OpenBSD Multimedia Resources List
Links on this page refer to multimedia resources (podcast, vodcast,
audio recordings, video recordings, photos) related to OpenBSD or
of interest for OpenBSD users.
This list is available as chronological
overview, as a tag cloud and
via the sources.
This list is also available as RSS feed
If you know any resources not listed here, or notice any dead links,
please send details to
Edwin Groothuis so that
it can be included or updated.
Tag: pdf
Lousy virtualization, Happy users: FreeBSD's jail(2) facility
Source: UKUUG
Added: 02 April 2007
Tags: ukuug, presentation, freebsd, jails, poul-henning kamp
Slides (2.7 Mb)
Lousy virtualization, Happy users: FreeBSD's jail(2) facility by Poul-Henning Kamp (phk@FreeBSD.org)
Poul-Henning Kamp - GBDE -- Spook strength disk encryption
Source: Swiss Unix Users Group Conference 2004
Added: 14 January 2007
Tags: suug, presentation, gbde, poul-henning kamp
Slides (113 Kb), Paper (104 Kb)
GBDE is a disk encryption facility designed with
both usability and strength as requirements and it
attempts to protect both the user and the data. The
talk is about avoiding self-deceiving analysis, how
to make real world usable cryptography and generally
protect yourself and your data. Required skill
level: Laptop user.
Hendrik Scholz - Performance bottleneck detection and removal
Source: Swiss Unix Users Group Conference 2004
Added: 14 January 2007
Tags: suug, presentation, performance, hendrik scholz
Slides (213 Kb)
Once a system is exposed to heavy load bottlenecks
need to be addressed to prevent single components
from slowing down a complex installation. Highlighting
various hotspots their detection and removal gets
discussed using real life examples.
Max Laier - PF - Extended Introduction
Source: Swiss Unix Users Group Conference 2004
Added: 14 January 2007
Tags: suug, presentation, pf, altq, max laier
Video/MPEG (94 Mb), Slides (1 Mb), Audio/MP3 (22 Mb)
The talk will introduce packet filter (pf) - a *BSD
firewall system - and summarize its history and
projected future. After providing a short overview
of pf's general functionality and some firewall
basics, it will concentrate on packet filter's
advanced feature-set from the administrator's point
of view. The talk will also cover the integration
of ALTQ, a mature framework for traffic shaping and
priorization. Finally it will provide a short
overview of the "Common Address Redundancy Protocol"
(CARP) and its integration in pf.
Poul-Henning Kamp - Old mistakes repeated (but you do get the source code now)
Source: Swiss Unix Users Group Conference 2004
Added: 14 January 2007
Tags: suug, presentation, unix, mistakes, poul-henning kamp
Slides (65 Kb)
UNIX is the best operating system ever designed so
everybody is running UNIX on their computer, right
? This presentation takes a partisan looks a why
UNIX never became a big success in the eighties,
failed to win the market in the nineties, and still
struggles in the market in the new millenium.
Poul-Henning will take a critical look at the
mistakes of the past and the mistakes of the present
and try to make it really clear what needs to happen
for UNIX to become a real success.
Chris Buechler - Network perimeter redundancy with pfsense
Source: DCBSDCon
Added: 24 May 2009
Tags: dcbsdcon, dcbsdcon2009, slides, pfsense, chris buechler
PDF (6.2 Kb, 30 pages)
This session will first provide an introduction and
overview of pfSense and its common uses. It will
then go on to cover means of providing redundancy
for the critical portions of your network perimeter
using pfSense, including redundancy for your Internet
connections, firewalls and DNS. Live configuration
examples will be shown for as many of these topics
as the session's length permits. This session will
cover pfSense 1.2.1, but will also offer an overview
of some of the enhanced capabilities in this area
that pfSense 2.0 will provide in the future.
Richard Bejtlich - Network security monitoring using FreeBSD
Source: DCBSDCon
Added: 24 May 2009
Tags: dcbsdcon, dcbsdcon2009, slides, freebsd, network security, monitoring, richard bejtlich
PDF (972 Kb, 23 pages)
I've been using FreeBSD as my preferred platform
for Network Security Monitoring (NSM) since 2000.
In this presentation I'll discuss my latest thinking
on using FreeBSD to identify normal, suspicious,
and malicious traffic in enterprise networks. FreeBSD
is a powerful platform for network traffic inspection
and log analysis, and I'll share a few ways I use
it in production environments.
Henning Brauer - Faster packets: Performance tuning in the OpenBSD network stack and PF
Source: DCBSDCon
Added: 24 May 2009
Tags: dcbsdcon, dcbsdcon2009, slides, openbsd, performance, henning brauer
PDF (27 Mb, 69 pages)
n/a
Kristaps Dzonsons - Process isolation for NetBSD and OpenBSD
Source: DCBSDCon
Added: 24 May 2009
Tags: dcbsdcon, dcbsdcon2009, slides, openbsd, netbsd, process isolation, kristaps dzonsons
PDF (687 Kb, 27 pages)
In NetBSD and OpenBSD, user-land process and
process-context isolation is limited to credential
cross-checks, file-system chroot and explicit
systrace/kauth applications. I'll demonstrate a
working mechanism of isolated process trees in
branched OpenBSD-4.4 and NetBSD-5.0-beta kernels
where an isolated process is started by a system
call similar to fork; following that, the child
process and its descendants execute in a context
isolated from the caller. This system is the continued
work of "mult" -- first prototyped in a branched
NetBSD-3.1 kernel and isolating all system resources
-- pared down to a lightweight, auditable patch of
process-only separation for both OpenBSD and NetBSD.
I specifically address solutions to performance
issues and mechanism design with an eye toward more
resources being isolated in the future.
Robert Luciani - M:N threading in DragonflyBSD
Source: DCBSDCon
Added: 24 May 2009
Tags: dcbsdcon, dcbsdcon2009, slides, dragonflybsd, concurrency, robert luciani
PDF (1.5 Mb, 23 pages)
Ineffective concurrency mechanisms in an operating
system can lead to low performance in both single
and multiprocessor environments. Practical setbacks
involved with attempting overly invasive kernel
changes have made it difficult in the past to
implement new and innovative concurrency systems.
This paper describes the rationale behind interfaces
in the DragonFly BSD operating system intended to
provide high performance and scalability on
multiprocessor architectures. Using a lock-free
processor centric approach, DragonFly BSD has
developed a unique thread system with the potential
for excellent scalability.
Ken Caruso - Using BSD in Shmoocon labs
Source: DCBSDCon
Added: 24 May 2009
Tags: dcbsdcon, dcbsdcon2009, slides, freebsd, scmoocon, ken caruso
PDF (447 Kb, 13 pages)
n/a
Brooks Davis - Isolating cluster jobs for performance and predictability
Source: DCBSDCon
Added: 24 May 2009
Tags: dcbsdcon, dcbsdcon2009, slides, freebsd, clusters, brooks davis
PDF (952 Kb, 24 pages)
At The Aerospace Corporation, we run a large FreeBSD
based computing cluster to support engineering
applications. These applications come in all shapes,
sizes, and qualities of implementation. To support
them and our diverse userbase we have been searching
for ways to isolate jobs from one another in ways
that are more effective than Unix time sharing and
more fine grained than allocating whole nodes to
jobs. In this paper we discuss the problem space
and our efforts so far. These efforts include
implementation of partial file systems vitalization
and CPU isolation using CPU sets.
Marco Peereboom - Epitome
Source: DCBSDCon
Added: 24 May 2009
Tags: dcbsdcon, dcbsdcon2009, slides, epitome, backup, marco peereboom
PDF (197 Kb, 34 pages)
Tired of tape and their weaknesses? So am I!
Epitome is the next generation backup mechanism.
It is based on the idea of providing instant available
backup data while removing duplicate files & blocks
from backups (yes really!). It is a disk based WORM
backup system.
This talk will go into the Epitome protocol and its
application. The code is generic enough that it can
address all 3 major (buzzword compliant) technologies
known as: CAS, DEDUP & SIS.
Kurt Miller - Implementing PIE on OpenBSD
Source: DCBSDCon
Added: 24 May 2009
Tags: dcbsdcon, dcbsdcon2009, slides, openbsd, pie, kurt miller
PDF (4.1 Mb, 24 pages)
In this session, Kurt will discuss OpenBSD's PIE
implementation, its impact on existing security
mechanisms such as W^X on i386, and the various
enhancements needed to the runtime linker, kernel
and other system libs.
Ted Unangst - OpenBSD vs SMP, threading, and concurrency
Source: DCBSDCon
Added: 24 May 2009
Tags: dcbsdcon, dcbsdcon2009, slides, openbsd, smp, threading, concurrency, ted unangst
PDF (675 Kb, 32 pages)
I will discuss the current status of kernel SMP
support, the rthreads thread library, and relevant
future developments. Over the years, we have
accumulated several concurrency primitives in the
kernel, causing some confusion amongst developers,
so I will lay out the origin and correct usage for
each. The talk is primarily targeted at the budding
OpenBSD kernel developer, but I will also describe
the end-user effects of each topic.
George Neville-Neil - Performance analysis with (hwpmc)
Source: DCBSDCon
Added: 24 May 2009
Tags: dcbsdcon, dcbsdcon2009, slides, freebsd, hwpmc, george neville-neil
PDF (469 Kb, 71 pages)
FreeBSD has included support for Hardware Performance
Monitoring Counters (hwpmc) for several years now.
The hwpmc system provides access to counters that
are present in all modern Intel and AMD CPUs, as
well as other chipsets, and which give the programmer
the ability to understand the low level performance
issues that may effect their code. This talk will
cover the motivation behind and basic usage of
HWPMC.
EuroBSDCon 2008 - Paeps Philip - How-to embed FreeBSD
Source: EuroBSDCon
Added: 22 October 2008
Tags: eurobsdcon, eurobsdcon2008, embed, freebsd, philip paeps
MP3 (1 byte, 43 minutes), OGG (1 byte, 43 minutes), PDF (1 byte, 17 pages)
This paper provides a how-to embed FreeBSD. A console
server built form an AT91RM9200 based ARM system
will be explored. This paper will talk about the
selection of hardware. It will explore creating
images for the target system, as well as concentrate
on different alternatives for deploying the system.
A number of different options exist today, and no
comprehensive guide for navigating through the
choices exists today. This paper will explore the
different alternatives that exist today for producing
images targeted at different size requirements. The
differing choices for storage in an embedded
environment are explored. The techniques used to
access rich debugging environments are discussed.
EuroBSDCon 2008 - George Neville-Neil - Multicast Performance in FreeBSD
Source: EuroBSDCon
Added: 22 October 2008
Tags: eurobsdcon, eurobsdcon2008, multicast, freebsd, george neville-neil
MP3 (1 byte, 39 minutes), OGG (1 byte, 39 minutes), PDF (1 byte, n pages)
In the past ten years most of the research in network
protocols has gone into TCP, leaving UDP to languish
as a local configuration protocol. While the majority
of Internet traffic is TCP, UDP remains the only
IP protocol that works over multicast and as such
has some specific, and interesting uses in some
areas of computing. In 2008 we undertook a study
of the performance of UDP multicast on both 1Gbps
and 10Gbps Ethernet networks in order to see if
changing the physical layer of the network would
give a linear decrease in packet latency. To measure
the possible gains we developed a new network
protocol test program, mctest, which is capable of
recording packet round trip times from many hosts
simultaneously and which we believe accurately
represents how many environments use multicast. The
mctest program has been integrated into FreeBSD and
is now being used to verify the proper operation
of multicast on various pieces of 10Gbps hardware.
EuroBSDCon 2008 - Pedro Giffuni - Working with Engineering Applications in FreeBSD
Source: EuroBSDCon
Added: 22 October 2008
Tags: eurobsdcon, eurobsdcon2008, freebsd, engineering applications, pedro giffuni
MP3 (1 byte, 51 minutes), OGG (1 byte, 51 minutes), PDF (1 byte, n pages)
In recent years, traditional branches of engineering
like Civil, Chemical, Mechanical, Electrical and
Industrial Engineering are requiring extensive
computing facilities for their needs. Several well
known labs (Sandia, Lawrence Livermore) rely on
huge clusters to do all types of complex analysis
that were unthinkable a couple of decades ago. While
the free BSD variants share the environment with
traditional UNIX systems, frequently used for such
computations, it was not common to find adequate
free software packages to carry complex calculations.
Eventually commercial versions of important math
related packages started to appear for the Linux
platform. Even when the big packages were distant,
the BSDs learned and adapted in resourceful ways:
Matlab and Mathematica, running under Linux emulation,
demanded functionality from the BSDs and NetBSD
implemented a signal trampoline to be able to run
AutoCAD with IRIX binary compatibility. A notable
project that was always available under a free
license was Berkeley's Spice circuit analysis
program, however it was an exception rather than
the rule. Even when the scientific community pressed
for a while to get other important tools like NASA's
FEA package Nastran under a free license, the
objective of being able to access and enhance open
scientific tools was elusive. About a decade ago
the situation started to improve: FreeBSD's ports
system started growing exponentially, first with a
high content in the math category, afterwards with
a CAD section and after sustained growth in those
categories a science section was created. This
growth was mostly pushed by Universities and their
research projects and in general are not well known
with respect to the commercial counterparts. I
started porting math/engineering code for FreeBSD
around 1996. Back then it was absolutely unthinkable
for a Mechanical Engineer to depend only on FreeBSD
for it's daily work. The situation nowadays is
different: there are some very high quality engineering
analysis packages like EDF's Code Aster, with more
than 12 years of professional development, that
just can't be ignored. A Finite Element package,
like Code Aster, can easily cost 5000 US$, is priced
according to the maximum problem size it can solve,
can require yearly licenses, and is rarely available
with source code. In NASTRAN's case the source code
is only available for US citizens under a yearly
fee. Free software does have serious limitations
though; just like in office applications there are
proprietary CAD formats or sometimes the package
simply doesn't have the required functionality.
Having the sources, of course, always has the
advantage of being able to implement (or pay for)
some specific functionality you might need. Many
commercial packages have been recently ported to
Linux, but even when they gain some of the advantages
of an open environment they still have yet another
limitation: they have been very slow to make use
of the multicored features of the new processors
in the market, a huge limitation now that the speed
war between processors has been limited by the
overheating problem. The objective of the talk is
to give an overview of several CAD/CAE packages
that have been made available recently as part of
FreeBSD's ports system and the decisions that were
made to port them. BRLCAD and Varkon are two CAD
utilities that made a transition from closed source
to an open environment and in the process in the
process of getting ported to BSD have gained greater
portability and general "bug" fixes critical for
their consolidation as usable and maintainable
projects. There are also some tricks that have not
been well documented: it is possible to enable
threads and some extra optimizations on some packages,
and it is also possible to replace the standard
BLAS library with the faster GOTO BLAS without
rebuilding the package. It is also possible to build
the packages optimized for a clustered environment,
but perhaps what is most interesting of all is how
all the packages interrelate with each other and
can turn FreeBSD into a complete enginering
environment. No OS distribution so far is offering
all the engineering specific utilities offered
through FreeBSD's ports system: from design to
visualization, passing through analysis FreeBSD is
becoming an option that can't be ignored, and best
of all, it is an effort that will benefit not only
FreeBSD but the wider audience.
Pedro F. Giffuni M. Sc. Industrial Engineering -
University of Pittsburgh Mechanical Engineer -
Universidad Nacional de Colombia I was born in
Bogota, Colombia but I am an Italian citizen. My
experience with computers started when I was about
12 years old With the TRS-80 Color Computer first
using Basic and the OS-9. I studied electronics for
3 years but became tired of worrying about "whatever
happened to electrons in there" and moved to
Mechanical Engineering. For a while I rested from
the computer world until the Internet came stepping
along. I started using FreeBSD around 1995 and soon
fell in love with the idea of being able to install
a complete version of UNIX from the net with just
one floppy. After submitting a the 999th port to
the FreeBSD project Walnut Creek was kind enough
to give me a subscription for several years to
FreeBSD's CD-ROM. Since then I've been on and off
porting software packages or fixing the bugs I have
caused while porting them. Of course there has
always been great respect for the other BSDs and
their wonderful license and while I've given up on
the idea of one day seeing a "UnifiedBSD" I am glad
to see different approaches sharing ideas in a
healthful environment.
Keywords: BSD, engineering, CAE, CAD, math, mechanical,
FreeBSD ports
EuroBSDCon 2008 - Constantine Murenin - OpenBSD Hardware Sensors Framework
Source: EuroBSDCon
Added: 22 October 2008
Tags: eurobsdcon, eurobsdcon2008, openbsd, hardware sensors, constantine murenin
MP3 (1 byte, 47 minutes), OGG (1 byte, 47 minutes), PDF (1 byte, n pages)
In this talk, we will discuss the past and present
history and the design principles of the OpenBSD
hardware sensors framework. Sensors framework
provides a unified interface for storing, registering
and accessing information about hardware monitoring
sensors. Sensor types include, but are not limited
to, temperature, voltage, fan RPM, time offset and
logical drive status. The framework spans
sensor_attach(9), sysctl(3), sysctl(8), sensorsd(8),
ntpd(8), snmpd(8) and more than 67 drivers, ranging
from I2C temperature sensors and Super I/O hardware
monitors to IPMI, RAID and SCSI enclosures. Several
third-party tools are also available, for example,
a plug-in for Nagios and ports/sysutils/symon.
Originally based on some ideas from NetBSD, the
framework has sustained many improvements in OpenBSD,
and was ported and committed to FreeBSD and DragonFly
BSD.
Constantine A. Murenin is an MMath graduate student
at the David R. Cheriton School of Computer Science
at the University of Waterloo (CA). Prior to his
graduate appointment, Constantine attended and
subsequently graduated from East Carolina University
(US) and De Montfort University (UK), receiving two
bachelor degrees in computer science, with honors
and honours respectively. A FreeBSD Google Summer
of Code 2007 Student, OpenBSD Committer and Mozilla
Contributor, Constantine's interests range from
standards compliance and usability at all levels,
to quiet computing and hardware monitoring.
http://Constantine.SU/
EuroBSDCon 2008 - Ion-Mihai Tetcu - Improving FreeBSD ports/packages quality
Source: EuroBSDCon
Added: 22 October 2008
Tags: eurobsdcon, eurobsdcon2008, freebsd, ports, packages, ion-mihai tetcu
MP3 (1 byte, 56 minutes), OGG (1 byte, 56 minutes), PDF (1 byte, n pages)
This talk is focused on ways to improve the quality
of FreeBSD's ports and packages and it's partially
based on the 5 months experience of writing and
running the consecutive versions of "QA Tindy".
Ion-Mihai "IOnut" Tetcu is a 28 years old FreeBSD
ports committer and maintains about 40 ports scattered
in the Ports Tree. He lives in Bucharest, Romania
where he runs and co-owns an IT& company and he's
a member of Romanian FreeBSD and FreeUnix User Group
(RoFUG). His non-IT interests include history,
philosophy and mountain climbing.
EuroBSDCon 2008 - Yvan Vanhullebus - IPSec tools: past, present and future
Source: EuroBSDCon
Added: 22 October 2008
Tags: eurobsdcon, eurobsdcon2008, ipsec, yvan vanhullebus
MP3 (1 byte, 46 minutes), OGG (1 byte, 46 minutes), PDF (1 byte, n pages)
The first part will explain what have been major
changes since Manu's presentation at Bale's EuroBSDCon,
including more detailed informations on changes
which have a significant impact on administrator's
bad habits (why the common way of doing it is bad,
why it was sometimes needed in the past, how to do
it the good way now, why this is far better), on
both the UserLand (ipsec-tools project) and maybe
in [Free|Net]BSD kernels/ IPSec stacks.
The second part will talk about the future of the
project. News of the next major version (which may
be out or about to be out when we'll be ate
EuroBSDCon), news works which are planned or which
are done but not yet public, but also news about
the team: it's new members, new tools, what we would
like to do in tue future, a
Yvan VANHULLEBUS works as an R&D security engineer
for NETASQ since 2000, where he works on FreeBSD
OS. He started to work on KAME's IPSec stack in
2001, provided many patches for various parts of
the stack, then became one of the maintainers of
ipsec-tools project, a fork of KAME's userland
daemon. He became a NetBSD developper when ipsec-tools
was migrated to NetBSD's CVS.
EuroBSDCon 2008 Keynote - George Neville-Neil - Thinking about thinking code
Source: EuroBSDCon
Added: 22 October 2008
Tags: eurobsdcon, eurobsdcon2008, george neville-neil
MP3 (1 byte, 37 minutes), OGG (1 byte, 37 minutes), PDF (1 byte, n pages)
EuroBSDCon 2008 Keynote - George Neville-Neil - Thinking about thinking code
EuroBSDCon 2008 - Robert Watson - FreeBSD Network Stack Performance Optimizations for Modern Hardware
Source: EuroBSDCon
Added: 22 October 2008
Tags: eurobsdcon, eurobsdcon2008, freebsd, network stack, hardware, robert watson
MP3 (1 byte, 53 minutes), OGG (1 byte, 53 minutes), PDF (1 byte, n pages)
The arrival of high CPU core density, with commodity
quad-core notebooks and 32-core servers, combined
with 10gbps networking have transformed network
design principles for operating systems. This talk
will describe changes in the FreeBSD 6.x, 7.x, and
forthcoming 8.x network stacks required to exploit
multiple cores and serve 10gbps networks. The goal
of the session will be to introduce the audience
to general strategies used to improve performance,
their rationales, and their impact on applications
and users:
- Introduction to the SMPng Project and the follow-on Netperf Project
- Workloads and performance measurement
- Efficient primitives to support modern network stacks
- Multi-core and cache-aware network memory allocator
- Fine-grained network stack locking
- Load-balancing and contention-avoidance across multiple CPUs
- CPU affinity for network stack data structures
- TCP performance enhancements including TSO, LRO, and TOE
- Zero-copy Berkely Packet Filter (BPF) buffers
- Direct network stack dispatch from interrupt handlers
- Multiple input and output queues
Robert Watson is a researcher at the University of
Cambridge Computer Laboratory investinging operating
system and network security. Prior to joining the
Computer Laboratory to work on a PhD, he was Senior
Principal Scientist at McAfee Research, now SPARTA
ISSO, a leading security research and development
organization, directing government and commercial
research contracts for customers that include DARPA,
the US Navy, and Apple Computer. His research
interests include operating system security, network
stack structure and performance, and windowing
system structure. He is also a member of the FreeBSD
Core Team and president of the FreeBSD Foundation.
EuroBSDCon 2008 - Martin Schuette - Improved NetBSD Syslogd
Source: EuroBSDCon
Added: 22 October 2008
Tags: eurobsdcon, eurobsdcon2008, netbsd, syslogd, martin schuette
MP3 (1 byte, 42 minutes), OGG (1 byte, 42 minutes), PDF (1 byte, n pages)
Martin Schuette has three main goals, defined by three
internet drafts to implement:
- TLS transport is the most obvious improvement: it
provides a reliable network transport with data encryption
and peer authentication. To make full use of this a
buffering mechanism to bridge temporary network errors
is implemented as well.
- Syslog-protocol extends the message format to use
a complete timestamp, include a fully qualified domain
name, and allow UTF-8 messages. It also offers a
structured data field to unambiguously encode application
dependent information.
- Syslog-sign will allow any syslog sender to digitally
sign its messages, so their integrity can be verified
later. This enable the detection of loss, deletion or
other manipulation syslog data after network transfer
or archiving on storage media.
Martin Schuette is a student of computer science in
Potsdam, Germany, and has been working as a part-time
system administrator for BSD servers since 2004.
In 2007 Martin Schuette already gave a talk on Syslog
at the Chemnitze Linux-Tage
(http://chemnitzer.linux-tage.de/2007/vortraege/detail.html?idx=547
in german; for a newer english version see these slides
for a seminar talk:
http://fara.cs.uni-potsdam.de/~mschuett/uni/syslog-protocols-080522.pdf).
EuroBSDCon 2008 - Aggelos Economopoulos - An MP-capable network stack for DragonFlyBSD with minimal use of locks
Source: EuroBSDCon
Added: 22 October 2008
Tags: eurobsdcon, eurobsdcon2008, dragonflybsd, mp, network stack, aggelos economopoulos
MP3 (1 byte, 42 minutes), OGG (1 byte, 42 minutes), PDF (1 byte, n pages)
Given the modern trend towards multi-core shared
memory multiprocessors, it is inconceivable for
production OS kernels not to be reentrant. The
typical approach for allowing multiple execution
contexts to simultaneously execute in kernel mode
has been to use fine-grained locking for synchronising
access to shared resources. While this technique
has been proven efficient, empirical evidence
suggests that the resulting locking rules tend to
be cumbersome even for the experienced kernel
programmer, leading to bugs that are hard to diagnose.
Moreover, scaling to more processors requires
extensive use of locks, which may impose unnecessary
locking overhead for small scale multiprocessor
systems. This talk will describe the typical approach
and then discuss the alternative approach taken in
the DragonFlyBSD network stack. We will give an
overview of the various protocol threads employed
for network I/O processing and the common-case code
paths for packet reception and transmission.
Additionally, we'll need to make a passing reference
to DragonFlyBSD's message passing model. This should
establish a baseline, allowing us to focus on the
recent work by the author to eliminate use of the
Big Giant Lock in the performance-critical paths
for the TCP and UDP protocols. The decision to
constrain this work on the two by far most widely-used
transport protocols was made in order to (a) limit
the amount of work necessary and (b) explore the
effectiveness of the approach on the cases that
matter at this point in time.
EuroBSDCon 2008 - Edd Barret - Modern Typesetting on BSD
Source: EuroBSDCon
Added: 22 October 2008
Tags: eurobsdcon, eurobsdcon2008, typesetting, bsd, edd barrett
MP3 (1 byte, 33 minutes), OGG (1 byte, 33 minutes), PDF (1 byte, n pages)
Edd Barrett will speak about using the BSD Platform
as a means of typesetting from a practical standpoint
at EuroBSDcon 2008. Edd Barrett does not wish to
go into the technicalities of each typesetter, but
rather state which are good for certain types of
document, and which tools (ports and packages),
integrate well with the available typesetters.
Edd Barrett os a student from the UK, currently on
"placement year" as a systems administrator for
Bournemouth University. Open Source *NIX has been
his platform of choice for many years and he has
been using OpenBSD for about 3 years now, simply
because it is small, clean, correct and secure.
Just recently he has started developing things I
want or need for OpenBSD.
EuroBSDCon 2008 - Michael Dexter - Zen and the Art of Multiplicity Maintenance: An applied survey of BSD-licensed multiplicity strategies from chroot to mult
Source: EuroBSDCon
Added: 22 October 2008
Tags: eurobsdcon, eurobsdcon2008, bsd, michael dexter
MP3 (1 byte, 38 minutes), OGG (1 byte, 38 minutes), PDF (1 byte, n pages)
Many BSD-licensed strategies of various levels of
maturity exist to implement multiplicity, herein
defined as the introduction of plurality to
traditionally singular computing environments via
isolation, virtualization, or other method. For
example, the chroot utility introduces an additional
isolated root execution environment within that of
the host; or an emulator provides highly-isolated
virtual systems that can run complete native or
foreign operating systems. Motivations for multiplicity
vary, but a demonstrable desire exists for users
to obtain root or run a foreign binary or operating
system. We propose a hands-on survey of portable
and integrated BSD-licensed multiplicity strategies
applicable to the FreeBSD, OpenBSD, DragonFlyBSD
and NetBSD operating systems on the i386 architecture.
We will also address three oft-coupled disciplines:
software storage devices, the installation of
operating system and userlands in multiplicity
environments plus the management of select multiplicity
environments. Finally we will comment on each
strategies potential limits of isolation, compatibility,
independence and potential overhead in comparison
to traditional systems. Keywords: multiplicity,
virtualization, chroot, jail, hypervisor, xen,
compat.
Michael Dexter has used Unix systems since 1991 and
BSD-licensed multiplicity strategies for over five
years. He is the Program Manager at the BSD Fund
and Project Manager of the BSD.lv Project.
EuroBSDCon 2008 - Nick Barkas - Dynamic memory allocation for dirhash in UFS2
Source: EuroBSDCon
Added: 22 October 2008
Tags: eurobsdcon, eurobsdcon2008, ufs2, nick barkas
MP3 (1 byte, 32 minutes), OGG (1 byte, 32 minutes), PDF (1 byte, n pages)
Hello My name is Nick Barkas. I'm a master's student
studying scientific computing at Kungliga Tekniska
hgskolan (KTH) in Stockholm, Sweden. I have just
begun work on a Google Summer of Code project with
FreeBSD: Dynamic memory allocation for dirhash in
UFS2 . I would like to present my results from
this project at EuroBSDCon this year. This project
is very much a work in progress now so it is a bit
difficult to summarize what I would ultimately
present. I will try to describe an outline, though.
First I will give background information on dirhash:
an explanation of the directory data structure in
UFS2, how directory lookups in this structure
necessitate a linear search, and how dirhash speeds
these lookups up without having to change anything
about the directory data structure. Next I will
explain the current limitation that dirhash's maximum
memory use must be manually specified by administrators,
or left at a small conservative default of 2MB. I
will explain some different methods I will have
explored to try and make this maximum memory limit
dynamically increase and decrease as the system has
more or less free memory, and which method I will
have ultimately settled on and implemented. Then
I'll present some test results of performance of
operations on very large directories with and without
dynamic memory allocation enabled for dirhash. Next
I will talk about how speed gains from dirhash are
limited by the fact that the hash tables exist only
in memory and must be recreated after each system
boot, as big directories are scanned for the first
time, or even have to be recreated for a directory
that has not been scanned in some time if its dirhash
has been discarded to free memory. These problems
can be eliminated by using an on-disk index for
directory entries. I will talk about some of the
challenges of implementing on-disk indexing, such
as remaining backwards compatible with older versions
of UFS2 and interoperating properly with softupdates.
Then, if my SoC project has permitted me time to
work on this aspect of it, I will explain some
possible methods for adding directory indexing to
UFS2 that meets these challenges, and which of those
ideas I will have implemented. Finally I will present
results of some benchmarks on this filesystem with
indices, and compare to performance with dirhash,
and with no indices or dirhashes.
Keywords: dirhash, ufs2, filesystems, performance tuning
EuroBSDCon 2008 - Paul Richards - eXtreme Programming: FreeBSD a case study
Source: EuroBSDCon
Added: 22 October 2008
Tags: eurobsdcon, eurobsdcon2008, freebsd, extreme programming, paul richards
MP3 (1 byte, 54 minutes), OGG (1 byte, 54 minutes), PDF (1 byte, n pages)
Traditional project management methodologies are
typically based on the waterfall model where there
are distinct phases: requirements capture, design,
implementation, testing, delivery. Once a project
has moved on to the next phase there is no going
back. The end result is often a late project that
no-one wants anymore because the requirements have
fundamentally changed by the time the project is
delivered.
EuroBSDCon 2008 - Hauke Fath - Managing BSD desktop clients - Fencing in the herd
Source: EuroBSDCon
Added: 22 October 2008
Tags: eurobsdcon, eurobsdcon2008, bsd, desktop, hauke fath
MP3 (1 byte, 50 minutes), OGG (1 byte, 50 minutes), PDF (1 byte, n pages)
The members of the BSD family have traditionally
prospered off the desktop, as operating systems on
servers and embedded systems. The advent of MacOS
X has marked a change, and moved the desktop more
into focus. Modern desktop systems create a richer
software landscape, with more diverse requirements,
than their server counterparts. User demands,
software package interdependencies and frequent
security issues result in a change rate that can
put a considerable load on the admin staff. Without
central management tools, previously identical
installations diverge quickly. This paper looks at
concepts and strategies for managing tens to hundreds
of modern, Unix-like desktop clients. The available
management tools range from simple, image-based
software distribution, mainly used for setting up
uniform clients, to "intelligent" rule-based engines
capable of search-and-replace operations on
configuration files. We will briefly compare their
properties and limitations, then take a closer look
at Radmind, a suite for file level administration
of Unix clients. Radmind has been in use in the
Institute of Telecommunication at Technische
Universitt Darmstadt for over three years, managing
NetBSD and Debian Linux clients in the labs as well
as faculty members' machines. We will explore the
Radmind suite's underlying concepts and functionality.
In order to see how the concept holds up, we will
discuss real-world scenarios from the system
life-cycle of Installation, configuration changes,
security updates, component updates, and system
upgrades.
Hauke Fath works as a systems administrator for the
Institut fr Nachrichtentechnik (telecommunication)
at Technische Universitt Darmstadt. He has been
using NetBSD since 1994, when he first booted a
NetBSD 1.0A kernel on a Macintosh SE/30. NetBSD
helped shaping his career by causing a slow drift
from application programmer's work towards systems
and network administration. Hauke Fath holds a MS
in Physics and became a NetBSD developer in late
2006.
Keywords: Managing Unix desktop clients, software
distribution, tripwire
EuroBSDCon 2008 - Joerg Sonnenberger - Sleeping beauty - NetBSD on Modern Laptops
Source: EuroBSDCon
Added: 22 October 2008
Tags: eurobsdcon, eurobsdcon2008, netbsd, laptops, joerg sonnenberger
MP3 (1 byte, 54 minutes), OGG (1 byte, 54 minutes), PDF (1 byte, n pages)
This paper discusses the NetBSD Power Management
Framework (PMF) and related changes to the kernel.
The outlined changes allow NetBSD to support essential
functions like suspend-to-RAM on most post-Y2K X86
machines. They are also the fundation for intelligent
handling of device activity by enabling devices
on-demand. This work is still progressing. Many of
the features will be available in the up-coming
NetBSD 5.0 release The NetBSD kernel is widely
regarded to be one of the cleanest and most portable
Operating System kernels available. For various
reasons it is also assumed that NetBSD only runs
well on older hardware. In the summer of 2006 Charles
Hannum, one of the founders of NetBSD, left with a
long mail mentioning as important issues the lack
of proper power management and suspendto- RAM
support. One year later, Jared D. McNeill posted a
plan for attacking this issue based on ideas derived
from the Windows Driver Model. This plan would
evolve into the new NetBSD Power Management Framework
(PMF for short).
EuroBSDCon 2008 - Brooks Davis - Isolating cluster jobs for performance and predictability
Source: EuroBSDCon
Added: 22 October 2008
Tags: eurobsdcon, eurobsdcon2008, freebsd, cluster, brooks davis
MP3 (1 byte, 51 minutes), OGG (1 byte, 51 minutes), PDF (1 byte, n pages)
The Aerospace Corporation operates a federally
funded research and development center in support
of national-security, civil and commercial space
programs. Many of our 2400+ engineers use a variety
of computing technologies to support their work.
Applications range from small models which are
easily handled by desktops to parameter studies
involving thousands of cpu hours and traditional,
large scale parallel codes such as computational
fluid dynamics and molecular modeling applications.
Our primary resources used to support these large
applications are computing clusters. Our current
primary cluster, the Fellowship cluster consists
of 352 dual-processor nodes with a total of 14xx
cores. Two additional clusters, beginning at 150
dual-processor nodes each are being constructed to
augment Fellowship. As in In any multiuser computing
environment with limited resources, user competition
for resources is a significant burden. Users want
everything they need to do their job, right now.
Unfortunately, other users may need those resources
at the same time. Thus, systems to arbitrate this
resource contention are necessary. On Fellowship
we have deployed the Sun Grid Engine scheduler which
scheduled batch jobs across the nodes. In the next
section we discuss the performance problems that
can occur when sharing resources in a high performance
computing cluster. We then discuss range of
possibilities to address these problems. We then
explain the solutions we are investigating and
describe our experiments with them. We then conclude
with a discussion of future work.
EuroBSDCon 2008 - Russel Sutherland - UTORvpn: A BSD based VPN service for the masses
Source: EuroBSDCon
Added: 22 October 2008
Tags: eurobsdcon, eurobsdcon2008, freebsd, vpn, russel sutherland
MP3 (1 byte, 52 minutes), OGG (1 byte, 52 minutes), PDF (1 byte, n pages)
The University of Toronto is a large educational
institutional with over 70,000 students and 10,000
staff and faculty. For the past three years, we
have developed and implemented a ubiquitous VPN
service, based up on OpenVPN and FreeBSD. The service
has over 3000 active customers, with up to 35
simultaneous users. The system supports, Linux, Mac
OS X and Windows XP/Vista/2000 clients. Tools have
been developed to create a central CA which enables
users to log in to a secure server and get their
customized client, certificates and configuration.
The NSIS installer is used to generate the customized
windows installers. Similar packages are generated
for the various Unix based clients. Additional
WWW/PHP based tools, have been developed to monitor
and log usage of the service, using standard graphs,
alarms for excessive use and a certificate revocation
mechanism. The system has been integrated into the
local identity management system (Kerberos/LDAP)
in order to authorize and authenticate users upon
initiation and per session usage. All code is Open
Source and freely available.
EuroBSDCon 2008 - George Neville-Neil - Four years of summer of code
Source: EuroBSDCon
Added: 22 October 2008
Tags: eurobsdcon, eurobsdcon2008, google soc, george neville-neil
MP3 (1 byte, 27 minutes), OGG (1 byte, 27 minutes), PDF (1 byte, n pages)
The Google Summer of Code is a program designed to
provide students with real world experience
contributing to open source projects during the
summer break in university studies. Each year Google
selects a number of open source projects to act as
mentoring organizations. Students are invited to
submit project proposals for the open source projects
that are most interesting to them. FreeBSD was one
of the projects selected to participate in the
inaugural Summer of Code in 2005 and we have
participated each year since then. Over the past 4
years a total of 79 students have participated in
the program and it has become a very significant
source of new committers to FreeBSD. This talk will
examine in detail the selection criteria for projects,
the impact that successful projects have had, and
some suggestions for how we can better leverage
this program in the future.
EuroBSDCon 2008 - Anttii Kantee - Converting kernel file systems to services
Source: EuroBSDCon
Added: 22 October 2008
Tags: eurobsdcon, eurobsdcon2008, anttii kantee
MP3 (1 byte, 55 minutes), OGG (1 byte, 55 minutes), PDF (1 byte, n pages)
ABSD/UNIX operating system is traditionally split
into two pieces: the kernel and userspace. Historically
the reasons for this were clear: the UNIX kernel
was a simple entity. However, over time the kernel
has grown more and more complex. Currently, most
of the same functionality is available both in
userspace and the kernel, but under different names.
Examples include synchronization routines and
threading support. For instance, to lock a mutex
in the NetBSD kernel, the call is mutex_enter(),
while in userspace the routine which does exactly
the same thing is known as pthread_mutex_enter().
Taking another classic example, a BSD style OS has
malloc()/free() available both in userspace and the
kernel, but with different linkage (the kernel
malloc interface is currently being widely deprecated,
though). This imposes a completely arbitrary division
between the kernel and userspace. Most functionality
provided by an opearating system should be treated
as a service instead of explicitly pinning it down
as a userspace daemon or a kernel driver. Currently,
due to the arbitrarily difference in programming
interface names, functionality must be explicitly
ported between the kernel and userspace if it is
to run in one or the other environment. By unifying
the environments where possible, the arbitrary
division is weakened and porting between these
environments becomes simpler.
Antti Kantee has been a NetBSD developer for many
many moons. He has managed to work on quite a few
bits and pieces of a BSD system: userland utilities,
the pkgsrc packaging system, networking, virtual
memory, device drivers, hardware support and file
systems.
See also http://www.netbsd.org/docs/puffs/rump.htm
EuroBSDCon 2008 - Matthieu Herrb - Input handling in wscons and X.Org
Source: EuroBSDCon
Added: 22 October 2008
Tags: eurobsdcon, eurobsdcon2008, wscons, x.org, matthieu herrb
MP3 (1 byte, 57 minutes), OGG (1 byte, 57 minutes), PDF (1 byte, n pages)
This talk will present the different layers that
handle input, from the key that gets pressed or the
mouse motion to the applications, all the way through
the kernel drivers, X drivers and libraries, in the
case of the OpenBSD/NetBSD wscons driver and the
current and future X.Org server. It will cover stuff
like keyboard mappings, touch-screen calibration,
multi-pointer X or input coordinates transformations.
It will show some problems of current implementations
and try to show how current evolutions can solve
them.
Matthieu Herrb is maintaing X on OpenBSD. I've been
using X on various systems (SunOS, NetBSD, OpenBSD,
Mac OS X,...) since 1989. He has been a member of
the XFree86 Core Team for a short period in 2003
and is now a member of the X.Org Foundation BoD.
Matthieu Herrb works at LAAS a research laborarory
of the French National Research Agency (CNRS) both
on robotics and network security.
EuroBSDCon 2007 Papers
Source: EuroBSDCon
Added: 05 October 2007
Tags: eurobsdcon, eurobsdcon2007, papers
Pawel Jakub - FreeBSD/ZFS - last word in operating/file systems (337 Kb), Stephen Borrill - Building products with NetBSD - thin-clients (407 Kb), John P Hartmann - CMS Pipelines Explained (118 Kb), Soren Straarup - An ARM from shoulder to hand (307 Kb), Brooks Davis - Building clusters with FreeBSD (2.2 Mb), Steven Murdoch - Hot or Not: Fingerprinting hosts through clock skew (6.1 Mb), Brooks Davis - Using FreeBSD to Promote Open Source Development Methods (989 Kb), Sam Leffler - Long Distance Wireless (for Emerging Regions) (19 Mb), Antti Kantee - ReFUSE: Userspace FUSE Reimplementation Using puffs (102 Kb), Yvan VanHullebus - NETASQ and BSD: a success story (2.4 Mb), Ryan Bickhart - Transparent TCP-to-SCTP Translation Shim Layer (692 Kb), Pierre Yves Ritschard - Load Balancing (23 Kb), John P Hartmann - Real Men's Pipes - When UNIX meets the mainframe mindset (382 Kb), Claudio Jeker - Routing on OpenBSD (1.3 Mb), Marc Balmer - Supporting Radio Clocks in OpenBSD (304 Kb), Peter Hansteen - Firewalling with OpenBSD's PF packet filter (531 Kb), Simon L Nielsen - The FreeBSD Security Officer function (251 Kb), Robert Watson - FreeBSD Advanced Security Features (152 Kb), Ryan Bickhart - Transparent TCP-to-SCTP Translation Shim Layer (491 Kb), Kirk Mckusick - A Brief History of the BSD Fast Filesystem (145 Kb), George Neville-Neil - Network Protocol Testing in FreeBSD and in General (251 Kb), Sam Smith - Fighting "Technical fires" (1.4 Mb), Marko Zec - Network stack virtualization for FreeBSD 7.0 (401 Kb), Isaac Levy - FreeBSD jail(8) Overview, the Secure Virtual Server (120 Mb)
EuroBSDCon 2007 Papers
Andre Opperman - The papers I write for EuroBSDCon 05
Source: EuroBSDCon
Added: 14 January 2007
Tags: eurobsdcon, eurobsdcon2005, paper, freebsd, networking, andre opperman
Optimizing the FreeBSD IP and TCP Stack (1 Mb), New Networking Features in FreeBSD 6 (92 Kb)
The papers I write for EuroBSDCon 05 on New Networking
Feature in FreeBSD 6.0 and Optimizing FreeBSD IP
and TCP in 7-CURRENT
The presentation I gave at SUCON 04
(115 Kb) Source: Andre Opperman
Added: 14 January 2007
Tags: sucon, presentation, freebsd, networking, andre opperman
The presentation I gave at SUCON 04 on 2nd September
2004 about enhancements/changes in FreeBSD 5.3
Networking Stack.
AsiaBSDCon 2009 Paper List
Source: AsiaBSDCon
Added: 24 May 2009
Tags: asiabsdcon, asiabsdcon2009
FreeBSD and SOI-Asia Project Mohamad by Dikshie Fauzie (753 Kb, 4 pages), Deprecating groff for BSD manual display by Kristaps Dzonsons (114 Kb, 8 pages), FreeBSD on high performance multi-core embedded PowerPC systems - Rafal Jaworowski (359 Kb, 12 pages), An Overview of FreeBSD/mips by M. Warner Losh (67 Kb, 8 pages), Active-Active Firewall Cluster Support in OpenBSD by David Gwynne (154 Kb, 20 pages), Mail system for distributed network by Andrey Zakharchenko (150 Kb, 3 pages), OpenBGPD - Bringing full views to OpenBSD since by 2004 Claudio Jeker (401 Kb, 6 pages), Environmental Independence: BSD Kernel TCP/IP in Userspace by Antti Kantee (213 Kb, 10 pages), Crypto Acceleration on FreeBSD by Philip Paeps (58 Kb, 3 pages), Isolating Cluster Users (and Their Jobs) for Performance and Predictability by Brooks Davis (662 Kb, 7 pages), PC-BSD - Making FreeBSD on the Desktop a reality by Kris Moore (351 Kb, 9 pages), The Locking Infrastructure in the FreeBSD kernel by Attilio Rao (55 Kb, 7 pages), OpenBSD Hardware Sensors Framework by Constantine A. Murenin (245 Kb, 14 pages)
Papers of the AsiaBSDCon 2009
AsiaBSDCon 2008 Paper List
Source: AsiaBSDCon
Added: 08 April 2008
Tags: asiabsdcon, asiabsdcon2008
Using FreeBSD to Promote Open Source Development Methods, Brooks Davis, Michael AuYeung, Mark Thomas (The Aerospace Corporation) (483 Kb), OpenBSD Network Stack Internals, Claudio Jeker (The OpenBSD Project) (410 Kb), Tracking FreeBSD in a Commercial Setting, M. Warner Losh (Cisco Systems, Inc.) (94 Kb), Send and Receive of File System Protocols: Userspace Approach With puffs, Antti Kantee (Helsinki University of Technology, Finland) (126 Kb), GEOM --- in Infrastructure We Trust, Pawel Jakub Dawidek (The FreeBSD Project) (91 Kb), Reducing Lock Contention in a Multi-Core System, Randall Stewart (Cisco Systems, Inc.) (72 Kb), PC-BSD: FreeBSD on the Desktop, Matt Olander (iXsystems) (6.4 Mb), Logical Resource Isolation in the NetBSD Kernel, Kristaps Dzonsons (Centre for Parallel Computing, Swedish Royal Institute of Technology) (97 Kb), Whole of the proceedings (9.3 Mb), Gaols: Implementing Jails Under the kauth Framework, Christoph Badura (The NetBSD Foundation) (92 Kb), Cover page (467 Kb), Sleeping Beauty --- NetBSD on Modern Laptops, Jorg Sonnenberger, Jared D. McNeill (The NetBSD Foundation) (87 Kb), A Portable iSCSI Initiator, Alistair Crooks (The NetBSD Foundation) (341 Kb), BSD implementations of XCAST6, Yuji IMAI, Takahiro KUROSAWA, Koichi SUZUKI, Eiichi MURAMOTO, Katsuomi HAMAJIMA, Hajimu UMEMOTO, and Nobuo KAWAGUTI (XCAST fan club, Japan) (526 Kb)
Papers of the AsiaBSDCon 2007
AsiaBSDCon 2007 Paper/Slides List
Source: AsiaBSDCon
Added: 17 March 2007
Tags: asiabsdcon, asiabsdcon2007
SHISA: The Mobile IPv6/NEMO BS Stack Implementation Current Status, Keiichi Shima (Internet Initiative Japan Inc., Japan), Koshiro Mitsuya, Ryuji Wakikawa (Keio University, Japan), Tsuyoshi Momose (NEC Corporation, Japan), Keisuke Uehara (Keio University, Japan) [paper] (311 Kb), An ISP Perspective, jail(8) Virtual Private Servers, Isaac Levy (NYC*BUG/LESMUUG, USA) [paper] (140 Kb), A NetBSD-based IPv6 NEMO Mobile Router, Jean Lorchat, Koshiro Mitsuya, Romain Kuntz (Keio University, Japan) [paper] (412 Kb), Whole of the Proceedings (6.5 Mb), Cover page (588 Kb), Porting the ZFS File System to the FreeBSD Operating System, Pawel Jakub Dawidek (pjd at FreeBSD.org, Poland) [slides] (278 Kb), Implementation and Evaluation of the Dual Stack Mobile IPv6, Koshiro Mitsuya, Ryuji Wakikawa, Jun Murai (Keio University, Japan) [paper] (1071 Kb), puffs - Pass to Userspace Framework File System, Antti Kantee (Helsinki University of Technology, Finland) [slides] (116 Kb), Reflections on Building a High Performance Computing Cluster Using FreeBSD, Brooks Davis (The Aerospace Corporation/brooks at FreeBSD.org, USA) [paper] (1371 Kb), Nsswitch Development: Nss-modules and libc Separation and Caching, Michael A Bushkov (Southern Federal University/bushman at FreeBSD.org, Russia) [paper] (32 Kb), Bluffs: BSD Logging Updated Fast File System, Stephan Uphoff (Yahoo!, Inc./ups at FreeBSD.org, USA) [slides] (601 Kb), Security Measures in OpenSSH, Damien Miller (djm at openbsd.org, Australia) [paper] (97 Kb), Porting the ZFS File System to the FreeBSD Operating System, Pawel Jakub Dawidek (pjd at FreeBSD.org, Poland) [paper] (96 Kb), An ISP Perspective, jail(8) Virtual Private Servers, Isaac Levy (NYC*BUG/LESMUUG, USA) [slides] (20 Mb), Support for Radio Clocks in OpenBSD, Marc Balmer (mbalmer at openbsd.org, Switzerland) [paper] (86 Kb), How the FreeBSD Project Works, Robert N M Watson (University of Cambridge/rwatson at FreeBSD.org, United Kingdom) [paper] (328 Kb), puffs - Pass to Userspace Framework File System, Antti Kantee (Helsinki University of Technology, Finland) [paper] (68 Kb)
Slides and papers of the AsiaBSDCon 2007
Robert Watson's Slides from EuroBSDCon 2004
Source: Robert Watson
Added: 14 January 2007
Tags: eurobsdcon, eurobsdcon2004, slides, trustedbsd, freebsd, mac, robert watson
TrustedBSD MAC Framework on FreeBSD and Darwin (270 Kb)
Robert Watson will describe the design and application
of the TrustedBSD MAC Framework, a flexible kernel
security framework developed on FreeBSD, and recently
experimentally ported to Apple's Darwin operating
system. The MAC Framework permits loadable access
control kernel modules to be loaded, modifying the
security behavior of the operating system, including
SEBSD, a port of the SELinux FLASK/TE security model
to FreeBSD.
Robert Watson's Slides from UKUUG LISA 2006
Source: Robert Watson
Added: 14 January 2007
Tags: ukuug, slides, openbsm, trustedbsd, freebsd, robert watson
CAPP-Compliant Security Event Audit System for Mac OS X and FreeBSD (UKUUG LISA 2006). (199 Kb)
UKUUG LISA 2006 took place in Durham, UK in March,
2006. On this page, you can find my slides from
this conference.
OpenBSM is a BSD-licensed implementation of Sun's
Basic Security Module (BSM) API and file format,
and is the foundation of the TrustedBSD audit
implementation for FreeBSD. This talk will cover
the requirements, design, and implementation of
audit support for FreeBSD. Security audit support
provides detailed logging of security-relevant
events, and meets the requirements of the CAPP
Common Criteria protection profile.
Robert Watson's Slides from EuroBSDCon 2006 and FreeBSD Developer Summit
Source: Robert Watson
Added: 14 January 2007
Tags: eurobsdcon, eurobsdcon2006, robert watson
How the FreeBSD Project Works (EuroBSDCon 2006 Full Conference) (4.4 Mb), TrustedBSD presentation on Audit and priv(9) (Developer Summit) (166 Kb)
EuroBSDCon 2006 took place in Milan, Italy, and not
only offered excellent food on a flexible schedule,
but also an interesting array of talks on work
spanning the BSD's. On this page, you can find my
slides from the FreeBSD developer summit and full
conference.
Status report on the TrustedBSD Project: introduction
and status regarding Audit, plus a TODO list;
introduction to the priv(9) work recently merged
to 7.x.
The FreeBSD Project is one of the oldest and most
successful open source operating system projects,
seeing wide deployment across the IT industry. From
the root name servers, to top tier ISPs, to core
router operating systems, to firewalls, to embedded
appliances, you can't use a networked computer for
ten minutes without using FreeBSD dozens of times.
Part of FreeBSD's reputation for quality and
reliability comes from the nature of its development
organization--driven by a hundreds of highly skilled
volunteers, from high school students to university
professors. And unlike most open source projects,
the FreeBSD Project has developers who have been
working on the same source base for over twenty
years. But how does this organization work? Who
pays the bandwidth bills, runs the web servers,
writes the documentation, writes the code, and calls
the shots? And how can developers in a dozen time
zones reach agreement on the time of day, let alone
a kernel architecture? This presentation will attempt
to provide, in 45 minutes, a brief if entertaining
snapshot into what makes FreeBSD run.
Robert Watson's Slides from BSDCan 2006 and FreeBSD Developer Summit
Source: Robert Watson
Added: 14 January 2007
Tags: bsdcan, bsdcan2006, notes, devsummit, robert watson
SMPng Network Stack Update (Developer Summit) (91 Kb), How the FreeBSD Project Works (BSDCan 2006 Full Conference) (4.4 Mb Kb), Notes from the 10 May 2006 Meeting of the Network Stack Cabal (Developer Summit) (72 Kb), TrustedBSD Project Update (Developer Summit) (120 Kb)
As usual, Dan Langille ran an excellent BSDCan conference.
On this page, you can find my slides from the
developer summit and full conference, excluding the
contents of the WIPs, for which I don't have
permission to redistribute the slides.
Robert Watson's Slides from EuroBSDCon 2005
Source: Robert Watson
Added: 14 January 2007
Tags: eurobsdcon, eurobsdcon2005, slides, freebsd, smp, robert watson, poul-henning kamp, ed maste
Introduction to Multithreading and Multiprocessing in the FreeBSD SMPng Network Stack (370 Kb)
EuroBSDCon 2005 took place in Basel, Switzerland
in November, 2005. Due to an injury, I was unable
to attend the conference itself, and my talks were
presented in absentia by Poul-Henning Kamp and Ed
Maste, who have my greatest appreciation!
The FreeBSD SMPng Project has spent the past five
years redesigning and reimplementing SMP support
for the FreeBSD operating system, moving from a
Giant-locked kernel to a fine-grained locking
implementation with greater kernel threading and
parallelism. This paper introduces the FreeBSD SMPng
Project, its architectural goals and implementation
approach. It then explores the impact of SMPng on
the FreeBSD network stack, including strategies for
integrating SMP support into the network stack,
locking approaches, optimizations, and challenges.
Robert Watson's Slides from BSDCan 2004
Source: Robert Watson
Added: 14 January 2007
Tags: bsdcan, bsdcan2004, slides, trustedbsd, freebsd, robert watson
TrustedBSD: Trusted Operating System Features for BSD (277 Kb)
BSDCan 2004 took place at the University of Ottawa
in Ottawa, Canada. On this page, you can find my
slides from the conference.
Robert Watson will describe a variety of pieces of
work done as part of the TrustedBSD Project, including
the TrustedBSD MAC Framework, Audit facilities for
FreeBSD, as well as supporting infrastructure work
such as GEOM/GBDE, UFS2, OpenPAM. He will also
discuss how certification and evaluation play into
feature selection, design, and documentation.
Robert Watson's Slides from AsiaBSDCon 2004
Source: Robert Watson
Added: 14 January 2007
Tags: asiabsdcon, asiabsdcon2004, robert watson
AsiaBSDCon 2004 BSD (FreeBSD) BoF session (1.4 Mb), Extensible Kernel Security through the TrustedBSD MAC Framework. (135 Kb)
AsiaBSDCon 2004 took place in Taipei, Taiwan, in March 2004, and was hosted by Academia Sinica.
A Tale of Four Kernels
Source: Diomidis Spinellis
Added: 17 May 2008
Tags: freebsd, linux, solaris, windows, article, kernel, diomidis spinellis
Diomidis Spinellis. A tale of four kernels.
In Wilhem Schfer, Matthew B. Dwyer, and
Volker Gruhn, editors, ICSE '08: Proceedings
of the 30th International Conference on
Software Engineering, pages 381-390, New
York, May 2008. Association for Computing
Machinery.
,
Diomidis Spinellis. A tale of four kernels.
In Wilhem Schfer, Matthew B. Dwyer, and
Volker Gruhn, editors, ICSE '08: Proceedings
of the 30th International Conference on
Software Engineering, pages 381-390, New
York, May 2008. Association for Computing
Machinery.
The FreeBSD, GNU/Linux, Solaris, and Windows operating
systems have kernels that provide comparable
facilities. Interestingly, their code bases share
almost no common parts, while their development
processes vary dramatically. We analyze the source
code of the four systems by collecting metrics in
the areas of file organization, code structure,
code style, the use of the C preprocessor, and data
organization. The aggregate results indicate that
across various areas and many different metrics,
four systems developed using wildly different
processes score comparably. This allows us to posit
that the structure and internal quality attributes
of a working, non-trivial software artifact will
represent first and foremost the engineering
requirements of its construction, with the influence
of process being marginal, if any.
New York City BSD Con 2008
Source: New York City *BSD User Group
Added: 24 November 2008
Tags: nycbsdcon2008, nycbsdcon, presentation
Julio M. Merino Vidal: An introduction to the Automated Testing Framework (ATF) for NetBSD. (570 Kb, 18 pages), Mike Silbersack: Detecting TCP regressions with tcpdiff. (88 Kb, 28 pages), Metthew Dillon: The HAMMER File System. (820 Kb, 16 pages), Kurt Miller: OpenBSD's Position Independent Executables (PIE) Implementation. (21 pages), Adrian Chadd: High-throughput concurrent disk IO in FreeBSD. (197 Kb, 92 pages), Anders Magnusson: Design and Implementation of the Portable C Compiler. (123 Kb, 29 pages), Jason L Wright: When Hardware Is Wrong, or "They can Fix It In Software". (1.7 Mb, 22 pages)
Slides of presentations given at New York City BSD
Conference 2008.
User Interfaces and How People Think
Source: New York City *BSD User Group
Added: 10 March 2008
Tags: nycbug, presentation, user interfaces
Slides (2.7 Mb, 24 pages), MP3 version (9 Mb, 78 minutes)
"User Interfaces and How People Think" will introduce
concepts of designing software for different users
by observing how they think about and do what they
do. While much of design today focuses on the
front-end of computer systems, there is opportunity
to innovate in every area where a human interacts
with software.
Bio:
Jeffery Mau is a user experience designer with the
leading business and technology consulting firm
Sapient. He has helped clients create great customer
experiences in the financial services, education,
entertainment and telecommunications industries.
With a passion for connecting people with technology,
Jeff specializes in Information Architecture and
Business Strategy. Jeff holds a Masters in Design
from the IIT Institute of Design in Chicago, Illinois.
SSARES
Source: New York City *BSD User Group
Added: 11 January 2008
Tags: nycbug, presentation, ipv6, gene cronk
Paper (443 Kb, 10 pages), MP3 version (7 Mb, 67 minutes)
SSARES: Secure Searchable Automated Remote Email
Storage - A usable, secure email system on a remote
untrusted server
The increasing centralization of networked services
places user data at considerable risk. For example,
many users store email on remote servers rather
than on their local disk. Doing so allows users to
gain the benefit of regular backups and remote
access, but it also places a great deal of unwarranted
trust in the server. Since most email is stored in
plaintext, a compromise of the server implies the
loss of confidentiality and integrity of the email
stored therein. Although users could employ an
end-to-end encryption scheme (e.g., PGP), such
measures are not widely adopted, require action on
the sender side, only provide partial protection
(the email headers remain in the clear), and prevent
the users from performing some common operations,
such as server-side search.
To address this problem, we present Secure Searchable
Automated Remote Email Storage (SSARES), a novel
system that offers a practical approach to both
securing remotely stored email and allowing
privacy-preserving search of that email collection.
Our solution encrypts email (the headers, body, and
attachments) as it arrives on the server using
public-key encryption. SSARES uses a combination
of Identity Based Encryption and Bloom Filters to
create a searchable index. This index reveals little
information about search keywords and queries, even
against adversaries that compromise the server.
SSARES remains largely transparent to both the
sender and recipient. However, the system also
incurs significant costs, primarily in terms of
expanded storage requirements. We view our work as
a starting point toward creating privacy-friendly
hosted services.
Angelos Keromytis is an Associate Professor with
the Department of Computer Science at Columbia
University, and director of the Network Security
Laboratory. He received his B.Sc. in Computer Science
from the University of Crete, Greece, and his M.Sc.
and Ph.D. from the Computer and Information Science
(CIS) Department, University of Pennsylvania. He
is the author and co-author of more than 100 papers
on refereed conferences and journals, and has served
on over 40 conference program committees. He is an
associate editor of the ACM Transactions on Information
and Systems Security (TISSEC). He recently co-authored
a book on using graphics cards for security, and
is a co-founder of StackSafe Inc. His current
research interests revolve around systems and network
security, and cryptography.
MeetBSD 2008 in California - Presentation
Source: MeetBSD
Added: 19 November 2008
Tags: meetbsd, meetbsd2008, freebsd, presentations
FreeBSD Foundation Update & Recognition by Robert Watson (3.2 Mb, 8 pages), BSD Certification by Dru Lavigne (80 Kb, 19 pages), Crypto Acceleration by Philip Paeps (256 Kb, 20 pages), "Help, my system is slow!" Profiling tools, tips and tricks by Kris Kennaway (172 Kb, 29 pages), Embedding FreeBSD by M. Warner Losh (685 Kb, 31 pages), Isilon and FreeBSD by Zach Loafman (136 Kb, 25 pages), Isolating Cluster Jobs for Performance and Predictability by Brooks Davis (900 Kb, 24 pages), PC-BSD 7 - A Developer's Perspective by Kris Moore (580 Kb, 45 pages), FreeBSD Network Stack Performance - Optimizations for Modern Hardware by Robert Watson (5.5 Mb, 43 pages), A closer look at the ZFS file system by Pawel Jakub Dawidek (470 Kb, 45 pages)
MeetBSD 2008 at the Googleplex in Mountain View,
California to celebrate FreeBSD's 15th Anniversary!
MeetBSD 2007 - Presentations and recordings
Source: MeetBSD
Added: 28 May 2008
Tags: meetbsd, meetbsd2007
Slawomir Zak - DTrace - Monitoring i strojenie systemu w XXI wieku (546 Mb), Brooks Davis - Reflections on Building a High-Performance Computing Cluster Using FreeBSD (401 Mb), Christian Brüffer - Protecting your Privacy with FreeBSD and Tor (416 Kb, 34 Pages), Rafal Jaworowski - FreeBSD do zabudowy, czyli nie tylko pecety (600 Kb, 21 pages), Dominik Hamera, Jakub Klausa - Nowoczesne rozwiazania bezprzewodowe w systemie FreeBSD (165 Mb), Christian Brüffer - Protecting your Privacy with FreeBSD and Tor (409 Kb), Matt Olander - PC-BSD: FreeBSD on the Desktop (272 Mb), Adam Bartman, Rafal Grzebyk - Nowoczesna infrastruktura telefoniczna w oparciu o systemy z rodziny BSD (105 Mb), Pawel Solyga - Meet BSD projects from Google Summer of Code 2007 (6.0 Mb), Brooks Davis - Reflections on Building a High-Performance Computing Cluster Using FreeBSD (1.7 Mb, 25 Pages), Rafal Jaworowski - FreeBSD do zabudowy, czyli nie tylko pecety (638 Mb), Philip Paeps - Detangling and debugging: friends in unexpected places (162 Mb), Pawel Solyga - Meet BSD projects from Google Summer of Code 2007 (3.7 Mb, 71 Pages), Pawel Solyga - Meet BSD projects from Google Summer of Code 2007 (308 Mb), Adam Bartman, Rafal Grzebyk - Nowoczesna infrastruktura telefoniczna w oparciu o systemy z rodziny BSD (3.9 Mb, 71 Pages), Philip Paeps - Detangling and debugging: friends in unexpected places (495 Kb, 53 Pages), Kris Kennaway - New features and improvements in FreeBSD 7 (336 Kb, 37 pages), Slawomir Zak - DTrace - Monitoring i strojenie systemu w XXI wieku (1.1 Mb, 35 Pages), Kris Kennaway - New features and improvements in FreeBSD 7 (564 Mb)
MeetBSD 2007 at the Conference Centre-PWSBiA Congress in Warsaw
Manuel Trujillo - FreeBSD para usuarios de GNU/Linux
(32 Kb) Source: BSDCon Spain
Added: 27 May 2008
Tags: bsdcon-barcelona, spanish, presentation, freebsd, linux, manuel trujillo
Charla sobre las diferencias que puede encontrar un usuario
de un sistema operativo GNU/Linux cuando accede a un sistema
operativo FreeBSD, y sugerencias superar la posible
desorientación.
Jordi Prats - Uso de OpenBSD en dispositivos empotrados
(1.8 Mb, 44 pages) Source: BSDCon Spain
Added: 27 May 2008
Tags: bsdcon-barcelona, spanish, presentation, openbsd, embedded, jordi prats
Los sistemas empotrados gracias a un menor consumo
energético y unas dimensiones reducidas, a costa
de ciertas limitaciones del hardware, permiten su uso
en multitud de entornos. En esta presentación
veremos como usarlos con OpenBSD y sus posibles aplicaciones.
Jesús Rodriguez - SIP y VozIP con FreeBSD
(527 Kb, 40 pages) Source: BSDCon Spain
Added: 27 May 2008
Tags: bsdcon-barcelona, spanish, presentation, asterisk, openser, freebsd, sip, voip, jesus rodriguez
Repaso a las diferentes aplicaciones y servicios
relacionados con SIP y VozIP que pueden usarse en
FreeBSD. Entre estas apliaciones destacan OpenSER y
Asterisk, ya que usados de forma conjunta pueden ofrecer
una larga lista de servicios de forma rápida,
segura y escalable.
FreeBSD Security Officer funktionen
Source: AArhus Unix Users Group
Added: 15 January 2007
Tags: h, freebsd, security officer, simon l nielsen
PDF (danish) (211 Kb)
"FreeBSD Security Officer funktionen" at the AAUUG,
AAUUG, 22 August 2006 by Simon L. Nielsen (FreeBSD
Deputy Security Officer)
FreeBSD Security Officer funktionen
(210 Kb) Source: BSD UNIX bruger gruppe i Danmark
Added: 15 January 2007
Tags: aauug, presentation, danish, freebsd, security officer, simon l nielsen
"FreeBSD Security Officer funktionen" at the BSD-DK,
26 August 2006 by Simon L. Nielsen (FreeBSD Deputy
Security Officer)
FreeBSD ports Erwin Lansing
Source: OpenFest
Added: 15 January 2007
Tags: openfest, openfest2006, presentation, freebsd, port manager, erwin lansing
PDF (128 Kb)
Case study : managing a worldwide open source project: FreeBSD port manager
Chris Buechler and Scott Ullrich - pfSense: 2.0 and beyond
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, pfsense, chris buechler, scott ullrich
Slides (3.2 Mb, 36 pages)
pfSense: 2.0 and beyond
From firewall distribution to appliance building platform
pfSense is a BSD licensed customized distribution
of FreeBSD tailored for use as a firewall and router.
In addition to being a powerful, flexible firewalling
and routing platform, it includes a long list of
related features and a package system allowing
further expandability without adding bloat and
potential security vulnerabilities to the base
distribution.
This session will start with an introduction to the
project and its common uses, which have expanded
considerably beyond firewalling. We will cover much
of the new functionality coming in the 2.0 release,
which contains significant enhancements to nearly
every portion of the system as well as numerous new
features.
While the primary function of the project is a
firewalling and routing platform, with changes
coming in pfSense 2.0, it has also become an appliance
building framework enabling the creation of customized
special purpose appliances. The m0n0wall code where
pfSense originated has proved popular for this
purpose, with AskoziaPBX and FreeNAS also based
upon it, in addition to a number of commercial
solutions. The goal of this appliance building
framework is to enable creation of projects such
as these without having to fork and maintain another
code base. The existing appliances, including a DNS
server using TinyDNS, VoIP with FreeSWITCH, and
others will be discussed. For those interested in
creating appliances, an overview of the process
will be provided along with references for additional
information.
Luigi Rizzo - GEOM based disk schedulers for FreeBSD
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, freebsd, geom, disk schedulers, luigi rzzo
Slides (430 Kb, 40 pages)
GEOM based disk schedulers for FreeBSD
The high cost of seek operations makes the throughput
of disk devices very sensitive to the offered
workload. A disk scheduler can then help reorder
requests to improve the overall throughput of the
device, or improve the service guarantees for
individual users, or both.
Research results in recent years have introduced,
and proven the effectiveness of, a technique called
"anticipatory scheduling". The basic idea behind
this technique is that, in some cases, requests
that cause a seek should not be served immediately;
instead, the scheduler should wait for a short
period of time in case other requests arrive that
do not require a seek to be served. With many common
workloads, dominated by sequential synchronous
requests, the potential loss of throughput caused
by the disk idling times is more than balanced by
the overall reduction of seeks.
While a fair amount of research on disk scheduling
has been conducted on FreeBSD, the results were
never integrated in the OS, perhaps because the
various prototype implementations were very
device-specific and operated within the device
drivers. Ironically, anticipatory schedulers are
instead a standard part of Linux kernels.
This talk has two major contributions:
First, we will show how, thanks to the flexibility
of the GEOM architecture, an anticipatory disk
scheduling framework has been implemented in FreeBSD
with little or no modification to a GENERIC kernel.
While these schedulers operate slightly above the
layer where one would naturally put a scheduler,
they can still achieve substantial performance
improvements over the standard disk scheduler; in
particular, even the simplest anticipatory schedulers
can prevent the complete trashing of the disk
performance that often occurs in presence of multiple
processes accessing the disk.
Secondly, we will discuss how the basic anticipatory
scheduling technique can be used not only to improve
the overall throughput of the disk, but also to
give service guarantees to individual disk clients,
a feature that is extremely important in practice
e.g., when serving applications with pseudo-real-time
constraints such as audio or video streaming ones.
A prototype implementation of the scheduler that
will be covered in the presentation is available
at http://info.iet.unipi.it/~luigi/FreeBSD/
Constantine A. Murenin - Quiet Computing with BSD
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, bsd, hardware monitors, canstantine murenin
Slides (264 Kb, 16 pages)
Quiet Computing with BSD
Programming system hardware monitors for quiet computing
In this talk, we will present a detailed overview
of the features and common problems of microprocessor
system hardware monitors as they relate to the topic
of silent computing. In a nutshell, the topic of
programmable fan control will be explored.
Silent computing is an important subject as its
practice reduces the amount of unnecessary stress
and improves the motivation of the workforce, at
home and in the office.
Attendees will gain knowledge on how to effectively
programme the chips to minimise fan noise and avoid
system failure or shutdown during temperature
fluctuations, as well as some basic principles
regarding quiet computing.
Shortly before the talk, a patch for programming
the most popular chips (like those from Winbond)
will be released for the OpenBSD operating system,
although the talk itself will be more specific to
the microprocessor system hardware monitors themselves,
as opposed to the interfacing with thereof in modern
operating systems like OpenBSD, NetBSD, DragonFly
BSD and FreeBSD.
Fernando Gont - Results of a Security Assessment of the TCP and IP protocols and Common implementation Strategies
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, bsd, security assessment, fernado gont
Security Assessment of the Internet Protocol (660 Kb, 63 pages), Slides (473 Kb, 64 pages), Proposal (93 Kb, 3 pages), Security Assessment of the Transmission Control Protocol (TCP) (1.4 Mb, 130 pages)
Results of a Security Assessment of the TCP and IP
protocols and Common implementation Strategies
Fernando Gont will present the results of security
assessment of the TCP and IP protocols carried out
on behalf of the United Kingdom's Centre for the
Protection of National Infrastructure (Centre for
the Protection of National Infrastructure). His
presentation will provide an overview of the
aforementioned project, and will describe some of
the new insights that were gained as a result of
this project. Additionally, it will provide an
overview of the state of affairs of the different
TCP/IP implementations found in BSD operating systems
with respect to the aforementioned issues.
During the last twenty years, many vulnerabilities
have been identified in the TCP/IP stacks of a
number of systems. The discovery of these vulnerabilities
led in most cases to reports being published by a
number of CSIRTs and vendors, which helped to raise
awareness about the threats and the best possible
mitigations known at the time the reports were
published. For some reason, much of the effort of
the security community on the Internet protocols
did not result in official documents (RFCs) being
issued by the organization in charge of the
standardization of the communication protocols in
use by the Internet: the Internet Engineering Task
Force (IETF). This basically led to a situation in
which "known" security problems have not always
been addressed by all vendors. In addition, in many
cases vendors have implemented quick "fixes" to the
identified vulnerabilities without a careful analysis
of their effectiveness and their impact on
interoperability. As a result, producing a secure
TCP/IP implementation nowadays is a very difficult
task, in large part because of the hard task of
identifying relevant documentation and differentiating
between that which provides correct advisory, and
that which provides misleading advisory based on
inaccurate or wrong assumptions. During 2006, the
United Kingdom's Centre for the Protection of
National Infrastructure embarked itself in an
ambitious and arduous project: performing a security
assessment of the TCP and IP protocols. The project
did not limit itself to an analysis of the relevant
IETF specifications, but also included an analysis
of common implementation strategies found in the
most popular TCP and IP implementations. The result
of the project was a set of documents which identifies
possible threats for the TCP and IP protocols and,
where possible, proposes counter-measures to mitigate
the identified threats. This presentation will will
describe some of the new insights that were gained
as a result of this project. Additionally, it will
provide an overview of the state of affairs of the
different TCP/IP implementations found in BSD
operating systems.
Brooks Davis - Isolating Cluster Jobs for Performance and Predictability
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, freebsd, cluster, brooks davis
Slides (1.4 Mb, 27 pages)
Isolating Cluster Jobs for Performance and Predictability
At The Aerospace Corporation, we run a large FreeBSD
based computing cluster to support engineering
applications. These applications come in all shapes,
sizes, and qualities of implementation. To support
them and our diverse userbase we have been searching
for ways to isolate jobs from one another in ways
that are more effective than Unix time sharing and
more fine grained than allocating whole nodes to
jobs.
In this talk we discuss the problem space and our
efforts so far. These efforts include implementation
of partial file systems virtualization and CPU
isolation using CPU sets.
John Baldwin - Multiple Passes of the FreeBSD Device Tree
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, freebsd, device tree, john baldwin
Slides (60 Kb, 15 pages), Paper (103 Kb, 8 pages)
Multiple Passes of the FreeBSD Device Tree
The existing device driver framework in FreeBSD
works fairly well for many tasks. However, there
are a few problems that are not easily solved with
the current design. These problems include having
"real" device drivers for low-level hardware such
as clocks and interrupt controllers, proper resource
discovery and management, and allowing most drivers
to always probe and attach in an environment where
interrupts are enabled. I propose extending the
device driver framework to support multiple passes
over the device tree during boot. This would allow
certain classes of drivers to be attached earlier
and perform boot-time setup before other drivers
are probed and attached. This in turn can be used
to develop solutions to the earlier list of problems.
Colin Percival - scrypt: A new key derivation function
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, scrypt, colin percival
Slides (556 Kb, 21 pages), Paper (201 Kb, 16 pages)
scrypt: A new key derivation function
Doing our best to thwart TLAs armed with ASICs
Password-based key derivation functions are used
for two primary purposes: First, to hash passwords
so that an attacker who gains access to a password
file does not immediately possess the passwords
contained therewithin; and second, to generate
cryptographic keys to be used for encrypting or
authenticating data.
In both cases, if passwords do not have sufficient
entropy, an attacker with the relevant data can
perform a brute force attack, hashing potential
passwords repeatedly until the correct key is found.
While commonly used key derivation functions, such
as Kamp's iterated MD5, Provos and Mazieres' bcrypt,
and RSA Laboratories' PBKDF1 and PBKDF2 make an
attempt to increase the difficulty of brute-force
attacks, they all require very little memory, making
them ideally suited to attack by custom hardware.
In this talk, I will introduce the concepts of
memory-hard and sequential memory-hard functions,
and argue that key derivation functions should be
sequential memory-hard. I will present a key
derivation function which, subject to common
assumptions about cryptographic hash functions, is
provably sequential memory-hard, and a variation
which appears to be stronger (but not provably so).
Finally, I will provide some estimates of the cost
of performing brute force attacks on a variety of
password strengths and key derivation functions.
George Neville-Neil - Thinking about thinking in code
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, keynote, bsd, george neville-neil
Slides (4.0 Mb, 137 pages)
Thinking about thinking in code
Proposed keynote talk
This is not a talk that's specific to any BSD but
is a more general talk about how we think about
coding and how our thinking changes the way we code.
I compare how we built systems to how other industries
build their products and talk about what we can
learn from how we work and from how others work as
well.
Stephen Borrill - Building products with NetBSD - thin-clients
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, netbsd, thin client, stephen borrill
Slides (499 Kb, 60 pages)
Building products with NetBSD - thin-clients
NetBSD: delivering the goods
This talk will discuss what thin-clients are, why
they are useful and why NetBSD is good choice to
build such a device.
This talk will provide information on some alternatives
and the strengths and weaknesses of NetBSD when
used in such a device.
It will discuss problems that needed to be addressed
such as how to get a device with rich functionality
running from a small amount of flash storage, as
well as recent developments in NetBSD that have
helped improve the product.
Warner Losh - Tracking FreeBSD in a commercial Environment
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, freebsd, commercial environment, waner losh
Paper (624 Kb, 45 pages), Slides (104 Kb, 10 pages)
Tracking FreeBSD in a commercial Environment
How to stay current while staying sane
The FreeBSD project publishes two lines of source
code: current and stable. All changes must first
be committed to current and then are merged into
stable. Commercial organizations wishing to use
FreeBSD in their products must be aware of this
policy. Four different strategies have developed
for tracking FreeBSD over time. A company can choose
to run only unmodified release versions of FreeBSD.
A company may choose to import FreeBSD's sources
once and then never merge newer versions. A company
can choose to import each new stable branch as it
is created, adding its own changes to that branch,
as well as integrating new versions from FreeBSD
from time to time. A company can track FreeBSD's
current branch, adding to it their changes as well
as newer FreeBSD changes. Which method a company
chooses depends on the needs of the company. These
methods are explored in detail, and their advantages
and disadvantages are discussed. Tracking FreeBSD's
ports and packages is not discussed.
Companies building products based upon FreeBSD have
many choices in how to use the projects sources and
binaries. The choices range from using unmodified
binaries from FreeBSD's releases, to tracking modify
FreeBSD heavily and tracking FreeBSD's evolution
in a merged tree. Some companies may only need to
maintain a stable version of FreeBSD with more bug
fixes or customizations than the FreeBSD project
wishes to place in that branch. Some companies also
wish to contribute some subset of their changes
back to the FreeBSD project.
FreeBSD provides an excellent base technology with
which to base products. It is a proven leader in
performance, reliability and scalability. The
technology also offers a very business friendly
license that allows companies to pick and choose
which changes they wish to contribute to the community
rather than forcing all changes to be contributed
back, or attaching other undesirable license
conditions to the code.
However, the FreeBSD project does not focus on
integration of its technology into customized
commercial products. Instead, the project focuses
on producing a good, reliable, fast and scalable
operating system and associated packages. The project
maintains two lines of development. A current branch,
where the main development of the project takes
place, and a stable branch which is managed for
stability and reliability. While the project maintains
documentation on the system, including its development
model, relatively little guidance has been given
to companies in how to integrate FreeBSD into their
products with a minimum of trouble.
Developing a sensible strategy to deal with both
these portions of FreeBSD requires careful planning
and analysis. FreeBSD's lack of guidelines to
companies leaves it up to them to develop a strategy.
FreeBSD's development model differs from some of
the other Free and Open Source projects. People
familiar with those systems often discover that
methods that were well suited to them may not work
as well with FreeBSD's development model. These two
issues cause many companies to make poor decisions
without understanding the problems that lie in their
future.
Very little formal guidance exists for companies
wishing to integrate FreeBSD into their products.
Some email threads can be located via a Google
search that could help companies, but many of them
are full of contradictory information, and it is
very disorganized. While the information about the
FreeBSD development process is in the FreeBSD
handbook, the implications of that process for
companies integrating FreeBSD into their products
are not discussed.
Kris Moore - PC-BSD - Making FreeBSD on the desktop a reality
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, pc-bsd, freebsd, kris moore
Paper (351 Kb, 9 pages), Slides (512 Kb, 35 pages)
PC-BSD - Making FreeBSD on the desktop a reality
FreeBSD on the Desktop
While FreeBSD is a all-around great operating system,
it is greatly lagging behind in desktop appeal. Why
is this? In this talk, we will take a look at some
of the desktop drawbacks of FreeBSD, and how are
are attempting to fix them through PC-BSD.
FreeBSD has a reputation for its rock-solid
reliability, and top-notch performance in the server
world, but is noticeably absent when it comes to
the vast market of desktop computing. Why is this?
FreeBSD offers many, if not almost all of the same
open-source packages and software that can be found
in the more popular Linux desktop distributions,
yet even with the speed and reliability FreeBSD
offers, a relative few number of users are deploying
it on their desktops.
In this presentation we will take a look at some
of the reasons why FreeBSD has not been as widely
adopted in the desktop market as it has on the
server side. Several of the desktop weaknesses of
FreeBSD will be shown, along with how we are trying
to fix these short-comings through a desktop-centric
version of FreeBSD, known as PC-BSD. We will also
take a look at the package management system employed
by all open-source operating systems alike, and
some of the pitfalls it brings, which may hinder
widespread desktop adoption.
Sean Bruno - Implementation of TARGET_MODE applications
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, freebsd, firewire, sean bruno
Slides (72 Kb, 22 pages)
Implementation of TARGET_MODE applications
How we used TARGET_MODE in the kernel to create and
interesting product
This presentation will cover a real world implementation
of the TARGET_MODE infrastructure in the kernel
(stable/6). Topics to include: drivers used (isp,
aic7xxx, firewire). scsi_target userland code vs
kernel drivers missing drivers (4/8G isp support,
iSCSI target)
Target Mode describes a feature within certain
drivers that allows a FreeBSD system to emulate a
Target in the SCSI sense of the word. By recompiling
your kernel with this feature enabled, it permits
one to turn a FreeBSD system into an external hard
disk. This feature of the FreeBSD kernel provides
many interesting implementations and is highly
desirable to many organizations whom run FreeBSD
as their platform.
I have been tasked with the maintenance of a
proprietary target driver that interfaces with the
FreeBSD kernel to do offsite data mirroring at the
block level. This talk will discuss the implementation
of that kernel mode driver and the process my
employer went through to implement a robust and
flexible appliance.
Since I took over the implementation, we have
implemented U160 SCSI(via aic7xxx), 2G Fibre
Channel(via isp) and Firewire 400 (via sbp_targ).
Each driver has it's own subtleties and requirements.
I personally enhanced the existing Firewire target
driver and was able to get some interesting results.
I hope to demonstrate a functional Firewire 400/800
target and show how useful this application can be
for the embedded space. Also, I wish to demonstrate
the need for iSCSI. USB and 4/8G Fibre Channel
target implementations that use the TARGET_MODE
infrastructure that is currently in place to allow
others to expand their various interface types.
The presentation should consist of a high level
overview, followed by detailed implementation
instructions with regards to the Firewire implementation
and finish up with a hands-on demonstration with a
FreeBSD PC flipped into TARGET_MODE and a Mac.
George Neville-Neil - Understanding and Tuning SCHED_ULE
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, freebsd, sched_ule, george neville-neil
Slides (228 Kb, 29 pages)
Understanding and Tuning SCHED_ULE
With the advent of widespread SMP and multicore CPU
architectures it was necessary to implement a new
scheduler in the FreeBSD operating system. The
SCHEDULE scheduler was added for the 5 series of
FreeBSD releases and has now matured to the point
where it is the default scheduler in the 7.1 release.
While scheduling processes was a difficult enough
task in the uniprocessor world, moving to multiple
processors, and multiple cores, has significantly
increased the number of problems that await engineers
who wish to squeeze every last ounce of performance
out of their system. This talk will cover the basic
design of SCHEDULE and focus a great deal of attention
on how to tune the scheduler for different workloads,
using the sysctl interfaces that have been provided
for that purpose.
Understanding and tuning a scheduler used to be
done only by operating systems designers and perhaps
a small minority of engineers focusing on esoteric
high performance systems. With the advent of
widespread multi-processor and multi-core architectures
it has become necessary for more users and
administrators to decide how to tune their systems
for the best performance. The SCHEDULE scheduler
in FreeBSD provides a set of sysctl interfaces for
tuning the scheduler at run time, but in order to
use these interfaces effectively the scheduling
process must first be understood. This presentation
will give an overview of how SCHEDULE works and
then will show several examples of tuning the system
with the interfaces provided.
The goal of modifying the scheduler's parameters
is to change the overall performance of programs
on the system. One of the first problems presented
to the person who wants to tune the scheduler is
how to measure the effects of their changes. Simply
tweaking the parameters and hoping that that will
help is not going to lead to good results. In our
recent experiments we have used the top(1) program
to measure our results.
Lawrence Stewart - Improving the FreeBSD TCP Implementation
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, freebsd, tcp, lawrence stewart
Slides (2.1 Mb, 38 pages)
Improving the FreeBSD TCP Implementation.
An update on all things TCP in FreeBSD and how they
affect you.
My involvement in improving the FreeBSD TCP stack
has continued this past year, with much of the work
targeted at FreeBSD 8. This talk will cover what
these changes entail, why they are of interest to
the FreeBSD community and how they help to improve
our TCP implementation.
It has been a busy year since attending my inaugural
BSDCan in 2008, where I talked about some of my
work with TCP in FreeBSD.
I have continued the work on TCP analysis/debugging
tools and integrating modular congestion control
into FreeBSD as part of the NewTCP research project.
I will provide a progress update on this work.
Additionally, a grant win from the FreeBSD Foundation
to undertake a project titled "Improving the FreeBSD
TCP Implementation" at Swinburne University's Centre
for Advanced Internet Architectures has been
progressing well. The project focuses on bringing
TCP Appropriate Byte Counting (RFC 3465), reassembly
queue auto-tuning and integration of low-level
analysis/debugging tools to the base system, all
of which I will also discuss.
Ivan Voras - Remote and mass management of systems with finstall
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, finstall, management, freebsd, ivan voras
Slides (377 Kb, 24 pages)
Remote and mass management of systems with finstall
Automated management on a largish scale
An important part of the "finstall" project, created
as a graphical installer for FreeBSD, is a configuration
server that can be used to remotely administer and
configure arbitrary systems. It allows for remote
scripting of administration tasks and is flexible
enough to support complete reconfiguration of running
systems.
The finstall project has two major parts - the
front-end and the back-end. The front-end is just
a GUI allowing the users to install the system in
a convenient way. The back-end is a network-enabled
XML-RPC server that is used by the front-end to
perform its tasks. It can be used as a stand-alone
configuration daemon. This talk will describe a way
to make use of this property of finstall to remotely
manage large groups of systems.
Mike Silbersack - Detecting TCP regressions with tcpdiff
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, tcpdiff, freebsd, mike silbersack
Slides (89 Kb, 33 pages)
Detecting TCP regressions with tcpdiff
Determining if a TCP stack is working correctly is
hard. The tcpdiff project aims for a simpler goal:
To automatically detect differences in TCP behavior
between different versions of an operating system
and display those differences in an easy to understand
format. The value judgement of whether a certain
change between version X and Y of a TCP stack is
good or bad will be left to human eyes.
Determining if a TCP stack is working correctly is
hard. The tcpdiff project aims for a simpler goal:
To automatically detect differences in TCP behavior
between different versions of an operating system
and display those differences in an easy to understand
format. The value judgement of whether a certain
change between version X and Y of a TCP stack is
good or bad will be left to human eyes.
The initial version of tcpdiff presented at NYCBSDCon
2008 demonstrated that it could be used to detect
at least two major TCP bugs that were introduced
into FreeBSD in the past few years. The work from
that presentation can be viewed at
http://www.silby.com/nycbsdcon08/.
For BSDCan 2009, I hope to fix a number of bugs in
tcpdiff, make it easier to use, set up nightly tests
of FreeBSD, and improve it so that additional known
bugs can be detected. Additionally, I plan to run
it on OSes other than FreeBSD.
Philip Paeps - Crypto Acceleration on FreeBSD
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, crypto acceleration, freebsd, philip paeps
Slides (361 Kb, 28 pages)
Crypto Acceleration on FreeBSD
As more and more services on the internet become
cryptographically secured, the load of cryptography
on systems becomes heavier and heavier. Crypto
acceleration hardware is available in different
forms for different workloads. Embedded communications
processors from VIA and AMD have limited acceleration
facilities in silicon and various manufacturers
build hardware for accelerating secure web traffic
and IPSEC VPN tunnels.
This talk gives an overview of FreeBSD's crypto
framework in the kernel and how it can be used
together with OpenSSL to leverage acceleration
hardware. Some numbers will be presented to demonstrate
how acceleration can improve performance - and how
it can curiously bring a system to a grinding halt.
Philip originally started playing with crypto
acceleration when he saw the "crypto block" in one
of his Soekris boards. As usual, addiction was
instant and by the grace of the "you touch it, you
own it" principle, he has been fiddling the crypto
framework more than is good for him.
George Neville-Neil - Networking from the Bottom Up: Device Drivers
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, tutorial, device drivers, george neville-neil
PDF file (480 Kb, 68 pages)
Networking from the Bottom Up: Device Drivers.
In this tutorial I will describe how to write and
maintain network drivers in FreeBSD and use the
example of the Intel Gigabit Ethernet driver (igb)
throughout the course.
Students will learn the basic data structures and
APIs necessary to implement a network driver in
FreeBSD. The tutorial is general enough that it can
be applied to other BSDs, and likely to other
embedded and UNIX like systems while being specific
enough that given a device and a manual the student
should be able to develop a working driver on their
own. This is the first of a series of lectures on
network that I am developing over the next year or
so.
Daniel Braniss
Source: BSDCan - The Technical BSD Conference
Added: 28 May 2008
Tags: bsdcan, bsdcan2008, presentation, iscsi, daniel braniss
PDF file (1.4 Mb, 30 pages)
iSCSI
not an Apple appliance.
iSCSI is not an Apple appliance.
The i in iSCSI stands for internet, some say for
insecure, personally I like to think interesting.
I'll try to share the road followed from RFC-3720
to the actual working driver, the challenges, the
frustrations.
Scott Ullrich, Chris Buechler - pfSense Tutorial
Source: BSDCan - The Technical BSD Conference
Added: 28 May 2008
Tags: bsdcan, bsdcan2008, tutorial, freebsd, pfsense, scott ullrich, chris buechler
PDF file (4.1 Kb, 91 pages)
pfSense Tutorial
From Zero to Hero with pfSense
pfSense is a free, open source customized distribution
of FreeBSD tailored for use as a firewall and router.
In addition to being a powerful, flexible firewalling
and routing platform, it includes a long list of
related features and a package system allowing
further expandability without adding bloat and
potential security vulnerabilities to the base
distribution. pfSense is a popular project with
more than 1 million downloads since its inception,
and proven in countless installations ranging from
small home networks protecting a PC and an Xbox to
large corporations, universities and other organizations
protecting thousands of network devices.
This tutorial is being presented by the founders
of the pfSense project, Chris Buechler and Scott
Ullrich.
The session will start with an introduction to the
project, hardware sizing and selection, installation,
firewalling concepts and basic configuration, and
continue to cover all the most popular features of
the system. Common usage scenarios, deployment
considerations, step by step configuration guidance,
and best practices will be covered for each feature.
Most configurations will be demonstrated in a live
lab environment.
Attendees are assumed to have basic knowledge of
TCP/IP and firewalling concepts, however no in-depth
knowledge in these areas or prior knowledge of
pfSense or FreeBSD is necessary.
Rafal Jaworowski - FreeBSD Embedded Report
Source: BSDCan - The Technical BSD Conference
Added: 26 May 2008
Tags: bsdcan, bsdcan2008, devsummit, devsummit2008, freebsd, embedded, rafal jaworowski
PDF file (58 Kb, 6 pages)
FreeBSD Embedded Report
Robert Watson - TCP SMP Scalability
Source: BSDCan - The Technical BSD Conference
Added: 26 May 2008
Tags: bsdcan, bsdcan2008, devsummit, devsummit2008, freebsd, smp, robert watson
PDF file (70 Kb, 8 pages)
TCP SMP Scalability
Erwin Lansing - What's happening in the world of ports and portmgr
Source: BSDCan - The Technical BSD Conference
Added: 24 May 2008
Tags: bsdcan, bsdcan2008, devsummit, devsummit2008, freebsd, portmgr, erwin lansing
PDF file (146 Kb, 14 pages)
What's happening in the world of ports and portmgr
Kern Sibbald - Bacula
Source: BSDCan - The Technical BSD Conference
Added: 26 May 2008
Tags: bsdcan, bsdcan2008, slides, bacula, kern sibbald
PDF file (505 Kb, 30 pages)
Bacula
The Open Source Enterprise Backup Solution
The Bacula project started in January 2000 with
several goals, one of which was the ability to
backup any client from a Palm to a mainframe computer.
Bacula is available under a GPL license.
Bacula uses several distinct components, each
communicating via TCP/IP, to achieve a very scalable
and robust solution to backups.
Kern is one of the original project founders and
still one of the most productive Bacula developers.
Warner Losh - FreeBSD/mips
Source: BSDCan - The Technical BSD Conference
Added: 26 May 2008
Tags: bsdcan, bsdcan2008, slides, freebsd, mips, embedded, warner losh
PDF file (1.3 Mb, 19 pages)
FreeBSD/mips
Embedding FreeBSD
FreeBSD now runs on the MIPS platform. FreeBSD/mips
supports MIPS-32 and MIPS-64 targets, including SMP
for multicore support.
FreeBSD/mips is targeted at the embedded MIPS
marketplace. FreeBSD has run on the MIPS platform
for many years. Juniper ported FreeBSD to the Mips
platform in the late 1990's. However, concern about
intellectual property issues kept Juniper from
contributing the port back to FreeBSD until recently.
The contributed port was a 64-bit mips port.
In the mean time, many efforts were made to bring
FreeBSD to the mips platform. The first substantial
effort to bring FreeBSD to the Mips platform was
done by Juli Mallet. This effort made it to single
user, but never further than that. This effort was
abandoned due to a change in Juli's life. The port
languished.
Two years ago at BSDcan, as my involvement with
FreeBSD/arm was growing, I tried to rally the troops
into doing a FreeBSD/mips port. My efforts resulted
in what has been commonly called the "mips2" effort.
The name comes from the choice of //depot/projects/mips2
to host the work in perforce. A number of people
worked on the earliest versions of the port, but
it too languished and seemed destined to suffer the
same fate as earlier efforts. Then, two individuals
stood up and started working on the port. Wojciech
A. Koszek and Oleksandr Tymoshenko pulled in code
from the prior efforts. Through their efforts of
stabilizing this code, the port to the single user
stage and ported it to three different platforms.
Others ported it to a few more. Snapshots of this
work were released from time to time.
Cavium Networks picked up one of these snapshots
and ported it to their multicore mips64 network
processor. Cavium has kindly donated much of their
work to the comminuty.
In December, I started at Cisco systems. My first
job was to merge all the divergent variants of
FreeBSD/mips and get it into shape to push into the
tree. With luck, this should be in the tree before
I give my talk.
In parallel to this, other advances in the embedded
support for FreeBSD have been happening as well.
I'll talk about new device drivers, new subsystems,
and new build tools that help to support the embedded
developer.
Kris Moore - Building self-contained PBIs from Ports (Automagically)
Source: BSDCan - The Technical BSD Conference
Added: 26 May 2008
Tags: bsdcan, bsdcan2008, slides, pc-bsd, ports, pbi, kris moore
PDF file (120 Kb, 26 pages)
Building self-contained PBIs from Ports (Automagically)
Creating a self-contained application from the ports tree
PC-BSD provides a user-friendly desktop experience,
for experts and casual users alike. PC-BSD is 100%
FreeBSD under the hood, while providing desktop
essentials, such as a graphical installation system,
point-n-click package-management using the PBI
system, and easy to use system management tools;
All integrated into an easy to use K Desktop
Environment (KDE).
The PBI (Push Button Installer) format is the
cornerstone of the PC-BSD desktop, which allows
users to install applications in a self-contained
format, free from dependency problems, and compile
issues that stop most casual users from desktop
adoption. The PBI format also provides power and
flexibility in user interaction, and scripting
support, which allows applications to be fine-tuned
to the best possible user experience.
This talk would go over in some detail our new PBI
building system, which converts a FreeBSD port,
such as FireFox, into a standalone self-contained
PBI installer for PC-BSD desktops.
The presentation will be divided into two main sections:
The Push Button Installer (PBI) Format
- The basics of the PBI format
- The PBI format construction
- Add & Remove scripting support within PBI
Building PBIs from Ports "Auto-magically"
- The PBI build server & standalone software
- Module creation & configuration
- Converting messy ports into PBIs
John Pertalion - An Open Source Enterprise VPN Solution with OpenVPN and OpenBSD
Source: BSDCan - The Technical BSD Conference
Added: 26 May 2008
Tags: bsdcan, bsdcan2008, slides, openbsd, openvpn, john pertalion
PDF file (127 Kb, 26 pages)
An Open Source Enterprise VPN Solution with OpenVPN and OpenBSD
Solving the problem
At Appalachian State University, we utilize an open
source VPN to allow faculty, staff and vendors
secure access to Appalachian State University's
internal network from any location that has an
Internet connection. To implement our virtual private
network project, we needed a secure VPN that is
flexible enough to work with our existing network
registration and LDAP authentication systems, has
simple client installation, is redundant, allows
multiple VPN server instances for special site-to-site
tunnels and unique configurations, and can run on
multiple platforms. Using OpenVPN running on OpenBSD,
we met those requirements and added a distributed
administration system that allows select users to
allow VPN access to specific computers for external
users and vendors without requiring intervention
from our network or security personnel. Our
presentation will start with a quick overview of
OpenVPN and OpenBSD and then detail the specifics
of our VPN implementation.
Dissatisfied with IPSec for road warrior VPN usage
we went looking for a better solution. We had hopped
that we could find a solution that would run on
multiple platforms, was flexible and worked well.
We found OpenVPN and have been pleased. Initially
we ran it on RHEL. We migrated to OpenBSD for pf
functionality and general security concerns. ...and
because we like OpenBSD.
Our presentation will focus on the specifics of our
VPN implementation. We will quickly cover the basics
of OpenVPN and the most used features of OpenBSD.
Moving along we will cover multiple authentication
methods, redundancy, running multiple instances,
integration with our netreg system, how pf has
extended functionality, embedding in appliances,
and client configuration. The system has proven
helpful with providing vendor access where needed
and we'll cover this aspect as well. Time permitting
we will cover current enhancement efforts and future
plans.
OpenVPN has been called the "Swiss army knife" of
VPN solutions. We hope our presentation leaves
participants with that feeling.
Ivan Voras - "finstall" - the new FreeBSD installer
Source: BSDCan - The Technical BSD Conference
Added: 26 May 2008
Tags: bsdcan, bsdcan2008, slides, freebsd, installer, ivan voras
PDF file (1.1 Mb, 39 pages)
"finstall" - the new FreeBSD installer
A graphical installer for FreeBSD
The "finstall" project, sponsored by Google as a
Summer of Code 2007 project, is an attempt to create
a user-friendly graphical installer for FreeBSD,
with enough strong technical features to appeal to
the more professional users. A long term goal for
it is to be a replacement for sysinstall, and as
such should support almost all of the features
present in sysinstall, as well as add support for
new FreeBSD features such as GEOM, ZFS, etc. This
talk will describe the architecture of "finstall"
and focus on its lesser known features such as
remote installation.
"finstall" is funded by Google SoC as a possible
long-term replacement for sysinstall, as a "LiveCD"
with the whole FreeBSD base system on the CD, with
X11 and XFCE4 GUI. In the talk I intend to describe
what I did so far, and what are the future plans
for it. This includes the installer GUI, the backend
(which has the potential to become a generic FreeBSD
configuration backend) and the assorted tools
developed for finstall ("LiveCD" creation scripts).
More information on finstall can be found here:
http://wiki.freebsd.org/finstall.
Poul-Henning Kamp - Measured (almost) does Air Traffic Control
Source: BSDCan - The Technical BSD Conference
Added: 26 May 2008
Tags: bsdcan, bsdcan2008, slides, air traffic control, scada, poul-henning kamp
PDF file (7.7 Mb, 46 pages)
Measured (almost) does Air Traffic Control
Monitoring weird hardware reliably
The new Danish Air Traffic Control system, CASIMO,
prompted the development on a modular and general
software platform for data collection, control and
monitoring of "weird hardware" of all sorts.
The talk will present the "measured" daemon, and
detail some of the uses it has been put to, as an,
admittedly peripheral, component of the ATC system.
Many "SCADA" systems suffer from lack of usable
interfaces for external access to the data. Measured
takes the opposite point of view and makes real-time
situation available, and accepts control instructions
as ASCII text stream over TCP connections. Several
examples of how this can be used will be demonstrated.
Measured will run on any FreeBSD system, but has
not been ported to other UNIX variants yet, and it
is perfect for that "intelligent house" project of
yours.
I believe I gave a WIP presentation of this about
two years ago.
Chris Lattner - BSD licensed C++ compiler
Source: BSDCan - The Technical BSD Conference
Added: 21 May 2008
Tags: bsdcan, bsdcan2008, slides, bsdl, llvm, chris lattner
PDF file (5.8 Mb, 33 pages)
BSD licensed C++ compiler
LLVM is a suite of carefully designed open source
libraries that implement compiler components (like
language front-ends, code generators, aggressive
optimizers, Just-In-Time compiler support, debug
support, link-time optimization, etc.). The goal
of the LLVM project is to build these components
in a way that allows them to be combined together
to create familiar tools (like a C compiler),
interesting new tools (like an OpenGL JIT compiler),
and many other things we haven't thought of yet.
Because LLVM is under continuous development, clients
of these components naturally benefit from improvements
in the libraries.
This talk gives an overview of LLVM's design and
approach to compiler construction, and gives several
example applications. It describes applications of
LLVM technology to llvm-gcc (a C/C++/Objective C
compiler based on the GNU GCC front-end), the OpenGL
stack in Mac OS/X Leopard, and Clang. Among other
things, the Clang+LLVM Compiler provides a fully
BSD-Licensed C and Objective-C compiler (with C++
in development) which compiles code several times
faster than GCC, produces code that is faster than
GCC in many cases, produces better warnings and
error messages, and supports many other applications
(e.g. static analysis and refactoring).
Robert Watson - BSDCan 2008 - Closing
Source: BSDCan - The Technical BSD Conference
Added: 21 May 2008
Tags: bsdcan, bsdcan2008, slides, robert watson
PDF file (428 Kb, 55 pages)
Closing
Beer, prizes, secrets, Works In Progress
The traditional closing...
with some new and interesting twists. Sleep in if
you must, but don't miss this session.
Leslie Hawthorn - Google SoC
Source: BSDCan - The Technical BSD Conference
Added: 21 May 2008
Tags: bsdcan, bsdcan2008, slides, google, summer of code, leslie hawthorn
PDF file (2.2 Mb, 44 pages)
Google SoC
Summer of Code
In this talk, I will briefly discuss some general
ways Google's Open Source Team contributes to the
wider community. The rest of the talk will explore
some highlights of the Google Summer of Code program,
our initiative to get university students involved
in Open Source development.
I will cover the program's inception, lessons learned
over time and tips for success in the program for
both mentors and students. In particular, the talk
will detail some experiences of the *BSD mentoring
organizations involved in the program as a case
study in successfully managing the program from the
Open Source project's perspective. Any Google Summer
of Code participants in the audience are welcome
and encouraged to chime in with their own insights.
Pawel Jakub Dawidek - A closer look at the ZFS file system
Source: BSDCan - The Technical BSD Conference
Added: 21 May 2008
Tags: bsdcan, bsdcan2008, slides, zfs, freebsd, pawel jakub dawidek
PDF file (150 Kb, 33 pages)
A closer look at the ZFS file system
simple administration, transactional semantics, end-to-end data integrity
SUN's ZFS file system became part of FreeBSD on 6th
April 2007. ZFS is a new kind of file system that
provides simple administration, transactional
semantics, end-to-end data integrity, and immense
scalability. ZFS is not an incremental improvement
to existing technology; it is a fundamentally new
approach to data management. We've blown away 20
years of obsolete assumptions, eliminated complexity
at the source, and created a storage system that's
actually a pleasure to use.
ZFS presents a pooled storage model that completely
eliminates the concept of volumes and the associated
problems of partitions, provisioning, wasted bandwidth
and stranded storage. Thousands of file systems can
draw from a common storage pool, each one consuming
only as much space as it actually needs. The combined
I/O bandwidth of all devices in the pool is available
to all filesystems at all times.
All operations are copy-on-write transactions, so
the on-disk state is always valid. There is no need
to fsck(1M) a ZFS file system, ever. Every block
is checksummed to prevent silent data corruption,
and the data is self-healing in replicated (mirrored
or RAID) configurations. If one copy is damaged,
ZFS detects it and uses another copy to repair it.
Rafal Jaworowski - Interfacing embedded FreeBSD with U-Boot
Source: BSDCan - The Technical BSD Conference
Added: 21 May 2008
Tags: bsdcan, bsdcan2008, slides, embedded, freebsd, u-boot, rafal jaworowski
PDF file (300 Kb, 26 pages)
Interfacing embedded FreeBSD with U-Boot
Working with the de facto standard for an initial level boot loader
In the embedded world U-Boot is a de facto standard
for an initial level boot loader (firmware). It
runs on a great number of platforms and architectures,
and is open source.
This talk covers the development work on integrating
FreeBSD with U-Boot-based systems. Starting with
an overview of differences between booting an
all-purpose desktop computer vs. embedded system,
FreeBSD booting concepts are explained along with
requirements for the underlying firmware.
Historical attempts to interface FreeBSD with this
firmware are mentioned and explanation given on why
they failed or proved incomplete. Finally, the
recently developed approach to integrate FreeBSD
and U-Boot is presented, with implementation details
and particular attention on how it's been made
architecture and platform independent, and how
loader(8) has been bound to it.
John Baldwin - Introduction to Debugging the FreeBSD Kernel
Source: BSDCan - The Technical BSD Conference
Added: 21 May 2008
Tags: bsdcan, bsdcan2008, slides, paper, debugging, freebsd, john baldwin
paper, PDF file (121 Kb, 15 pages), slides, PDF file (113 Kb, 26 pages)
Introduction to Debugging the FreeBSD Kernel
Just like every other piece of software, the FreeBSD
kernel has bugs. Debugging a kernel is a bit different
from debugging a userland program as there is nothing
underneath the kernel to provide debugging facilities
such as ptrace() or procfs. This paper will give a
brief overview of some of the tools available for
investigating bugs in the FreeBSD kernel. It will
cover the in-kernel debugger DDB and the external
debugger kgdb which is used to perform post-mortem
analysis on kernel crash dumps.
Introduction to Debugging the FreeBSD Kernel
- Basic crash messages, what a crash looks like
- typical panic() invocation
- page fault example
- "live" debugging with DDB
- stack traces
- ps
- deadlock examples
- show lockchain
- show sleepchain
- Adding new DDB commands
- KGDB
- inspecting processes and threads
- working with kernel modules
- using scripts to extend
- examining crashdumps using utilities
- debugging strategies
- kernel crashes
- system hangs
John Birrell - DTrace for FreeBSD
Source: BSDCan - The Technical BSD Conference
Added: 21 May 2008
Tags: bsdcan, bsdcan2008, slides, dtrace, freebsd, john birrell
PDF file (148 Kb, 49 pages)
DTrace for FreeBSD
What on earth is that system doing?!
DTrace is a comprehensive dynamic tracing facility
originally developed for Solaris that can be used
by administrators and developers on live production
systems to examine the behavior of both user programs
and of the operating system itself. DTrace enables
users to explore their system to understand how it
works, track down performance problems across many
layers of software, or locate the cause of aberrant
behavior. DTrace lets users create their own custom
programs to dynamically instrument the system and
provide immediate, concise answers to arbitrary
questions you can formulate using the DTrace D
programming language.
This talk discusses the port of the DTrace facility
to FreeBSD and demonstrates examples on a live
FreeBSD system.
- Introduction to the D language - probes, predicates and actions.
- dtrace(8) and libdtrace - the userland side of the DTrace story.
- The DTrace kernel module, it's ioctl interface to userland and the provider infrastructure in the kernel.
- DTrace kernel hooks and the problem of code licensed under Sun's CDDL.
- What does a DTrace probe actually do?
- DTrace safety and how it is implemented.
- Build system changes to add CTF (Compact C Type Format) data to objects, shared libraries and executables.
- The DTrace test suite.
- A brief list of things to do to port the DTrace facility to other BSD-derived operating systems.
Matthieu Herrb - X.org
Source: BSDCan - The Technical BSD Conference
Added: 21 May 2008
Tags: bsdcan, bsdcan2008, slides, x.org, matthieu herrb
PDF file (1.6 Mb, 30 pages)
X.org
upcoming plans
The X.Org project provides an open source implementation
of the X Window System. The development work is
being done in conjunction with the freedesktop.org
community. The X.Org Foundation is the educational
non-profit corporation whose Board serves this
effort, and whose Members lead this work.
The X window system has been changing a lot in the
recent years, and still changing. This talk will
present this evolution, summarizing what has already
been done and showing the current roadmap for future
evolutions, with some focus on how *BSD kernels can
be affected by the developments done with Linux as
the primary target.
Adrian Chad - What Not To Do When Writing Network Applications
Source: BSDCan - The Technical BSD Conference
Added: 21 May 2008
Tags: bsdcan, bsdcan2008, slides, network applications, adrian chad
PDF file (190 Kb, 73 pages)
What Not To Do When Writing Network Applications
The lessons learnt working with not-so-high-performance network applications
This talk will look at issues which face the modern
network application developer, from the point of
view of poorly-designed examples. This will cover
internal code structure and dataflow, interaction
with the TCP stack, IO scheduling in high and low
latency environments and high-availability
considerations. In essence, this presentation should
be seen as a checklist of what not to do when writing
network applications.
Plenty of examples of well designed network
applications exist in the open and closed source
world today. Unfortunately there are just as many
examples of fast network applications as there are
"fast but workload specific"; sometimes failing
miserably in handling the general case. This may
be due to explicit design (eg Varnish) but many are
simply due to the designer not fully appreciating
the wide variance in "networks" - and their network
application degrades ungracefully when under duress.
My aim in this presentation is to touch on a wide
number of issues which face network application
programmers - most of which seem not "application
related" to the newcomer - such as including
pipelining into network communication, managing a
balance between accepting new requests and servicing
existing requests, or providing back-pressure to a
L4 loadbalancer in case of traffic bursts. Various
schemes for working with these issues will be
presented, and hopefully participants will walk
away with more of an understanding about how the
network, application and operating systems interact.
Brooks Davis - Using FreeBSD to Promote Open Source Development Methods
Source: BSDCan - The Technical BSD Conference
Added: 21 May 2008
Tags: bsdcan, bsdcan2008, abstract, software development, brooks davis
PDF file (1 Mb, 33 pages), PDF file (72 Kb, 2 pages)
Using FreeBSD to Promote Open Source Development Methods
In this talk we present Aerosource, an initiative
to bring Open Source Software development methods
to internal software developers at The Aerospace
Corporation.
Within Aerosource, FreeBSD is used in several key
roles. First, we run most of our tools on top of
FreeBSD. Second, the ports collection (both official
ports and custom internal ones) eases our administrative
burden. Third, the FreeBSD project serves as an
example and role model for the results that can be
achieved by an Open Source Software projects. We
discuss the development infrastructure we have built
for Aerosource based largely on BSD licensed software
including FreeBSD, PostgreSQL, Apache, and Trac.
We will also discuss our custom management tools
including our system for managing our custom internal
ports. Finally, we will cover our development
successes and how we use projects like FreeBSD as
exemplars of OSS development.
Randall Stewart - SCTP what it is and how to use it
Source: BSDCan - The Technical BSD Conference
Added: 21 May 2008
Tags: bsdcan, bsdcan2008, abstract, freebsd, sctp, randall stewart
PDF file (130 Kb, 10 pages)
SCTP - SCTP what it is and how to use it
This talk will introduce the attendee into the
interesting world of SCTP.
We will first discuss the new and different features
that SCTP (a new transport in FreeBSD 7.0) provide
to the user. Then we will shift gears and discuss
the extended socket API that is available to SCTP
users and will cover such items as:
- The two socket programming models
- Extended system calls that support the SCTP feature set.
- What model may fit you best
Rafal Jaworowski - Porting FreeBSD/ARM to Marvell Orion System-On-Chip
Source: BSDCan - The Technical BSD Conference
Added: 21 May 2008
Tags: bsdcan, bsdcan2008, slides, freebsd, arm, marvell orion, rafal jaworowski
PDF file (193 Kb, 25 pages)
Porting FreeBSD/ARM to Marvell Orion System-On-Chip
This talk covers the development work on porting
the FreeBSD/ARM to Marvell Orion family of highly
integrated chips.
ARM architecture is widely adopted in the embedded
devices, and since the architecture can be licensed,
many implementation variations exist: Orion is a
derivative compliant with the ARMv5TE definition,
it provides a rich set of on-chip peripherals.
Present state of the FreeBSD support for ARM is
explained, areas for improvement highlighted and
its overall shape and condition presented.
The main discussion covers scope of the Orion port
(what integrated peripherals required new development,
what was adapted from existing code base); design
decisions are explained for the most critical items,
and implementation details revealed.
Summary notes are given on general porting methodology,
debugging techniques and difficulties encountered
during such undertaking.
Dan Langille - BSDCan 2008 - Opening session
Source: BSDCan - The Technical BSD Conference
Added: 21 May 2008
Tags: bsdcan, bsdcan2008, slides, dan langille
PDF file (500 Kb, 17 pages)
Opening session
Welcome to BSDCan 2008
Traditional greetings
The FreeBSD Security Officer function
Source: BSDCan - The Technical BSD Conference
Added: 20 May 2007
Tags: bsdcan, bsdcan2007, pdf, freebsd, security officer, simon l nielsen
PDF version (252 Kb, 29 pages)
"FreeBSD Security Officer function" at BSDCAN 2007 by Simon L. Nielsen (FreeBSD Deputy Security Officer)
FreeBSD Portsnap
Source: BSDCan - The Technical BSD Conference
Added: 20 May 2007
Tags: bsdcan, bsdcan2007, pdf, portsnap, freebsd, colin percival
PDF version (1.3 Mb, 88 pages)
"FreeBSD Portsnap -
What (it is), Why (it was written), and How (it works)"
by Colin Percival (cperciva@FreeBSD.org)
(Note: use ^L to get back in non-fullscreen mode)
BSDConTR 2007 - Presentations
Source: BSDConTR - Turkish Conference on BSD Systems
Added: 31 October 2007
Tags: bsdcontr, bsdcontr2007, pdf, freebsd 7.0, freebsd, kris kennaway
PDF version (336 Kb, 37 pages)
Introducing FreeBSD 7.0
Server deployment in mass-hosting environment using FreeBSD Ports system by Stanislav Sedov (in russian)
Source: Hostobzor, the Russian conference of hosting provider
Added: 24 November 2008
Tags: hostobzor, hostobzor12, freebsd, ports, stanislav sedov, russian
PDF version (470 Kb, 30 pages), PDF version (61 Kb, 5 pages)
Recently I have been attending Hostobzor 12th, the
Russian conference of hosting providers, beeing
held at Raivola hotel near St. Petersburg. The event
was great as always thanks to organizers. There was
a number of intersting talks given, a lot of
interesting discussions held, and, what I appreciate
better, a lot of new people with great ideas met.
I gave a talk on using the FreeBSD Ports system to
mange a large-scale virtual hosting installations
based on Hosting Telesystems experience. I tried
to describe in detail how we use the ports collection
to deploy a large number of servers diverced by
architecture and OS versions, how we build packages
and distribute them among servers, talked about how
we use Mercurial VCS to incrementally merge upstream
changes into our modified ports collection and
FreeBSD src trees. Hopefully, I've not screwed it
much... At least, some people was interested a lot
and asked interesting questions.
Welcome - Cambridge University FreeBSD DevSummit - Robert Watson
Source: FreeBSD Developer Summit - Cambridge
Added: 25 August 2008
Tags: devsummit2008, devsummit, pdf, freebsd, robert watson
PDF version (264 Kb, 12 pages)
Welcome by Robert Watson
variant Symlinks - Brooks Davis
Source: FreeBSD Developer Summit - Cambridge
Added: 25 August 2008
Tags: devsummit2008, devsummit, pdf, freebsd, variant symlinks, brooks davis
PDF version (213 Kb, 15 pages)
Variant Symlinks by Brooks Davis
Van FreeBSD Documentatie projectleider tot FreeBSD Developer - Remko Lodder
Source: Nederlandse Linux Gebruikers Group
Added: 31 December 2008
Tags: nllgg, freebsd, documentation, nederlands, remko lodder
PDF version (594 Kb, 24 pages)
In 2004 ben ik begonnen met het FreeBSD Dutch
Documentation Project, een project dat inmiddels
bijna het complete handboek vertaald heeft. Sinds
die tijd zijn er vele wegen geweest die ik behandeld
heb, van documentatie projectleider naar Security
Team-lid tot aan FreeBSD Developer.
Remko Lodder is momenteel 25 jaar en werkt als Unix
Engineer voor het bedrijf Snow B.V. waar hij zich
momenteel met name bezig houd met security (firewalls
etc). Hij is sinds 2004 lid van het FreeBSD Development
team en is momenteel 1 van de meest actieve developers
binnen het team.
Een historisch overzicht van BSD - Hans van de Looy
Source: Nederlandse Linux Gebruikers Group
Added: 31 December 2008
Tags: nllgg, bsd, history, hans van de looy
PDF version (5767 Kb, 38 pages)
Hans zal een historisch overzicht geven van het
ontstaan van *BSD vanaf de oorsprong van UNIX tot
aan de nu bekende *BSD varianten. Hij zal daarbij
met name ingaan wat de oorsprong en het ontstaan
van een aantal *BSD-projecten zijn. Hierbij zal hij
zeer kort ingaan op de verschillende licentieproblemen
die we in het verleden gezien hebben en worden een
aantal bekende personen en data weer eens even op
de kaart geplaatst.
Hans van de Looy is oprichter van Madison Gurkha. Een bedrijf
dat gespecialiseerd is op het gebied van het uitvoeren
van technische ICT-beveiligingsonderzoeken, in de
media ook wel aangeduid met Etisch Hacken. Tijdens
dergelijke onderzoeken maakt hij ook regelmatig
gebruik van op BSD* gebaseerde systemen.
FreeBSD Google Summer of Code posters
Source: FreeBSD Google Summer of Code
Added: 22 March 2009
Tags: freebsd, google, summer of code
PDF version (815 Kb, 1 page), PNG version (1.1 Mb, 2480 x 3507 pixels)
Two posters usable for the announcement of the
participation of the FreeBSD Project in the Google
Summer of Code.
PmcTools talk at the Bangalore chapter of the ACM
Source: Joseph Koshy
Added: 24 May 2009
Tags: freebsd, presentation, freebsd, pmctools, joseph koshy
PDF version (550 Kb, 48 pages)
In April 2009 I was invited to speak on FreeBSD/PmcTools
by the Bangalore chapter of the ACM.
This was an overview talk. The talk briefly touched
upon: the motivations and goals of the project, the
programming APIs, some aspects of the implementation
and on possible future work.
|
|