module I checked, so I have to use the compiled module that came with the patch. No, I don't have any info on the origin of the module.
stability ? (Score:2)
The VM bug in Linux doesn't help things either. The new patch in the recent kernels that fixed the problems is not %100 stable either under heavy i/o loads from what I heard.
If I had to use a server I would pick FreeBSD or debian with kernel 2.2 for these reasons.
Does anyone else use the old kernel for these reasons.
kernel 2.0 (Score:3, Interesting)
2.0.36 (Score:3, Interesting)
2.2 forever.. (Score:3, Funny)
perl -i -e 's/^PATCHLEVEL = 4$/PATCHLEVEL = 2/' Makefile
All the benefits of 2.4, with the beautiful, symmetric numbering of 2.2.
Why do we make such a big thing out of upgrading? (Score:3, Interesting)
If something works now, why won't it work in a few years time with the same hardware? If stability is important to you, isn't it better to stick to something tried and tested?
Don't upgrade to 2.4! (Score:5, Funny)
Bridging firewalls! (Score:4, Interesting)
http://bridge.sourceforge.net/ [sourceforge.net]
http://www.math.leidenuniv.nl/mailman/listinfo/br
It seems that the new firewalling technique of 2.4 (iptables) does not play well with Ethernet bridges.
I have a DSL connection to a small subnet of static IP addresses (/29). The problem is that the DSL uplink, out of my control and unfirewalled, is on one of the addresses in my subnet! It's as if there is a fox in the henhouse.
There is no proper routing subnet, as there should be. This is no doubt because of the IP address shortage. The DSL uplink must exist on the same subnet as my machines, giving me only 5 usable addresses for my machines. Broadcasts must be passed correctly, or the machines won't be able to ARP each other. Proxy ARP is not an option, because of the need to keep the DSL uplink on the same subnet.
So, I run Ethernet bridging with firewalling. I bridge two Ethernet cards together, passing broadcast packets between them (filtering out externally generated "smurf" broadcast packets, of course). I also implement my firewall at this point. The network is one logical LAN, but partitioned into two physical LAN's, with the firewall machine in between them. The firewall makes sure that unwanted packets from the DSL uplink never reach my machines.
It's not perfect (there is no stateful connection filtering), but it has worked well for me. Probes come in at least every hour, and no successful breakins to my knowledge.
And another reason not to upgrade? The machine's uptime is now at 326 days, I'm going for the year
Old VMWare license (Score:3, Insightful)
Re:2.2 4 3v3r (Score:2)
Re:2.2 vs 2.4 (Score:3, Interesting)
Out of a pool of about 12 heavily-loaded servers that have been running for 4 years on 2.2 and 2.4 kernels, so far, I have had exactly *one* need to reboot that couldn't be positively traced to hardware problems. And that time I'm not entirely sure that it wasn't hardware-related, I just couldn't *prove* it.
The couple of times there have been hardware problems have been because of things like failed RAID cards or power supplies. I could count the number of incidents on one hand, and have at least one hand left over. A couple of the machines, in the 3 or 4 years they've been in service, have only been rebooted to switch colo facilities (twice) and for batched kernel+critical software (libc) upgrades (two or three times).
The last time I switched colocation facilities, *ALL* of the machines had been running for over a year. The thought of rebooting them never crossed my mind. And while some of them were very robust systems (triple-redundant power supplies, etc.), most of them were plain old commodity machines that I slapped together on my desk.
If you're really having to reboot those machines like that, you probably want to dig deeper and find out what the problems are. Chances are it's not just that one kernel version is more stable than another, it's that one kernel version doesn't exacerbate underlying, pre-existing problems as much as another.
steve
Re:2.0.35, uptime 55 days 12 hours! (Score:3, Interesting)