On Tuesday 21 August 2007, Alvaro Mantilla Gimenez wrote: > Hi folks, > > > I need to install an LDAP server in my job. I am, obviously, an > OpenBSD guy but my boss wants to install the server with HP-UX. I > need to probe him that OpenBSD is a better solution than HP-UX but > google doesn't show a truly comparative between this two OS and there > is a "poor" information about the HP-UX skills doing this role. The > price for the "solution" (HP-UX or OpenBSD) does not matter this > time, so the argument "OpenBSD is OpenSource and the other is a > propietary Unix $$" is not an acceptable argument. > > Anyone have experience with this two OS?? Is there any heavy > reason (argument) to choose one over the other? Remember: it is an > LDAP server...not a database server....not a webserver.....not a file > server. > > > Thanks in advanced,
There are two ways you can approach this question; logic and rhetoric. Or better said, reasoning and FUD. The FUD against OpenBSD starts with the fact that it is open source, has limitations on supported hardware (true of all operating systems), and often includes the (mistaken) fact that you cannot get support (-If necessary, you can purchase professional support for OpenBSD from many third-party companies.) In comparison to linux and freebsd, OpenBSD *supposedly* has a smaller installation base, and is therefore a niche product (-no one truly knows for sure how many installations exist of any open source OS). The FUD against HP-UX is that it's a "Dead Operating System" since PARISC has been discontinued, and Itaniaum support may not continue due to lacking sales. HP-UX also has a history of security problems. Of the commercial UNIX operating systems, HP-UX is a smaller player by comparison, and therefore a niche product. The reasoning for OpenBSD is very active continuous development, very impressive reliability and of course, the buzzword "security" which tends to overly impress any neophyte (even great security can be void in the hands of a incompetent administrator). The reasoning for HP-UX is brand name recognition, vendor support, and of course job security -when something goes wrong, your boss can blame the brand name vendor in hopes of saving his own ass. LDPA has similarities to both database servers and file servers, so even though it's not an exact match, performance metrics for database/flle servers may be relevant to LDAP. As always, *YOUR* environment and requirements must be tested to get any truly meaningful performance metrics. If you have truly insane load and storage requirements, and an unlimited budget, spending a quarter of a million dollars on a very high end, 16+ CPU, Itanium box running HP-UX may be a better choice than OpenBSD. Then again, if that's really the case, I would prefer to go with big Sun hardware and Solaris under those circumstances. By comparison, the multiple processor support in OpenBSD is for i386 and amd64, and how well it will scale in *YOUR* situation can only be found through testing. Personally, I've never seen a 16+ CPU dmesg, but I'm not a project developer, and someone may very well be using OpenBSD on such hardware. The questions you need to answer are how much load do you expect (and plan for) and how much storage do you require? There are people from this list who deal with fairly large LDAP/SASL installations on OpenBSD. Chris Paul (sentinare.com) and Jason Dixon (dixongroup.net) come to mind but I'm sure there are others. If you honestly expect to have *MASSIVE* loads and storage requirements (i.e. comparable a fortune 1000 company), you should talk to the folks who have done such things, get your own in-house testing done, and then make a decision based on your results. -Anything less is just blind guessing. The best business decision is the solution that gives you the greatest reliability and security for your requirements with the least amount of investment. OpenBSD has a very good chance of coming out on top in the majority of fairly tested comparisons. The corner case of insane loads and storage requirements is the one *possible* exception but even then, it may be sufficient. jcr
