Links on this page refer to multimedia resources (podcast, vodcast,
audio recordings, video recordings, photos) related to NetBSD or
of interest for NetBSD users.
If you know any resources not listed here, or notice any dead links,
please send details to
Edwin Groothuis so that
it can be included or updated.
Chris Buechler and Scott Ullrich - pfSense: 2.0 and beyond
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, pfsense, chris buechler, scott ullrich
Slides (3.2 Mb, 36 pages)
pfSense: 2.0 and beyond
From firewall distribution to appliance building platform
pfSense is a BSD licensed customized distribution
of FreeBSD tailored for use as a firewall and router.
In addition to being a powerful, flexible firewalling
and routing platform, it includes a long list of
related features and a package system allowing
further expandability without adding bloat and
potential security vulnerabilities to the base
distribution.
This session will start with an introduction to the
project and its common uses, which have expanded
considerably beyond firewalling. We will cover much
of the new functionality coming in the 2.0 release,
which contains significant enhancements to nearly
every portion of the system as well as numerous new
features.
While the primary function of the project is a
firewalling and routing platform, with changes
coming in pfSense 2.0, it has also become an appliance
building framework enabling the creation of customized
special purpose appliances. The m0n0wall code where
pfSense originated has proved popular for this
purpose, with AskoziaPBX and FreeNAS also based
upon it, in addition to a number of commercial
solutions. The goal of this appliance building
framework is to enable creation of projects such
as these without having to fork and maintain another
code base. The existing appliances, including a DNS
server using TinyDNS, VoIP with FreeSWITCH, and
others will be discussed. For those interested in
creating appliances, an overview of the process
will be provided along with references for additional
information.
Luigi Rizzo - GEOM based disk schedulers for FreeBSD
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, freebsd, geom, disk schedulers, luigi rzzo
Slides (430 Kb, 40 pages)
GEOM based disk schedulers for FreeBSD
The high cost of seek operations makes the throughput
of disk devices very sensitive to the offered
workload. A disk scheduler can then help reorder
requests to improve the overall throughput of the
device, or improve the service guarantees for
individual users, or both.
Research results in recent years have introduced,
and proven the effectiveness of, a technique called
"anticipatory scheduling". The basic idea behind
this technique is that, in some cases, requests
that cause a seek should not be served immediately;
instead, the scheduler should wait for a short
period of time in case other requests arrive that
do not require a seek to be served. With many common
workloads, dominated by sequential synchronous
requests, the potential loss of throughput caused
by the disk idling times is more than balanced by
the overall reduction of seeks.
While a fair amount of research on disk scheduling
has been conducted on FreeBSD, the results were
never integrated in the OS, perhaps because the
various prototype implementations were very
device-specific and operated within the device
drivers. Ironically, anticipatory schedulers are
instead a standard part of Linux kernels.
This talk has two major contributions:
First, we will show how, thanks to the flexibility
of the GEOM architecture, an anticipatory disk
scheduling framework has been implemented in FreeBSD
with little or no modification to a GENERIC kernel.
While these schedulers operate slightly above the
layer where one would naturally put a scheduler,
they can still achieve substantial performance
improvements over the standard disk scheduler; in
particular, even the simplest anticipatory schedulers
can prevent the complete trashing of the disk
performance that often occurs in presence of multiple
processes accessing the disk.
Secondly, we will discuss how the basic anticipatory
scheduling technique can be used not only to improve
the overall throughput of the disk, but also to
give service guarantees to individual disk clients,
a feature that is extremely important in practice
e.g., when serving applications with pseudo-real-time
constraints such as audio or video streaming ones.
A prototype implementation of the scheduler that
will be covered in the presentation is available
at http://info.iet.unipi.it/~luigi/FreeBSD/
Constantine A. Murenin - Quiet Computing with BSD
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, bsd, hardware monitors, canstantine murenin
Slides (264 Kb, 16 pages)
Quiet Computing with BSD
Programming system hardware monitors for quiet computing
In this talk, we will present a detailed overview
of the features and common problems of microprocessor
system hardware monitors as they relate to the topic
of silent computing. In a nutshell, the topic of
programmable fan control will be explored.
Silent computing is an important subject as its
practice reduces the amount of unnecessary stress
and improves the motivation of the workforce, at
home and in the office.
Attendees will gain knowledge on how to effectively
programme the chips to minimise fan noise and avoid
system failure or shutdown during temperature
fluctuations, as well as some basic principles
regarding quiet computing.
Shortly before the talk, a patch for programming
the most popular chips (like those from Winbond)
will be released for the OpenBSD operating system,
although the talk itself will be more specific to
the microprocessor system hardware monitors themselves,
as opposed to the interfacing with thereof in modern
operating systems like OpenBSD, NetBSD, DragonFly
BSD and FreeBSD.
Fernando Gont - Results of a Security Assessment of the TCP and IP protocols and Common implementation Strategies
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, bsd, security assessment, fernado gont
Security Assessment of the Internet Protocol (660 Kb, 63 pages), Slides (473 Kb, 64 pages), Proposal (93 Kb, 3 pages), Security Assessment of the Transmission Control Protocol (TCP) (1.4 Mb, 130 pages)
Results of a Security Assessment of the TCP and IP
protocols and Common implementation Strategies
Fernando Gont will present the results of security
assessment of the TCP and IP protocols carried out
on behalf of the United Kingdom's Centre for the
Protection of National Infrastructure (Centre for
the Protection of National Infrastructure). His
presentation will provide an overview of the
aforementioned project, and will describe some of
the new insights that were gained as a result of
this project. Additionally, it will provide an
overview of the state of affairs of the different
TCP/IP implementations found in BSD operating systems
with respect to the aforementioned issues.
During the last twenty years, many vulnerabilities
have been identified in the TCP/IP stacks of a
number of systems. The discovery of these vulnerabilities
led in most cases to reports being published by a
number of CSIRTs and vendors, which helped to raise
awareness about the threats and the best possible
mitigations known at the time the reports were
published. For some reason, much of the effort of
the security community on the Internet protocols
did not result in official documents (RFCs) being
issued by the organization in charge of the
standardization of the communication protocols in
use by the Internet: the Internet Engineering Task
Force (IETF). This basically led to a situation in
which "known" security problems have not always
been addressed by all vendors. In addition, in many
cases vendors have implemented quick "fixes" to the
identified vulnerabilities without a careful analysis
of their effectiveness and their impact on
interoperability. As a result, producing a secure
TCP/IP implementation nowadays is a very difficult
task, in large part because of the hard task of
identifying relevant documentation and differentiating
between that which provides correct advisory, and
that which provides misleading advisory based on
inaccurate or wrong assumptions. During 2006, the
United Kingdom's Centre for the Protection of
National Infrastructure embarked itself in an
ambitious and arduous project: performing a security
assessment of the TCP and IP protocols. The project
did not limit itself to an analysis of the relevant
IETF specifications, but also included an analysis
of common implementation strategies found in the
most popular TCP and IP implementations. The result
of the project was a set of documents which identifies
possible threats for the TCP and IP protocols and,
where possible, proposes counter-measures to mitigate
the identified threats. This presentation will will
describe some of the new insights that were gained
as a result of this project. Additionally, it will
provide an overview of the state of affairs of the
different TCP/IP implementations found in BSD
operating systems.
Randi Harper - Automating FreeBSD Installations
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, freebsd, pxe, sysinstall, randi harper
Slides (33 Kb, 14 pages)
Automating FreeBSD Installations
PXE Booting and install.cfg Demystified
This paper will provide an explanation of the tools
involved in performing an automated FreeBSD install
and a live demonstration of the process.
FreeBSD's sysinstall provides a powerful and flexible
mechanism for automated installs but doesn't get
used very often because of a lack of documentation.
Brooks Davis - Isolating Cluster Jobs for Performance and Predictability
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, freebsd, cluster, brooks davis
Slides (1.4 Mb, 27 pages)
Isolating Cluster Jobs for Performance and Predictability
At The Aerospace Corporation, we run a large FreeBSD
based computing cluster to support engineering
applications. These applications come in all shapes,
sizes, and qualities of implementation. To support
them and our diverse userbase we have been searching
for ways to isolate jobs from one another in ways
that are more effective than Unix time sharing and
more fine grained than allocating whole nodes to
jobs.
In this talk we discuss the problem space and our
efforts so far. These efforts include implementation
of partial file systems virtualization and CPU
isolation using CPU sets.
John Baldwin - Multiple Passes of the FreeBSD Device Tree
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, freebsd, device tree, john baldwin
Slides (60 Kb, 15 pages), Paper (103 Kb, 8 pages)
Multiple Passes of the FreeBSD Device Tree
The existing device driver framework in FreeBSD
works fairly well for many tasks. However, there
are a few problems that are not easily solved with
the current design. These problems include having
"real" device drivers for low-level hardware such
as clocks and interrupt controllers, proper resource
discovery and management, and allowing most drivers
to always probe and attach in an environment where
interrupts are enabled. I propose extending the
device driver framework to support multiple passes
over the device tree during boot. This would allow
certain classes of drivers to be attached earlier
and perform boot-time setup before other drivers
are probed and attached. This in turn can be used
to develop solutions to the earlier list of problems.
Colin Percival - scrypt: A new key derivation function
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, scrypt, colin percival
Slides (556 Kb, 21 pages), Paper (201 Kb, 16 pages)
scrypt: A new key derivation function
Doing our best to thwart TLAs armed with ASICs
Password-based key derivation functions are used
for two primary purposes: First, to hash passwords
so that an attacker who gains access to a password
file does not immediately possess the passwords
contained therewithin; and second, to generate
cryptographic keys to be used for encrypting or
authenticating data.
In both cases, if passwords do not have sufficient
entropy, an attacker with the relevant data can
perform a brute force attack, hashing potential
passwords repeatedly until the correct key is found.
While commonly used key derivation functions, such
as Kamp's iterated MD5, Provos and Mazieres' bcrypt,
and RSA Laboratories' PBKDF1 and PBKDF2 make an
attempt to increase the difficulty of brute-force
attacks, they all require very little memory, making
them ideally suited to attack by custom hardware.
In this talk, I will introduce the concepts of
memory-hard and sequential memory-hard functions,
and argue that key derivation functions should be
sequential memory-hard. I will present a key
derivation function which, subject to common
assumptions about cryptographic hash functions, is
provably sequential memory-hard, and a variation
which appears to be stronger (but not provably so).
Finally, I will provide some estimates of the cost
of performing brute force attacks on a variety of
password strengths and key derivation functions.
George Neville-Neil - Thinking about thinking in code
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, keynote, bsd, george neville-neil
Slides (4.0 Mb, 137 pages)
Thinking about thinking in code
Proposed keynote talk
This is not a talk that's specific to any BSD but
is a more general talk about how we think about
coding and how our thinking changes the way we code.
I compare how we built systems to how other industries
build their products and talk about what we can
learn from how we work and from how others work as
well.
Stephen Borrill - Building products with NetBSD - thin-clients
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, netbsd, thin client, stephen borrill
Slides (499 Kb, 60 pages)
Building products with NetBSD - thin-clients
NetBSD: delivering the goods
This talk will discuss what thin-clients are, why
they are useful and why NetBSD is good choice to
build such a device.
This talk will provide information on some alternatives
and the strengths and weaknesses of NetBSD when
used in such a device.
It will discuss problems that needed to be addressed
such as how to get a device with rich functionality
running from a small amount of flash storage, as
well as recent developments in NetBSD that have
helped improve the product.
Cat Allman and Leslie Hawthorn - Getting Started in Free and Open Source
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, getting started, cat allman, leslie hawthorn
Slides (893 Kb, 25 pages)
Getting Started in Free and Open Source
Interested in getting involved? But don't really
know where or how to start?
The talk is called "Getting Started in Free and
Open Source". It's a talk for beginners who are
interested to getting involved but don't really
know where or how to start.
We cover the basics of: -why you might want to get
involved -what you can get out of participating
-more than coding is needed -how to chose a project
-how to get started -etiquette of lists and other
communication -dos and don't of joining a community
Warner Losh - Tracking FreeBSD in a commercial Environment
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, freebsd, commercial environment, waner losh
Paper (624 Kb, 45 pages), Slides (104 Kb, 10 pages)
Tracking FreeBSD in a commercial Environment
How to stay current while staying sane
The FreeBSD project publishes two lines of source
code: current and stable. All changes must first
be committed to current and then are merged into
stable. Commercial organizations wishing to use
FreeBSD in their products must be aware of this
policy. Four different strategies have developed
for tracking FreeBSD over time. A company can choose
to run only unmodified release versions of FreeBSD.
A company may choose to import FreeBSD's sources
once and then never merge newer versions. A company
can choose to import each new stable branch as it
is created, adding its own changes to that branch,
as well as integrating new versions from FreeBSD
from time to time. A company can track FreeBSD's
current branch, adding to it their changes as well
as newer FreeBSD changes. Which method a company
chooses depends on the needs of the company. These
methods are explored in detail, and their advantages
and disadvantages are discussed. Tracking FreeBSD's
ports and packages is not discussed.
Companies building products based upon FreeBSD have
many choices in how to use the projects sources and
binaries. The choices range from using unmodified
binaries from FreeBSD's releases, to tracking modify
FreeBSD heavily and tracking FreeBSD's evolution
in a merged tree. Some companies may only need to
maintain a stable version of FreeBSD with more bug
fixes or customizations than the FreeBSD project
wishes to place in that branch. Some companies also
wish to contribute some subset of their changes
back to the FreeBSD project.
FreeBSD provides an excellent base technology with
which to base products. It is a proven leader in
performance, reliability and scalability. The
technology also offers a very business friendly
license that allows companies to pick and choose
which changes they wish to contribute to the community
rather than forcing all changes to be contributed
back, or attaching other undesirable license
conditions to the code.
However, the FreeBSD project does not focus on
integration of its technology into customized
commercial products. Instead, the project focuses
on producing a good, reliable, fast and scalable
operating system and associated packages. The project
maintains two lines of development. A current branch,
where the main development of the project takes
place, and a stable branch which is managed for
stability and reliability. While the project maintains
documentation on the system, including its development
model, relatively little guidance has been given
to companies in how to integrate FreeBSD into their
products with a minimum of trouble.
Developing a sensible strategy to deal with both
these portions of FreeBSD requires careful planning
and analysis. FreeBSD's lack of guidelines to
companies leaves it up to them to develop a strategy.
FreeBSD's development model differs from some of
the other Free and Open Source projects. People
familiar with those systems often discover that
methods that were well suited to them may not work
as well with FreeBSD's development model. These two
issues cause many companies to make poor decisions
without understanding the problems that lie in their
future.
Very little formal guidance exists for companies
wishing to integrate FreeBSD into their products.
Some email threads can be located via a Google
search that could help companies, but many of them
are full of contradictory information, and it is
very disorganized. While the information about the
FreeBSD development process is in the FreeBSD
handbook, the implications of that process for
companies integrating FreeBSD into their products
are not discussed.
Kris Moore - PC-BSD - Making FreeBSD on the desktop a reality
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, pc-bsd, freebsd, kris moore
Paper (351 Kb, 9 pages), Slides (512 Kb, 35 pages)
PC-BSD - Making FreeBSD on the desktop a reality
FreeBSD on the Desktop
While FreeBSD is a all-around great operating system,
it is greatly lagging behind in desktop appeal. Why
is this? In this talk, we will take a look at some
of the desktop drawbacks of FreeBSD, and how are
are attempting to fix them through PC-BSD.
FreeBSD has a reputation for its rock-solid
reliability, and top-notch performance in the server
world, but is noticeably absent when it comes to
the vast market of desktop computing. Why is this?
FreeBSD offers many, if not almost all of the same
open-source packages and software that can be found
in the more popular Linux desktop distributions,
yet even with the speed and reliability FreeBSD
offers, a relative few number of users are deploying
it on their desktops.
In this presentation we will take a look at some
of the reasons why FreeBSD has not been as widely
adopted in the desktop market as it has on the
server side. Several of the desktop weaknesses of
FreeBSD will be shown, along with how we are trying
to fix these short-comings through a desktop-centric
version of FreeBSD, known as PC-BSD. We will also
take a look at the package management system employed
by all open-source operating systems alike, and
some of the pitfalls it brings, which may hinder
widespread desktop adoption.
Sean Bruno - Implementation of TARGET_MODE applications
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, freebsd, firewire, sean bruno
Slides (72 Kb, 22 pages)
Implementation of TARGET_MODE applications
How we used TARGET_MODE in the kernel to create and
interesting product
This presentation will cover a real world implementation
of the TARGET_MODE infrastructure in the kernel
(stable/6). Topics to include: drivers used (isp,
aic7xxx, firewire). scsi_target userland code vs
kernel drivers missing drivers (4/8G isp support,
iSCSI target)
Target Mode describes a feature within certain
drivers that allows a FreeBSD system to emulate a
Target in the SCSI sense of the word. By recompiling
your kernel with this feature enabled, it permits
one to turn a FreeBSD system into an external hard
disk. This feature of the FreeBSD kernel provides
many interesting implementations and is highly
desirable to many organizations whom run FreeBSD
as their platform.
I have been tasked with the maintenance of a
proprietary target driver that interfaces with the
FreeBSD kernel to do offsite data mirroring at the
block level. This talk will discuss the implementation
of that kernel mode driver and the process my
employer went through to implement a robust and
flexible appliance.
Since I took over the implementation, we have
implemented U160 SCSI(via aic7xxx), 2G Fibre
Channel(via isp) and Firewire 400 (via sbp_targ).
Each driver has it's own subtleties and requirements.
I personally enhanced the existing Firewire target
driver and was able to get some interesting results.
I hope to demonstrate a functional Firewire 400/800
target and show how useful this application can be
for the embedded space. Also, I wish to demonstrate
the need for iSCSI. USB and 4/8G Fibre Channel
target implementations that use the TARGET_MODE
infrastructure that is currently in place to allow
others to expand their various interface types.
The presentation should consist of a high level
overview, followed by detailed implementation
instructions with regards to the Firewire implementation
and finish up with a hands-on demonstration with a
FreeBSD PC flipped into TARGET_MODE and a Mac.
George Neville-Neil - Understanding and Tuning SCHED_ULE
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, freebsd, sched_ule, george neville-neil
Slides (228 Kb, 29 pages)
Understanding and Tuning SCHED_ULE
With the advent of widespread SMP and multicore CPU
architectures it was necessary to implement a new
scheduler in the FreeBSD operating system. The
SCHEDULE scheduler was added for the 5 series of
FreeBSD releases and has now matured to the point
where it is the default scheduler in the 7.1 release.
While scheduling processes was a difficult enough
task in the uniprocessor world, moving to multiple
processors, and multiple cores, has significantly
increased the number of problems that await engineers
who wish to squeeze every last ounce of performance
out of their system. This talk will cover the basic
design of SCHEDULE and focus a great deal of attention
on how to tune the scheduler for different workloads,
using the sysctl interfaces that have been provided
for that purpose.
Understanding and tuning a scheduler used to be
done only by operating systems designers and perhaps
a small minority of engineers focusing on esoteric
high performance systems. With the advent of
widespread multi-processor and multi-core architectures
it has become necessary for more users and
administrators to decide how to tune their systems
for the best performance. The SCHEDULE scheduler
in FreeBSD provides a set of sysctl interfaces for
tuning the scheduler at run time, but in order to
use these interfaces effectively the scheduling
process must first be understood. This presentation
will give an overview of how SCHEDULE works and
then will show several examples of tuning the system
with the interfaces provided.
The goal of modifying the scheduler's parameters
is to change the overall performance of programs
on the system. One of the first problems presented
to the person who wants to tune the scheduler is
how to measure the effects of their changes. Simply
tweaking the parameters and hoping that that will
help is not going to lead to good results. In our
recent experiments we have used the top(1) program
to measure our results.
Lawrence Stewart - Improving the FreeBSD TCP Implementation
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, freebsd, tcp, lawrence stewart
Slides (2.1 Mb, 38 pages)
Improving the FreeBSD TCP Implementation.
An update on all things TCP in FreeBSD and how they
affect you.
My involvement in improving the FreeBSD TCP stack
has continued this past year, with much of the work
targeted at FreeBSD 8. This talk will cover what
these changes entail, why they are of interest to
the FreeBSD community and how they help to improve
our TCP implementation.
It has been a busy year since attending my inaugural
BSDCan in 2008, where I talked about some of my
work with TCP in FreeBSD.
I have continued the work on TCP analysis/debugging
tools and integrating modular congestion control
into FreeBSD as part of the NewTCP research project.
I will provide a progress update on this work.
Additionally, a grant win from the FreeBSD Foundation
to undertake a project titled "Improving the FreeBSD
TCP Implementation" at Swinburne University's Centre
for Advanced Internet Architectures has been
progressing well. The project focuses on bringing
TCP Appropriate Byte Counting (RFC 3465), reassembly
queue auto-tuning and integration of low-level
analysis/debugging tools to the base system, all
of which I will also discuss.
Joerg Sonnenberger - Journaling FFS with WAPBL
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, netbsd, wapbl, ffs, joerg sonnenberger
Slides (10 Kb, 24 pages)
Journaling FFS with WAPBL
NetBSD 5 is the first NetBSD release with a journaling
filesystem. This lecture introduces the structure
of the Fast File System, the modifications for WAPBL
and specific constraints of the implementation.
The Fast File System (FFS) has been used in the BSD
land for more than two decades. The original
implementation offered two operational modes:
- safe and slow (sync)
- unsafe and fast (async) One decade ago, Kirk
McKusick introduced the soft dependency mechanism
to offset the performance impact without risk of
mortal peril on the first crash. With the advent
of Terabyte hard disks, the need for a file system
check (fsck) after a crash becomes finally unacceptable.
Even a background fsck like supported on FreeBSD
consumes lots of CPU time and IO bandwidth.
Based on a donation from Wasabi Systems, Write Ahead
Physical Block Logging (WAPBL) provides journaling
for FFS with similar or better performance than
soft dependencies during normal operation. Recovery
time after crashes depends on the amount of outstanding
IO operations and normally takes a few seconds.
This lecture gives a short overview of FFS and the
consistency constraints for meta data updates. It
introduces the WAPBL changes, both in terms of the
on-disk format and the implementation in NetBSD.
Finally the implementation is compared to the design
of comparable file systems and specific issues of
and plans for the current implementation are
discussed.
Ivan Voras - Remote and mass management of systems with finstall
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, finstall, management, freebsd, ivan voras
Slides (377 Kb, 24 pages)
Remote and mass management of systems with finstall
Automated management on a largish scale
An important part of the "finstall" project, created
as a graphical installer for FreeBSD, is a configuration
server that can be used to remotely administer and
configure arbitrary systems. It allows for remote
scripting of administration tasks and is flexible
enough to support complete reconfiguration of running
systems.
The finstall project has two major parts - the
front-end and the back-end. The front-end is just
a GUI allowing the users to install the system in
a convenient way. The back-end is a network-enabled
XML-RPC server that is used by the front-end to
perform its tasks. It can be used as a stand-alone
configuration daemon. This talk will describe a way
to make use of this property of finstall to remotely
manage large groups of systems.
Mike Silbersack - Detecting TCP regressions with tcpdiff
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, tcpdiff, freebsd, mike silbersack
Slides (89 Kb, 33 pages)
Detecting TCP regressions with tcpdiff
Determining if a TCP stack is working correctly is
hard. The tcpdiff project aims for a simpler goal:
To automatically detect differences in TCP behavior
between different versions of an operating system
and display those differences in an easy to understand
format. The value judgement of whether a certain
change between version X and Y of a TCP stack is
good or bad will be left to human eyes.
Determining if a TCP stack is working correctly is
hard. The tcpdiff project aims for a simpler goal:
To automatically detect differences in TCP behavior
between different versions of an operating system
and display those differences in an easy to understand
format. The value judgement of whether a certain
change between version X and Y of a TCP stack is
good or bad will be left to human eyes.
The initial version of tcpdiff presented at NYCBSDCon
2008 demonstrated that it could be used to detect
at least two major TCP bugs that were introduced
into FreeBSD in the past few years. The work from
that presentation can be viewed at
http://www.silby.com/nycbsdcon08/.
For BSDCan 2009, I hope to fix a number of bugs in
tcpdiff, make it easier to use, set up nightly tests
of FreeBSD, and improve it so that additional known
bugs can be detected. Additionally, I plan to run
it on OSes other than FreeBSD.
Philip Paeps - Crypto Acceleration on FreeBSD
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, crypto acceleration, freebsd, philip paeps
Slides (361 Kb, 28 pages)
Crypto Acceleration on FreeBSD
As more and more services on the internet become
cryptographically secured, the load of cryptography
on systems becomes heavier and heavier. Crypto
acceleration hardware is available in different
forms for different workloads. Embedded communications
processors from VIA and AMD have limited acceleration
facilities in silicon and various manufacturers
build hardware for accelerating secure web traffic
and IPSEC VPN tunnels.
This talk gives an overview of FreeBSD's crypto
framework in the kernel and how it can be used
together with OpenSSL to leverage acceleration
hardware. Some numbers will be presented to demonstrate
how acceleration can improve performance - and how
it can curiously bring a system to a grinding halt.
Philip originally started playing with crypto
acceleration when he saw the "crypto block" in one
of his Soekris boards. As usual, addiction was
instant and by the grace of the "you touch it, you
own it" principle, he has been fiddling the crypto
framework more than is good for him.
Sean Bruno - Firewire BoF Plugfest
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, firewire, plugfest, sean bruno
Slides (37 Kb, 1 page)
Firewire BoF Plugfest
Debugging and testing of Firewire products with FreeBSD
Come one come all to a Firewire plugfest. Let's
debug and test together and see if we can't knock
out some features and bugs.
A hands-on testing and debugging session of the
Firewire stack in FreeBSD.
Everyone who wishes to attend should bring their
Firewire devices, ext Drives and Cameras, and their
Laptops. I will be debugging and capturing data
points to enhance and improve features in the
Firewire stack.
We should be able to knock out quite a bunch of
bugs if folks can bring their various Firewire
devices along with their various PCs.
Even if your Firewire device works perfectly, bring
it by so it can be documented as supported by the
Firewire team!
Peter Hansteen - Building the Network You Need with PF, the OpenBSD packet filter
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, tutorial, pf, openbsd, peter hansteen
Slides (2.5 Mb, 68 pages)
Building the Network You Need with PF, the OpenBSD
packet filter.
Building the network you need is the central theme
for any network admin. This tutorial is for aspiring
or seasoned network professionals with at least a
basic knowledge of networking in general and TCP/IP
particular. The session aims at teaching tools and
techniques to make sure you build your network to
work the way it's supposed to, keeping you in charge.
Central to the toolbox is the OpenBSD PF packet
filter, supplemented with tools that interact with
it. Whether you are a greybeard looking for ways
to optimize your setups or a greenhorn just starting
out, this session will give you valuable insight
into the inner life of your network and provide
pointers to how to use that knowledge to build the
network you need. The session will also offer some
fresh information on changes introduced in OpenBSD
4.5, the most recent version of PF and OpenBSD. The
tutorial is loosely based on Hansteen's recent book,
/The Book of PF/ (No Starch Press), with updates
and adaptations based on developments since the
book's publication date.
George Neville-Neil - Networking from the Bottom Up: Device Drivers
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, tutorial, device drivers, george neville-neil
PDF file (480 Kb, 68 pages)
Networking from the Bottom Up: Device Drivers.
In this tutorial I will describe how to write and
maintain network drivers in FreeBSD and use the
example of the Intel Gigabit Ethernet driver (igb)
throughout the course.
Students will learn the basic data structures and
APIs necessary to implement a network driver in
FreeBSD. The tutorial is general enough that it can
be applied to other BSDs, and likely to other
embedded and UNIX like systems while being specific
enough that given a device and a manual the student
should be able to develop a working driver on their
own. This is the first of a series of lectures on
network that I am developing over the next year or
so.