I recently read that TCP BBR has significantly increased throughput and reduced latency for connections on Google’s internal backbone networks and google.com and YouTube Web servers throughput by 4 percent on average globally – and by more than 14 percent in some countries. The TCP BBR patch needs to be applied to the Linux kernel. The first public release of BBR was here, in September 2016. The patch is available to any one to download and install. Another option is using Google Cloud Platform (GCP). GCP by default turned on to use a cutting-edge new congestion control algorithm named TCP BBR.
Fedora Linux version 26.0 has been released ( jump to download ) after many months of constant development and available for download in various media format. Fedora 26 is a free and open source operating system includes various new features such as GCC 7, Golang 1.8, Python 3.6, DNF 2.0, OpenSSL 1.1.0 and more. Fedora 26 runs on both ARM servers and desktop boards too.
Like any good sysadmin, I kept my servers and desktop side up to date and patched all the time. However, recent Java updates have broken my IPMI KVM Java Applets on Dell, IBM, HP, Supermicro and FreeNAS mini servers. You will get an error that read as follows:
Unsigned application requesting unrestricted access to system. The following resource is signed with a weak signature algorithm MD5withRSA and is treated as unsigned.
I recently setup a small server which is running Debian 9. The purpose of this machine is to run OpenVPN server on port 443 to bypass censorship. It runs the following services and nothing else:
- Squid on private IP belongs to VPN pool (10.8.0.1:3128)
- SSH on private IP belongs to VPN pool (10.8.0.1:22)
- DNS resolver on private IP belongs to VPN pool (10.8.0.1:53)
- OpneVPN on public IP port 443 (server_public_ip_address:443)