Day 1 (March 14, 2013) - Tutorials and Small Meetings I

Please note that Day 1 is for tutorials and meetings only. No exhibition and no paper session for unregistered attendees to them.

Day 2 (March 15, 2013) - Tutorials and Small Meetings II

Please note that Day 2 is for tutorials and meetings only. No exhibition and no paper session for unregistered attendees to them.

Day 3 (March 16, 2013) - Paper Session I

Day 4 (March 17, 2013) - Paper Session II

Keynote

K1: 64bit SMP NetBSD OS Porting for TILE-Gx VLIW Many-Core Processor

Abstract:

TILE-Gx is the 64bit 3 way VLIW many-core processor family which has scalable multiple CPU configurations ranging from 9 to 100 core inside. The processor is constructed on a unique on-chip switch network named iMesh technology. The switch network is programmable inter-connect to make computing core tightly coupled each other. iMesh works as the basis of chip-wide cache coherency. iMesh programmability can make dynamic CPU partitioning possible. TILE-Gx processor features 4-level protection and offers a Hypervisor to host guest OS'es running simultaneously on CPU groups. During the process of the porting of NetBSD to TileGX 36, the team has learned and exploited SMP ready NetBSD kernel internal which could make porting burdens much less than anticipated. In his presentation the author first summarizes the distinct architectural designs of TILE-Gx VLIW many-core processor and then describes lessons learned by 64bit NetBSD porting. Ample number of processing cores allows NetBSD kernel assign CPU groups to OS subsystems like disk IO and GbE/10G network device drivers. Some of future applications by TILE-Gx NetBSD will be mentioned as the conclusion.

Speaker:

Toru Nishimura is a long time UNIX engineer since 1984. During late '80s he made contributions for Japanese UUCP network named JUNET. After completing some work as a software contractor for a US west coast company in mid '90s, he became a NetBSD developer at 1997. Since then he has been engaging in NetBSD OS porting and other software developments. His expertise covers the rise of RISC processor technologies and evolutions from the age of early MIPS and then through Alpha, PowerPC and ARM. In the year 2012, he joined Sanctum Networks and got engaged on an engineering project to port NetBSD for new hardware platforms and now pursing the lucrative many-core applications for the compute-intensity markets like SDN, VLDB search engine and HPC.

Tutorials

T1: FreeBSD Storage Options

Abstract:

FreeBSD offers many different ways to organize storage space. Which configuration to choose is not always a trivial task unless you do this frequently.

This tutorial gives an in-depth overview of filesystems, partition managers, raid modules, encryption layers, network storage options and boot loaders. After this overview real world configurations will be explained so attendees will leave this tutorial with enough information to make sensible decisions for installing the next system.

Here's the preliminary outline of this tutorial:

1. Brief history of UNIX filesystems
2. Partitioning the UNIX way, why and how
3. Partitioning in the PC world: MBR, EBR
4. Traditional FreeBSD partitioning
5. Limits imposed by legacy partitioning schemes
6. Modern partitioning: GPT and PMBR
7. The original UNIX filesystem
8. Improvements: SYSV, FFS/UFS, soft-updates, journalling
9. What others did: Ext[234]fs, XFS, Reiserfs
10. Designed from scratch, the last word is ZFS
11. Bootstrapping your system, multi-stage bootloaders
12. Mixing and matching technologies with the GEOM framework
13. Overview of the most important GEOM classes
14. High availability: HAST
15. SAN solutions: iSCSI
16. Installer capabilities: sysinstall, BSDinstall, PC-BSD installer
17. Planning your FreeBSD installation
18. Real world examples: laptop, desktop, small server, big server

Target Audience:

Basic knowledge of (UNIX-like) operating system is assumed, having installed such a system one or more times is preferred.

Instructor:

Paul Schenkeveld started programming computers while at high school when very few students had ever seen a computer. After finishing high school he decided to find a job as few people knew computers and demand was high. He first met UNIX in 1983 and immediately knew this was the OS to work with. After five jobs programming and supporting computers he became an independent consultant for UNIX, IP networking and security.

Having worked with many commercial UNIX versions during ten years, he found FreeBSD which he first installed when version 1.0 came out to be much more fun to play with. Today, he spends most of his time on projects involving (Free)BSD and, networking and security.

In the last three decades Paul has installed thousands of computers ranging from very small embedded systems to laptops, desktops and small and big servers. He knows like no other about the importance of choosing the right storage layout before starting the installation of a system.

Paul likes travelling, is active in Scouting and loves the food his Thai wife cookes for him and their son.

T2: Nobody Ever Regretted Making a Backup

Abstract:

Nobody ever got famous writing backup software, yet backups form one of the fundamental basics of system administraction. There are many solutions to this simple problem:

• do nothing
• ad hoc solutions
• open source packages
• commercial packages

Not only is it important to backup data securely and reliably, you need to be able to restore the data. You need to know what was backed up, from what system, when, and where is that backup now.

In the past decade, Bacula has been gaining ground on more established solutions, both open source and proprietary. This talk will introduce you to Bacula, show you the main components, give you an outline of how it works, and illustrate why Bacula is becoming so widespread.

In this tutorial, you will learn the basics of Bacula, a leading open source backup solution. As a Bacula developer, Dan has some unique insights into the use and deployment of Bacula. An avid user since 2004, he has used Bacula for his own networks and in commercial settings.

Topic to cover will include:

• overview of Bacula: client, storage, director
• Jobs
• Schedules
• Catalogs
• Pools
• FileSets
• console commands
• the various retention settings and how they affect your catalog
• which database is best for use with Bacula
• the difference between a Bacula volume and a disk volume
• running a job
• restoring a job
• automatic pruning
• recycling of Volumes
• using tape libraries
• copy/migrate jobs from one media to another
• spooling

Instructor:

Dan Langille has been using FreeBSD since 1998 and almost immediately he started documenting his experiences. This online journal eventually became The FreeBSD Diary. Along the way, he founded a couple of conferences and created a few other websites. He is very good at describing the step-by-step procedures to perform a wide variety of tasks, from changing your prompt to creating and maintaining jails.

T3: Kerberos Authentication Basics (in Japanese)

Abstract:

Kerberos is a well-known authentication service which can be used in heterogeneous systems including UNIX-like OSs and Windows. In this tutorial, the attendees will learn basics of authentication and authorization, typical configurations and their pros and cons, and configuration of Kerberos by using a FreeBSD system as KDC. Other related implementations about authentication/authorization such as PAM and directory services like NIS and LDAP will also be explained.

Target Audience:

Basic knowledge of system administration of UNIX-like OSs is required.

Instructor:

Hiroki Sato is an assistant professor at Tokyo Institute of Technology. He joined FreeBSD Project as a committer since 2000, and has been working as a member of Documentation Engineering Team, Release Engineering Team, and FreeBSD Core Team, and also working as a director at FreeBSD Foundation. He also joined the NetBSD Foundation in 2003. His primary research areas are integrated circuit design, signal processing, and computer architecture.

T4: Bootstrap Puppet master using FreeBSD

Objective:

Jumpstart a system administrator to use Puppet as configuration management tool, on FreeBSD.

Abstract:

This tutorial (with lab exercise) is based on my article in BSD Magazine issue 01/2012 (FreeBSD: Get Up-To-Date) and talk in EuroBSDCon 2012 (Config Management in FreeBSD using Puppet). Attendees are expected to walk out of this tutorial with knowledge of bootstrapping Puppet on FreeBSD for server deployment/management. The following are the topics that will be covered:

• Puppet Master
  • installation & configuration
  • writing manifest
    • port installation
    • files (configuration files or any file)
    • service start/stop/restart
    • cron jobs
  • reusable class
  • parameterized class
  • create file & delete files
• using templates
  • introduction
  • syntax
  • writing templates
  • hook up with manifest
• Puppet Client
  • installation & configuration
• Lab Exercise
  • setup essential services, tools & applications
    • port installation
    • ssh
    • customizations files, e.g. vimrc, bashrc & others
    • cron jobs
  • deploy servers
    • NTPd (ISC) server
    • WWW (nginx) server
    • database (mysql) server
• Both Puppet Master & Client
  • troubleshooting
  • moving on
    • documentation
    • resource relationship/dependency
    • some other interesting areas of Puppet

Target audience:

System administrator & developers with a bunch (more then 3) of servers on hand to deal with:

• managing configuration
• disaster recovery
• server deployment

Pre-requisite:

Attendees should be at least comfortable bringing up a FreeBSD server with network connectivity. He/She should also familiar with ports installation, basic rc operations and using a text editor.

Instructor:

Edward Tan is a system administrator managing servers using Puppet. His favorite operating system is FreeBSD. Most of his free time, he plays around FreeBSD or trying to give something back to the FreeBSD community. The rest of the time, he note down his learning at http://psybermonkey.net.

Meetings

M1: FreeBSD Developer Summit (invited only)

Chair:

TBA

M2: *BSD Vendor Summit (invited only)

Chair:

TBA

Papers

P1A: FreeNAS Plugins (everything you ever wanted to know)

Abstract:

When FreeNAS entered the 8.x series, many people were not happy that functionality that previously existed was no longer included. Such functionality was mainly multimedia focused and targeted at the home user. Services such as bittorent, DLNA and iTunes media services are the primary examples. Beginning with FreeNAS 8.2.0, a plugin architecture was introduced. This architecture allows FreeNAS systems to be extended in any way that the user sees fit. The purpose of this session will be to describe the technical details of how the architecture works so that plugin authors have the knowledge to create new plugins. As a working example, the transmission bittorrent client plugin will be reviewed.

Author:

John Hixson is a BSD geek that resides in California. He has been using open source software and operating systems since the middle 90's. He has worked as both an engineer and systems administrator during the course of his technical career. His employment with iXsystems keeps him busy with FreeBSD, PC-BSD and FreeNAS. John enjoys working on anything that is challenging and requires new knowledge to be obtained. In his spare time, he likes to read, cook, spend time with his family and play with new technical gadgets.

P1B: OpenIKED

Abstract:

This talk introduces the OpenIKED project, the latest portable subproject of OpenBSD. OpenIKED is a FREE implementation of the most advanced Internet security "Internet Key Exchange version 2 (IKEv2)" Virtual Private Network (VPN) protocol using the strongest security, authentication and encryption techniques. The project was born in need of a modern Internet Protocol Security (IPsec) implementation for OpenBSD, but also for interoperability with the integrated IKEv2 client since Windows 7 and to provide a compliant solution for the US Government IPv6 (USGv6) standard. The project is still under active development; it was started by Reyk Floeter as "iked" for OpenBSD in 2010 but ported to other platforms including Linux, FreeBSD and NetBSD in late 2012 using the "OpenIKED" project name.

Author:

Reyk Floeter works as a freelance consultant and software developer with a focus on OpenBSD, networking, and security. He lives in Hannover, Germany, but works with international cus- tomers like Internet Initiative Japan Inc. (IIJ) in Tokyo. As a member of the OpenBSD project, he contributed various features, fixes, networking drivers and daemons since 2004, like OpenBSD's ath, trunk, vic, hostapd, relayd, snmpd, and iked. For more than nine years and until mid-2011, he was the CTO & Co-Founder of .vantronix where he gained experience in building, selling and deploying enterprise-class network security appliances based on OpenBSD.

P2A: MCLinker - the final toolchain frontier

Abstract:

The development of LLVM and Clang provided a working C/C++ compiler and assembler for the major platforms like X86 and ARM. While work on the various smaller programs from GNU binutils has been seen, no linker appeared. This talk introduces MCLinker, a new cross-platform linker for ELF systems like the BSD and Android. The architecture of the project is shown and the current status on NetBSD and FreeBSD is illustrated.

Author:

Joerg Sonnenberger is studying mathematics and working as contract developer for German federal agencies. He is an active NetBSD and pkgsrc developer. Recently, his focus has been on support of LLVM and Clang for NetBSD and the associated library stack.

P2B: NPF in NetBSD 6

Abstract:

NPF has been released with NetBSD 6.0 as an experimental packet filter, and thus has started to see actual use. While it is going to take a few more cycles before it is fully "production ready", the exposure to users has given it a strong push to useability, and keeps finding small gaps. Fixing these will help to evolve it from a theoretical well-designed framework to a practical packet filtering choice. The talk will cover distinguishing features of NPF design, give an overview of NPFs current practical capabilities, ongoing development, and will attempt to entice more people to try out NPF and give feedback.

Author:

Mindaugas Rasiukevicius is a member of the NetBSD project since 2007, focusing on kernel development, such areas as threading, virtual memory, synchronisation, IPC and various others. He has a particular interest in multi-threading, high performance and real-time computing. He currently has a consulting company, Nox Technologies Ltd.

S.P.Zeidler is an ex-astrophysicist who has been working as a system administrator for the past 18 years, 12 of these for ISPs. Her private server is still an Amiga 3000 which got NetBSD 1.0 in May 1994, and has been running NetBSD ever since (the reader is advised to adjust expectations of sanity accordingly). She joined TNF as a sysadmin in 2004 to repay some of the project's work and since added roles in pkgsrc-releng and security-team, and is currently serving as a member of the board of TNF. Her interests are Internet services and making sure IPv6 support doesn't bitrot.

P3A: Automating the deployment of FreeBSD & PC-BSD? systems

Abstract:

In PC-BSD 9.x every installation is fully-scripted, due to the the pc-sysinstall backend. This backend can also be used to quickly automate the deployment of FreeBSD servers and PC-BSD desktops using a PXE boot environment. In PC-BSD & TrueOS? 9.1 and higher, this functionality is easy to setup and deploy using the "pc-thinclient" utility. This utility handles the initial setup of PXE on the host system, and provides a framework to manage client installation configurations.

Author:

Kris Moore is the founder and lead developer of the most popular BSD based desktop, PC-BSD. He has authored several unique tools for the desktop, including the PBI package management format, and the Warden, a BSD Jails management utility. He resides in the Knoxville area of East Tennessee with his wife and 4 children.

P3B: Perfect(ing) hashing in NetBSD

Abstract:

Hash tables are one of the fundamental data structures used in the different parts of the Operating System from on-disk databases to directory caches in the kernel. To provide the desired performance characteristics, it is crucial to keep the collision rates minimal. If the construction of the hash table guarantees that, it is a Perfect Hash Table. This talk gives a short introduction in the algorithms developed in the last 20 years for this topic. It looks at the uses in NetBSD 6 like nbperf(1) and the constant database cdb(5) as well as work-in-progress for routing and firewalling.

Author:

Joerg Sonnenberger is studying mathematics and working as contract developer for German federal agencies. He is an active NetBSD and pkgsrc developer. Recently, his focus has been on support of LLVM and Clang for NetBSD and the associated library stack.

P4A: Hands-on bhyve, the BSD Hypervisor

Abstract:

Now that bhyve, the BSD Hypervisor has been imported into the FreeBSD 10-CURRENT development mainline, users and developers can easily begin testing this exciting technology that promises to have the same impact on FreeBSD that jails made in 2000. This talk will take you through the history, architecture and features of bhyve and demonstrate its capabilities.

These features include:

• Disk image, zvol and iSCSI guest booting
• Multiversion FreeBSD guest support
• High-performance guest execution
• Appliance deployment such as FreeNAS

Author:

Michael Dexter has used BSD Unix systems since 1991 and wrote his first FreeBSD jail management system in 2005. Dissatisfied with existing multiplicity solutions, he has sponsored the sysjail and mult multiplicity research projects and took his BSD support public with the formation of BSD Fund in 2007. Michael is now the Editor of Call For Testing, a BSD technical journal and lives with his wife, daughter and son in Portland, Oregon.

P4B: OpenSMTPD: We deliver!

Abstract:

In this paper we present the OpenSMTPD daemon: a simple, modern and portable mail server implemented using privilege-separation and messaging passing. Among different features, it comes with a notably simple configuration file format, and it offers very powerful deployment options.

We describe the internal organisation of the daemon in different processes with very specific roles. We examine the workflows for the main server tasks: enqueueing mails from external sources, delivering to the local users, relaying to external host and generating bounces. Finally, we discuss the server modularity, especially the table and backend APIs.

Author:

Eric Faurot received a Ph.D. in Computer Science from the University of Caen, France. He is currently working as an R&D. Software Engineer for a telecom company.

He has been using OpenBSD for many years and started contributing as a developer in 2007. He is one of the lead developers for the OpenSMTPD project, and he has been very busy with it for the past year.

P5A: Implements BIOS emulation support for BHyVe: A BSD Hypervisor

Abstract:

TBD

Author:

Takuya ASADA

P5B: Using BGP for Realtime import and export of OpenBSD SPAMD entries

Abstract:

In the battle against SPAM, many mail server admins collect and distribute IP addresses of systems that sent them SPAM. However, distribution of these lists are traditionally limited to 2 methods. #1 is periodically downloading this list from a source, usually a web server often causing massive load and slowness at the top of the hour. #2 is a real-time lookup against an external provider (such as dns-rbls) so your response time is dependent on how fast they respond or timeout.

This talk suggests and discusses a 3rd solution: using BGP to distribute the IP addresses in a real-time manner.

Author:

Peter Hessler is 32 and lives in Zurich Switzerland. Originally from San Francisco he has an interest in how things work. He moved to Germany in 2008 and then to Switzerland in 2013. In his spare time, Peter enjoys drinking beer and bad puns.

P6A: Calloutng: a new infrastructure for timer facilities in the FreeBSD kernel

Abstract:

In BSD kernels, timers are provided by the callout facility, which allows to register a function with an argument to be called at specified future time. The current design of this subsystem suffer of some problems, such as the impossibility of handling high-resolution events or its inherent periodic structure, which may lead to spurious wakeups and higher power consumptions. Some consumers, such as high-speed networking, VoIP and other real-time applications need a better precision than the one currently allowed. Also, especially with the ubiquity of laptops in the last years, the energy wasted by interrupts waking CPUs from sleep may be a sensitive factor. In this paper we present new design and implementation of the callout facility, which tries to address those long standing issues, proposing also a new program- ming interfaces to take advantage of the new features.

Author:

Davide Italiano has a degree in Computer Engineering and is an active FreeBSD developer. His main interest is kernel programming. Recently he worked worked on a redesign of the callout(9) facility, supported by the Google Summer of Code program.

Alexander Motin

P6B: OpenBSD relayd

Abstract:

relayd first appeared in OpenBSD 4.1, formerly called hoststated, to provide a service that helps Server Load Balancing (SLB) with OpenBSD's PF. It was written by Pierre-Yves Ritschard and Reyk Floeter. The daemon initially provided health checking capabilities of monitored backend servers and the ability to dynamically load PF tables and "rdr" L3-redirections based on the configuration and active hosts. It has been extended with support for L7-relaying of various protocols including TCP, UDP, HTTP, DNS, and SSL with optional transparent proxying capabilities and evolved into an Application Level Gateway (ALG). This talk introduces some of the latest enhancements, including the redesigned filtering subsystem for relays, socket splicing support for enhanced performance, integrated SSL interception or "SSL Man-in-the-middle (MITM)" support, and the new suite of regression tests.

Author:

Reyk Floeter works as a freelance consultant and software developer with a focus on OpenBSD, networking, and security. He lives in Hannover, Germany, but works with international cus- tomers like Internet Initiative Japan Inc. (IIJ) in Tokyo. As a member of the OpenBSD project, he contributed various features, fixes, networking drivers and daemons since 2004, like OpenBSD's ath, trunk, vic, hostapd, relayd, snmpd, and iked. For more than nine years and until mid-2011, he was the CTO & Co-Founder of .vantronix where he gained experience in building, selling and deploying enterprise-class network security appliances based on OpenBSD.

P7A: SCTP in Go

Abstract:

The author describes their successful attempt to combine two relatively new technologies: Stream Control Transmission Protocol (SCTP) and the programming language Go, achieved by extending the existing Go network library with SCTP.

SCTP is a reliable, message-oriented transport layer protocol, similar to TCP and UDP. It offers sequenced delivery of messages over multiple streams, network fault tolerance via multihoming support, resistance against flooding and masquerade attacks and congestion avoidance procedures. It has improvements over wider-established network technologies and is gradually gaining traction in the telecom and Internet industries.

Go is an open source, concurrent, statically typed, compiled and garbage-collected language, developed by Google Inc. Go's main design goals are simplicity and ease of use and it has a syntax broadly similar to C. Go has good support for networked and multicore computing and as a system language is often used for networked applications, however it doesn't yet support SCTP.

By combining SCTP and Go, software engineers can exploit the advantages of both technologies. The implementation of SCTP extending the Go network library was done on FreeBSD and Mac OS X - the two operating systems that contain the most up to date implementation of the SCTP specification.

Author:

Olivier Van Acker is a software engineer and architect with over fifteen years of IT experience, ten of which were spent in the broadcast industry, starting as a broadcast engineer building broadcast vans specifically tailored for live video streaming and broadcasting major festivals in northern Europe. He worked as a software engineer and architect on several IPTV projects, including the BBC iPlayer project, a huge on-demand video application with millions of users daily. Recently he moved into game development and is now heading the technical team at Mind Candy the creator of Moshi Monsters, a fun online world where kids can adopt their very own monster, go on adventures, play games, solve puzzles, be creative, and communicate with their friends. He has a MSc in Computer Science from Birkbeck University, London.

P7B: the surprising complexity of checksums in TCP/IP

Abstract:

TCP and IP have well known and well understood checksum mechanisms. The actual checksum math is easy and, from a performance standpoint, so cheap that it can be considered free. In the process of improving the use of hardware checksum offloading engines, recalculating the IP checksum has been found to be essentialy free. However, that is not the case for the TCP and UDP checksums, which was partially expected. On further inspection a surprising complexity in dealing with the protocol checksums has been found. We'll look at how these checksums are calculated, where the complexity comes from, how an ancient BSD performance hack made it into hardware offloading engines, the stack interaction and issues with hardware offloading engines.

Author:

Henning Brauer is 34 and lives in Hamburg, Germany. He is running the Internet Service Provider "BS Web Services" there, and has done so for about 15 years. He joined OpenBSD in 2002 and has been working on many things, most network related, since. He started OpenBGPD and OpenNTPD, the framework he has written for bgpd is used by almost all newer daemons in OpenBSD. He has been working on the OpenBSD packet filter, pf, from the beginning and has architected and written a very large fraction of today's pf. Whe he's not hacking you can find him mountain biking, traveling and hiking or in one of the many bars in his neighborhood with his friends, enjoying brewer's art and often playing tabletop soccer.