16 Okt, 2013 von Michael Müller 0
Interview: Henning Brauer
This time the interview series continues with Henning Brauer (@HenningBrauer).
Amongst other things, Henning is an OpenBSD developer and involved in projects like pf, OpenNTPD or OpenBGPD. pf is a BSD-licensed, advanced packet filter and a default component in OpenBSD. It is comparable to e.g. iptables, though in my opinion pf is a superior and better designed tool with a clear syntax that makes configuration very comfortable. I found it to be a very nice tool and it seems like I am not the only one: pf has been ported to many other operating systems and is e.g. integrated into Mac OS X Lion. Since it is licensed under the permissive BSD license (as everything within the OpenBSD source tree) it is possible for companies to integrate the code within their proprietary systems.
Henning is also the founder and CEO of BSWS, an ISP/MSP based in Hamburg, who makes heavy use of free software. As Henning told me, their technology stack consists basically only of free software. I think this is very nice. It always makes me happy to see businesses build upon free software, contributing back to the development of such.
Who are you and what do you do?
I’m Henning Brauer, 35. I’m the CEO of BS Web Services GmbH, an ISP/MSP here in Hamburg. I have been an OpenBSD developer since 2002, heavily involved with pf – redesigned it completely with Ryan McBride, last not least. I started OpenBGPD a good 10 years ago, OpenNTPD a bit thereafter, and the privsep/messaging-Framework I wrote for bgpd is used by almost all newer daemons in OpenBSD these days. These days I mostly work on the kernel side, the network stack, and pf as an integral part of it. Aside from that I wrote femail, am a board member of the EuroBSDcon Foundation, and do local politics.
Which software or programs do you use most frequently?
I heavily use OpenBSD, which might not come as a surprise. All my laptops run OpenBSD, my workstation at work does, and the vast majority of our servers, routers, firewalls etc run OpenBSD as well. The base system covers a lot of my needs already – webservers are obviously important for my work, all newer setups are on our base nginx, some older ones still on our forked Apache. mysql plays an important role, and unfortunately OpenLDAP as well. Almost all hosts run symon (auto-configured) and most also use femail. LaTeX is used for all documents that we produce.
On the Desktop side, I use mutt for email, both firefox and chromium for the web, tho the latter is foremost a tweetdeck container. mupdf for most PDFs. I fortunately don’t need an office suite. For my presentations I use magicpoint.
Why did you decide to use your particular operating system(s) of choice?
In the late 90s we had a bad DoS attack against a webserver running linux, which behaved poorly. I had the attack recorded and replayed it against a couple of other operating systems. FreeBSD behaved well, OpenBSD much better, and since I liked what I saw (I hadn’t looked at OpenBSD really before) that’s what I picked and stayed with.
Today, the choice is easy. OpenBSD is a good fit for almost all tasks I am confronted with, and since I am so much involved I can fix issues when I run into them instead of having to wait for a vendor or a project to react (or just hope for it), really understand what’s going on when things don’t work and fix issues properly instead of applying stupid workarounds that last from 12 to noon. The result is a setup that is very reliable and very secure, which in turn means that our monitoring doesn’t drive us nuts by demanding fixes at the worst possible times – and happy customers.
In what manner do you communicate online?
Email and twitter, foremost.
Which folders can be found in your home directory?
Found by whom? None for almost everybody.
Which paper or literature has had the most impact on you?
I’m not really into tech books. The few I have read over the last couple of years were all books I was involved with, as tech reviewer – “The Book of PF” and “Absolute OpenBSD” are to be mentioned here, both excellent books.
For papers & presentations, I cannot pinpoint one. I regularily go to conferences – EuroBSDcon, BSDcan and AsiaBSDcon are the standard ones – and visit talks that sound interesting, not just “our” ones. They often bring some kind of enlightment (the Q&A / discussions after my own presentations too). I often end up reading papers when researching on something, but couldn’t point out a specific one.
What has had the greatest positive influence on your efficiency?
Unix :-)
How do you approach the development of a new project?
I think about it for some time, before I write the first line of code. I need to get clear on the structure, break the task down to many small ones. Then get clear on the APIs, including the strictly internal ones, and THEN start coding. Sometimes talking to other developers helps a lot, we frequently use whiteboards.
The worst thing one can do is to sit down and start coding immediately. Spend time on designing your software, don’t just let it happen. Structure is extremely important, breaking down things into smaller, ideally self-contained blocks.
Which programming language do you like working with most?
Depends on the task. For kernel or high-performance network daemons it is C of course. For things like web applications or the like where you really want a higher abstraction level C would be absolutely inapproriate. I frequently use perl for company stuff, accompanied by some shell code (the latter obviously not for web stuff).
In your opinion, which piece of software should be rewritten from scratch?
That’s a tough one. I do believe in evolution, look where the constant revolution approach lead to for the GNU world: gazillions of similar projects, repeating each others faults instead of learning from history. The NIH syndrome (Not Invented Here) is one of the biggest problems in the free software world.
That said, there is a point where evolution is not the right approach. When the base is so bad that you end up rewriting everything anyway, might as well start from scratch. When there is a fundamental design issue, there is barely a way around starting over.
Let me use an example where I was involved: why did I write femail? It is just a little /usr/sbin/sendmail
program that doesn’t have a queue but offloads the mail immediately to another mail server via SMTP. There is mini-sendmail doing the same thing. Besides that being GPL and thus not free, I was horrified when I looked at the code. The author brags about it being so small in terms of lines of code – which is pretty damn easy if you use ridiculously long lines instead of the usual 80 char limit. The code is outright unreadable, lack of proper indentation also doesn’t help. Unreadable means unreviewable which in turn has almost always meant buggy as hell. We call that “write-only code”. I then found out that it isn’t even remotely implementing the relevant RFCs, but just the most common subset – play fast and lose. Unusable. So I went on and wrote femail from scratch, which I use in hundreds of installs and which apparently spread quite widely.
femail has been used as the sendmail-compatible command line interface in OpenSMTPD – that’s a nice example on our approach, look for existing code before starting from scratch, faults already made elsewhere don’t need to be repeated.
What would your ideal setup look like?
Not sure that involves computers at all…
Click here for the full picture.