The Technical BSD Conference University of Ottawa Ottawa 2010-05-11 2010-05-15 5 Final Release 09:00 00:30 09:00 03:00 DMS 1110 Tutorial workshop All of the BSDs have had rich support for version 6 of the Internet Protocols from the very beginning of the work to specify a new set of network layer protocols for the Internet. While many references exist for engineers interested in version 4 of the IP protocols, to date, very little has been published describing the newer code. This tutorial will present an in depth discussion and code walk through of version 6 of the IP protocols, describing and dissecting the paths that packets take from the driver layer up to the socket layer of the network stack. All of the BSDs have had rich support for version 6 of the Internet Protocols from the very beginning of the work to specify a new set of network layer protocols for the Internet. While many references exist for engineers interested in version 4 of the IP protocols, to date, very little has been published describing the newer code. This tutorial will present an in depth discussion and code walk through of version 6 of the IP protocols, describing and dissecting the paths that packets take from the driver layer up to the socket layer of the network stack. The tutorial will follow the four paths packets travel through the network stack: reception, transmission, forwarding, and error. Outline: 1) Introduction An introduction to IPv6, including new terms and addressing modes as well as a brief overview of common structures seen in the BSD IPv6 stack. 2) Packet Reception A code walk through of packet reception including how and where packets might be diverted or modified in flight. 3) Packet Transmission Starting from the socket layer we will trace packets as they leave the system, showing all the major subsystems that are dealt with as packets are sent from a user program to the network. Differences in how transport layer protocols, such as TCP and UDP, interact with IPv6 will be highlighted. 4) Packet Forwarding A key component of BSD network stacks is their ability to forward packets. At this point in the deployment of IPv6 there are still many networks that use off the shelf hardware, rather than high end routers, to create IPv6 networks and understanding how forwarding is achieved in the stack is important for proper performance tuning. 5) Error Handling How and where do errors occur and get reported in the stack. In order to diagnose issues with IPv6 networks it is necessary to know where the errors are occurring and what they mean. Differences between the errors seen in IPv4 and IPv6 will be highlighted in this section. George Neville-Neil 13:00 03:00 DMS 1110 The OpenBSD packet filter Tutorial workshop en Building the network you need is the central theme for any network admin. This tutorial is for aspiring or seasoned network professionals with at least a basic knowledge of networking in general and TCP/IP particular. The session aims at teaching tools and techniques to make sure you build your network to work the way it's supposed to, keeping you in charge. Central to the toolbox is the OpenBSD PF packet filter, supplemented with tools that interact with it. Whether you are a greybeard looking for ways to optimize your setups or a greenhorn just starting out, this session will give you valuable insight into the inner life of your network and provide pointers to how to use that knowledge to build the network you need. The session will provide updates on the new pf syntax and features introduced in OpenBSD 4.7, the most recent version of PF and OpenBSD. The tutorial is loosely based on Hansteen's book, /The Book of PF/ (No Starch Press), whose second edition should be available soon after BSDCan 2010. Building the network you need is the central theme for any network admin. This tutorial is for aspiring or seasoned network professionals with at least a basic knowledge of networking in general and TCP/IP particular. The session aims at teaching tools and techniques to make sure you build your network to work the way it's supposed to, keeping you in charge. Central to the toolbox is the OpenBSD PF packet filter, supplemented with tools that interact with it. Whether you are a greybeard looking for ways to optimize your setups or a greenhorn just starting out, this session will give you valuable insight into the inner life of your network and provide pointers to how to use that knowledge to build the network you need. The session will provide updates on the new pf syntax and features introduced in OpenBSD 4.7, the most recent version of PF and OpenBSD. The tutorial is loosely based on Hansteen's book, /The Book of PF/ (No Starch Press), whose second edition should be available soon after BSDCan 2010 Peter Hansteen full text of a short version of the tutorial The Book of pf That Grumpy BSD Guy: Field notes blog 09:00 03:00 DMS 1110 Architecture and Implementation Tutorial lecture en This tutorial is for for those interested in understanding the internals of a source code debugger. It will cover both a debugger's high-level design and the low-level algorithms needed to implement key functionality. Topics will include the process model, state machines, unwinding, expressions, stepping, breakpoints, shared libraries, and object files and debug information. This tutorial is for for those interested in understanding the internals of a source code debugger. It will cover both a debugger's high-level design, and the low-level algorithms needed to implement key functionality. Topics will include the process model, state machines, unwinding, expressions, stepping, breakpoints, shared libraries, and object files and debug information. Examples, positive and negative, will be drawn from a number of existing debuggers, operating systems, and instruction set architectures. A rudimentary knowledge of operating systems principals, machine programming, and/or programming languages is assumed. There will be a small materials fee of a few dollars. Andrew Cagney 13:00 03:00 DMS 1110 Tutorial lecture en pfSense is a BSD licensed customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution. This tutorial is being presented by the founders of the pfSense project, Chris Buechler and Scott Ullrich. At the time of BSDCan 2010, pfSense 2.0 will be nearing release. This tutorial will be a training-focused session, covering many of the changes in the 2.0 release, both from the perspective of a new user and providing information on changes for existing users of the project. Common usage scenarios, deployment considerations, step by step configuration guidance, and best practices will be covered for many features. Many configurations will be demonstrated in a live lab environment. Attendees are assumed to have basic knowledge of TCP/IP and firewalling concepts, however no in-depth knowledge in these areas or prior knowledge of pfSense or FreeBSD is necessary. Chris Buechler Scott Ullrich 15:00 03:30 Royal Oak Pub register Pick up your registration pack, have a beer! Social other en Registration pick up Avoid the line ups of the first day! Pick up your registration pack early, at the pub. Sit back. Have a drink, some food. Enjoy the company. A BSDCan tradition. :) Dan Langille Dru Lavigne The map is linked to from the home page. 09:30 01:00 DMS 1160 keynote What the BSD community says about itself Plenary en Will Backman is the voice behind BSDTalk. Will has been running BSDTalk, a regular podcast, since December 2005. Over this time, he has gained a unique insight into the BSD community and will share his observations with us. Will Backman video audio 11:00 01:00 DMS 1160 clang Replacing gcc with clang as the FreeBSD system compiler Hacking lecture en FreeBSD currently uses gcc as its system compiler. Because of a political decision on GPLv3 we are stuck with version 4.2.1. Recently a new possible candidate for system compiler arised - clang (based on LLVM). We are currently maintaining a branch of FreeBSD that uses clang as the system compiler for C/ObjC/C++. The talk aims to describe the history, current status and future possibilities of clang in FreeBSD as presented in the clangbsd branch. The system compiler is integral and absolutely necessary part of the FreeBSD operating system. We have used gcc for almost the whole life of FreeBSD. It supports all of the architectures we need, it provides some tweaks we added over the time and generally serves us quite well. Unfortunatelly gcc switched to GPLv3 which is incompatible with FreeBSD, as decided by core, thus we are stuck with quite old gcc version 4.2.1. There are other problems with gcc, mostly awkward dealing with upstream. A very similar story goes on with the assembler and linker. At first a students project that grew into industry supported solution, mostly backed by Apple, the LLVM emerged. One of the LLVM's subprojects is a C/ObjC/C++ compiler. The whole package of LLVM+clang reached the state when it can compile basically all of FreeBSD and a branch of FreeBSD integrating clang into it was established and is being maintained. The other interesting LLVM subproject is llvm-mc, the assembler and dissasembler based on LLVM. There's also compiler-rt, a possible replacement for libgcc. This talk aims to introduce you to the current state of clang/llvm on FreeBSD, what it can do, what are the advantages over gcc and what are the last missing pieces. At last I'd like to discuss the possibility of integrating clang into FreeBSD as the system compiler. Roman Divácký video audio 13:00 01:00 DMS 1160 Bjoern Zeeb (presenting) and Robert Watson System Administration lecture en For over a decade, FreeBSD has supported lightweight OS virtualization through the Jail framework. The jail approach allows a single kernel to share multiple user space installations, each with their own root user and management environment. Jail has been widely adopted by Internet service providers to achieve virtual machine densities of hundreds or thousands of virtual instance, per server, but also for enterprise service virtualisation. However, a key limitation of the Jail technology has been the one-IP-address-per-Jail constraint, a property of how Jail was integrated with the FreeBSD network stack. This talk describes exciting on-going work to virtualise the FreeBSD network stack, giving each Jail to operate with its own virtual network interfaces, firewalls, traffic management, IPsec stack and forwarding tables, and much more. What makes FreeBSD's virtualisation framework different from other approaches, such as fully virtualised hardware, and when is it appropriate? What are the design principles and how are things implemented? How does it scale? Why could this approach be interesting to people doing R&D, Internet Service Providers, and other businesses? What interesting things can be done using the framework? How could you extend the framework for your needs, and what are our future plans? This presentation will attempt to answer these questions to help you evaluate how to use FreeBSD jail-based virtualisation to save time and resources for your business or research. Bjoern A. Zeeb audio 14:30 01:00 DMS 1160 packet Hacking lecture en Historically, FreeBSD has had two packet scheduling options: AltQ, which can do output scheduling using the network card as a transmission clock, and "dummynet", which was born as a link emulator but also included one scheduling algorithm. We have recently made an almost complete rewrite of dummynet to support multiple scheduling algorithms, so that users can pick the ones that fit best their needs. In the process, we also performed a thorough performance analysis of the tool, so now users can make more informed choices on how to configure their packet scheduling/shaping architecture and on which tradeoffs are involved. In this talk we will make the following contributions: 1. describe the internal architecture of the new version of "dummynet", and the API used by the loadable packet schedulers; 2. give a "user view" of the new features made available by this updated version of dummynet; 3. briefly discuss the theory behind packet scheduling, and show how different solutions expose different tradeoffs betweeen service properties, guarantees and run-time complexity; 4. show a number of examples and experiments, running real code from the SVN tree, to demonstrate that the (apparently dry) theory discussed in #3 has actual implications in practice. Luigi Rizzo audio video 16:00 01:00 DMS 1160 Embedded lecture en Embedded products prefer smaller RAM to reduce the hardware cost. XIP is a technique to execute programs directly from NOR FlashROMs without programs copied into RAM as page cache. It is realized with small changes in NetBSD because page cache management is already concentrated in single place called UBC, where all file data access (read() / write(), and mmap()) go through. This paper explains the design and implementation of the changes made to the NetBSD kernel to support XIP. Masao Uebayashi video 11:00 01:00 DMS 1120 Certification en This talk introduces the BSD Professional exam, including the back story about the exam, a description of the how the Job Task Analysis was created, what happens to the results, and how the exam objectives are created. A description of requirements for a "hands-on lab" will be presented, along with some possible scenarios for implementation. An interactive discussion with the audience will help determine the eventual direction for some aspects of the exam. Jim Brown video 13:00 01:00 DMS 1120 Hacking lecture en Fernando Gont will discuss some of the results of a Security Assessment of the Internet Protocol version 6 (IPv6) carried out on behalf of the UK CPNI (United Kingdom's Centre for the Protection of National Infrastructure). He will explain some of the security implications arising from the protocol specifications themselves, and from a number of implementation strategies followed by some of the most popular IPv6 implementations (including KAME). He will describe ongoing efforts to mitigate the aforementioned issues, and will explain the different system knobs that are available in the different BSD-flavours to control different aspects of the IPv6 stack. The IPv6 protocol suite was designed to accommodate the present and future growth of the Internet, by providing a much larger address space than that of its IPv4 counterpart, and is expected to be the successor of the original IPv4 protocol suite. It has already been deployed in a number of production environments, and many organizations have already scheduled or planned its deployment in the next few years. There are a number of factors that make the IPv6 protocol suite interesting from a security standpoint. Firstly, being a new technology, technical personnel has much less confidence with the IPv6 protocols than with their IPv4 counterpart, and thus it is more likely that the security implications of the protocols be overlooked when they are deployed. Secondly, IPv6 implementations are much less mature than their IPv4 counterparts, and thus it is very likely that a number of vulnerabilities will be discovered in them before their robustness can be compared to that of the existing IPv4 implementations. Thirdly, there is much less implementation experience with the IPv6 protocols than with their IPv4 counterpart, and “best current practices” for their implementation are not available. Fourthly, security products such as firewalls and NIDS’s (Network Intrusion Detection Systems) usually have less support for the IPv6 protocols than for their IPv4 counterparts. While a number of papers have been published on the security aspects of the IPv6 protocol suite, they usually provide general discussion on the security implications of IPv6, but do not delve into much detail regarding the security implications of each of the mechanisms, header fields, and options of all the involved protocols. There is a clear need to raise awareness about the security aspects and implications of the IPv6 protocol suite, to improve the confidence of both IPv6 implementers and the personnel working on the deployment of IPv6 in production environments. Fernando Gont video 14:30 01:00 DMS 1120 Embedded lecture en Creating a specialized appliance using a general purpose operating system, using the roadmap for the FreeNAS revamp as an example. Using a general purpose operating system as the base for developing a specialized appliance is a challenging task. Using the roadmap for revamping FreeNAS as an example a number of topics will be covered. - How design goals impact the system - How to manage project specific differences from the underlying base OS - The benefits of starting with a general purpose OS - The drawbacks of the same Along the way the new features and benefits of the FreeNAS revamp will be explored. Including, but not limited to: An AMD64 version Improved ZFS support Support for optional packages/modules Josh Paetzel 16:00 01:00 DMS 1120 Hacking lecture en Cryptography is hard. It usually takes many years of study before it is possible to make any serious contribution to the field; and even expert cryptographers often have flaws discovered in their work. However, merely _using_ cryptography requires far less expertise. In this talk, I will cover everything most software developers will ever need to know about cryptography -- starting from the very beginning -- along with (time allowing) some of the reasons behind the recommendations I provide. Specific topics covered will include symmetric vs. asymmetric encryption; symmetric vs. asymmetric signatures; block ciphers; block cipher modes; key lengths; message authentication codes; hash algorithms; password handling; padding for asymmetric encryption; padding for asymmetric signing; Diffie-Hellman groups; and side channel attacks. Specific attacks will be discussed only to the extent of mentioning that they exist and explaining how cryptography-using systems should be designed to thwart them. Colin Percival 11:00 01:00 DMS 1140 A new system installer backend for PC-BSD & FreeBSD System Administration lecture en This talk will cover many of the ways in which the new system installation backend for PC-BSD 8.0 fixes many common issues, and adds a host of new features, such as choosing between PC-BSD or FreeBSD installations, support for ZFS, gmirror, geli and more. We will also discuss some of the design choices made for the new backend, along with details on usage when installing with some of the new features. Since its very first beta many years ago, PC-BSD has been using a custom-built installer routine, which consisted of a graphical user interface, tied into some scripts which performed the actual installation process of the system. While the process worked reasonably well, it lacked many important features which would become desired and critical down the road. Features such as automated installation, an independent installer backend with interchangeable front-ends, support for advanced custom partitioning, and full error logging. In addition to these features, many times the idea had been brought up about enabling the new installer to also support traditional FreeBSD installations. This could be used as a way for users to bypass regular “sysinstall” and install using some new features such as ZFS, Encryption, and Mirroring. Over the course of 2009 this new installer (pc-sysinstall) has been in development and is now in production in the latest version of PC-BSD, 8.0. This talk will cover some of the new features and direct usage of the backend, including support for advanced partitioning, choosing between installing FreeBSD or PC-BSD, ZFS root support, disk encryption and more. Kris Moore video audio 13:00 01:00 DMS 1140 Secure programming is simple: Don't make mistakes. Invited Talks lecture en Secure programming is simple: Don't make mistakes. Now of course that doesn't work out in practice. But one can get close. Security is mostly a side effect of quality. We'll show you how to write good, simple, high quality code, and what not to do. On top, if you account for own failure and apply techniques like privilege dropping or privilege separation, chances of exploitable bugs are low. And the best part: you don't need to waste time at color-of-choice-hat conferences. Secure programming is simple: Don't make mistakes. Now of course that doesn't work out in practice. But one can get close. Security is mostly a side effect of quality. We'll show you how to write good, simple, high quality code, and what not to do. On top, if you account for own failure and apply techniques like privilege dropping or privilege seperation, chances of exploitable bugs are low. And the best part: you don't need to waste time at color-of-choice-hat conferences. Henning Brauer Sven Dehmlow Slides audio 14:30 01:00 DMS 1140 Implementation in OpenBSD PF System Administration lecture en The Ecdysis project's goal is to develop open-source implementations of an IPv4/IPv6 gateway that run on open-source operating systems such as the various BSD flavours and Linux. The gateway is comprised of two distinct modules: the DNS64 and the NAT64. The DNS64 module was developed by modifying two open-source DNS servers: Bind and Unbound. The NAT64 module was developed by modifying pf (the firewall and NAT code in the OpenBSD kernel, which is used also in other BSD variants) and Netfilter (the firewall and NAT code in the Linux kernel). As part of the development process, stand-alone implementations of DNS64 and NAT64 were developed for experimentation purposes. They have also been made available under open-source licenses in the hope that others will find them useful in their own experimentation endeavours. The project is funded by the NLnet Foundation and Viagénie. IPv4 and IPv6 networks are “incompatible.” The IETF recommendation has usually been to rely on dual-stack deployment: have both networks coexist until IPv6 takes over IPv4. However, IPv6 growth has been much slower than anticipated. Therefore, new IPv6-only deployments face an interesting challenge, that of communicating with the predominantly IPv4-only rest of the world. A similar problem is encountered when legacy IPv4-only devices need to reach the IPv6 Internet. Translation between IPv4 and IPv6 is one framework engineered within the IETF as a solution to the problem of IPv6 transition. This talk will focus on aspects of interest to the BSD community: • An overview of the DNS64 and NAT64 protocols. • An overview of the DNS64 implementations in Bind and Unbound. • A detailed analysis of the kernel-space NAT64 implementation in pf. • A discussion of operational and deployment issues, as well as lessons learned while running NAT64. Jean-Philippe Dionne Ecdysis Project Page audio 16:00 01:00 DMS 1140 lying to the drivers for fun and profit Hacking lecture en An easy way to support new hardware that lacks support in the driver, but is similar enough to old hardware, is presented. A generic means of matching hardware, in a bus independent manner, is used to instruct the bus layer to lie about the plug and play properties of a device so as trick the driver into thinking the device is of a different, supported type. Compatible hardware will then work with this driver. Additional application for the matching or the mapping technology is discussed. For years, new hardware has been released after FreeBSD does its releases. This new hardware often times is upwardly compatible with the prior generation of the hardware. Many times, the drive writers add support for this new hardware by having the driver treat it just like earlier versions of the hardware, possibly with additional capabilities. Today, FreeBSD users need to recompile the kernel or driver module to support this new hardware. A generic mapping capability will allow users of these devices to use them, possibly without the new features, until the drivers can be updated. There are also hooks in the system to allow users to 'downgrade' newer hardware when driver bugs prevent the usage of newer features of a card as well. Buses in the system cooperate with this mapping system by providing caching the plug and play data used to match devices and feeding that data to drivers bidding on a device. By hooking the mapping layer in at this point, buses can implement the mapping transparently to client drivers. This reduces the amount of work necessary to implement the feature because there's a relatively small number of bus drivers compared to the number of client drivers in the system. In addition to providing a means to map the plug and play data used to match devices, this matching portin of this software also allows for other features to be implemented based on the mapping. Since location is included in this data, wiring devices to a specific location can be implemented with this method. New quirks can be added at run time, and can be more selective about which devices are matched that has traditionally been available. This paper explores the current implementation, as well as outlines additional applications for the technology. Warner Losh video audio 12:00 01:30 DMS 8161 bsda1 BSD Certification Exams other en Take the BSDA certification. The BSD Certification Group Inc. is a non-profit organization committed to creating and maintaining a global certification standard for system administration on BSD based operating systems. YOU MUST register and pay for this event. See the link for details. Dru Lavigne Register here 10:00 01:00 DMS 1160 The quest for a better kernel development environment Hacking lecture en Developing good code is hard. Developing good operating system code is harder still. This talk will cover in as concise and complete a manner as possible, the information obtained during my quest for a better FreeBSD kernel development environment. My work on the FreeBSD TCP stack ( [1](http://caia.swin.edu.au/urp/newtcp/) , [2](http://caia.swin.edu.au/freebsd/etcp09/) , [3](http://www.bsdcan.org/2009/schedule/events/121.en.html) ) involves a great deal of time spent investigating behaviour within the kernel. Becoming frustrated with my development cycle, I started researching and creating a hardware and software development environment that would improve my productivity. I found that so much of the really useful information came from non-authoritative sources scattered around the Internet and from talking with other developers. This talk attempts to collate everything into a single place, with the aim of lowering the barrier to entry for kernel hacking by making useful information more accessible. Covering everything from hardware considerations to PXE booting and entry level use of KGDB, this talk aims to arm budding to intermediate FreeBSD developers alike with the information and tools required to code more correctly and efficiently than they otherwise might have been able to using more primitive means. Note that the paper this talk is based on is far from a comprehensive reference yet, and I welcome all suggestions for improvement. My goal is to get the information incorporated into a more official FreeBSD documentation source (e.g. the [FreeBSD developer's handbook](http://www.freebsd.org/doc/en/books/developers-handbook/) ) once it has reached critical mass. Lawrence Stewart Centre for Advanced Internet Architectures video audio 11:30 01:00 DMS 1160 System Administration lecture en FreeBSD works great for many tasks out of the box. As an open source operating system, FreeBSD can be customized to optimally perform specialized tasks. This talk will cover some of the nuts and bolts of managing a customized version of FreeBSD. It is aimed at the server market rather than the embedded space. Topics will include strategies for maintaining local patches to the source tree, deploying unattended installs, and upgrading the OS version. John Baldwin video audio 13:30 01:00 DMS 1160 jbuild next generation build tool for FreeBSD Hacking lecture en jbuild - next generation build tool for FreeBSD =============================================== This presentation will discuss a modified version of the FreeBSD make(1) utility named "jbuild". jbuild was originally developed by FreeBSD developer, John Birrell, to solve large scale software build issues by improving the dependency tracking of make(1). jbuild improves dependency tracking by tracing all file system reads and writes by programs invoked by fork(). This traced data is used to augment the dependency tracking in make(1). This presentation will be an in-depth technical presentation of jbuild, and will discuss some possible ways in which it can be used to improve the software build of FreeBSD. jbuild - next generation build tool for FreeBSD =============================================== The make(1) utility has been part of the FreeBSD base system since the beginning of the project. Before FreeBSD, the make utility was included with PWB/Unix 1.0 In FreeBSD, one of make(1)'s most important uses is used to build all the software that comprises the FreeBSD base system (userland and kernel). Over time, the size of the FreeBSD codebase has grown, as has the number of architectures that it can build on. The scale of the software build requirements for FreeBSD has exposed some fundamental limitations in make(1) and the core sys.mk Makefile rules used to build FreeBSD. Some of the problems that end-users see due to these limitations include: -> Parallel builds with very high values of -j [n] often fail. -> "make universe" rebuilds a lot of the same software multiple times, and takes a very long time. Consequently most FreeBSD developers do not test their code against this target, so sometimes code changes are introduced which break the build on less frequently used machine architectures. For the FreeBSD project, these problems are annoying, but may be somewhat tolerable. However, for commercial products that are derived from FreeBSD, with much larger codebases, these problems can result in huge productivity losses. FreeBSD developer John Birrell saw many of these problems in the software build at his employer, Juniper Networks. John decided to address some of these fundamental software build problems by: (1) modifying FreeBSD's make(1) to trace all programs invoked from make(1) via fork(), in order to log all file system read and write calls (2) using this tracing information to generate dependency information which could be used by make(1) (3) writing core Makefile rules in sys.mk to make it easier to add new machine architectures to the build, and make it easy to test compilation of code across multiple architectures John implemented his changes as a fork of the make(1) utility, named "build", and later "jbuild". The code for jbuild is available in a branch of the FreeBSD SVN repository. This presentation will discuss some of technical details of jbuild, and also John's vision for how this utility could be applied to improving the FreeBSD build. Craig Rodrigues video 15:00 01:00 DMS 1160 journaling Adding "journaling lite'' to soft updates and its incorporation into the FreeBSD fast filesystem Hacking lecture en This talk describes the work to add ``journaling lite'' to soft updates and its incorporation into the FreeBSD fast filesystem. Because soft updates prevent most inconsistencies, the journaling need only deal with tracking those inconsistencies that soft updates fails to address. Specifically, the journal contains the information needed to recover the block and inode resources that have been freed but whose freed status failed to make it to disk before a system failure. After a crash, a variant of the venerable fsck program runs through the journal to identify and free the lost resources. Only if a corruption of the log is detected is it necessary to run background fsck. The journal is tiny, 16Mb is usually enough independent of filesystem size. Although journal processing needs to be done before restarting, the processing time is typically just a few seconds and in the worst case a minute. It is not necessary to build a new filesystem to use soft-updates journalling. The addition or deletion of soft-updates journaling to existing FreeBSD fast filesystems is done using the tunefs program. Kirk McKusick Paper for Talk video audio 16:00 01:00 DMS 1160 wipo Short stories from projects around the world Plenary lecture en For the fifth year running, BSDCan will have a WIP (Works In Progress) session, with presentations on diverse topics. The format remains essentially the same: in a one hour period, audiences are entertained and informed by a rapid fire series of short talks on interesting new or on-going work by individuals or groups. Slides aer permitted, but not obligatory; pictures are highly recommended. Topic areas include new open source software projects, works in progress for future releases of existing projects, student projects, etc. WIP topics this year may make good conference papers next year! The number of slots is limited, and experience suggests there will be more takers than slots. Sign up well in advance to be assured a spot. Please e-mail <wip@bsdcan.org> to sign up. Send a one or two paragraph summary of the topic to be presented, and the names of the person(s) presenting it. Also, please give a time estimate -- typically times will be one to five minutes. The time limit will be strictly enforced -- you will be cut off if you try to run over! The WIP e-mail registration deadline is May 9, after which remaining slots (if any) may be signed up for in person. Any slides must be received by the WIP session chair by, at latest, May 13 at 11:59pm GMT. The session chair this year is Robert Watson. Robert Watson audio 17:00 00:30 DMS 1160 close The wrap up Plenary lecture en The closing Fun. Games. Awards. Dan Langille Robert Watson audio 10:00 01:00 DMS 1120 packages Dude, where's my packages? System Administration en Introducing the FreeBSD package building cluster, or, "Dude, where's my packages?" The FreeBSD ports management team (portmgr) maintains a cluster of machines to build packages from individual ports. This talk attempts to explain the technical challenges involved. - Introduction: the purpose of the build cluster - Introduction: the dispatch machine 'pointyhat' - Introduction: the package build nodes - Release builds, incremental builds, and experimental builds - What is done with the results of package builds - Discussion of the scheduling algorithm - Performance characterization of individual nodes - Common problems seen on the nodes - Common problems seen on pointyhat - Notes on characterizing the overall performance Mark Linimon video 11:30 01:00 DMS 1120 Hacking lecture en Hardware Performance Monitoring Counters provide programmers and systems integrators with the ability to gather accurate, low level, information about the performance of their code, both at the user and kernel levels. Until recently these counters were only available on Intel and AMD chips but they have now been made available on alternate, embedded, architectures such as MIPS and XScale. This talk will cover porting support for the hwpmc(4) driver and associated libraries to non-x86 architectures as well as give details about how the counters provided on these new architectures differ from those available on the x86. Hardware Performance Monitoring Counters provide programmers and systems integrators with the ability to gather accurate, low level, information about the performance of their code, both at the user and kernel levels. Until recently these counters were only available on Intel and AMD chips but they have now been made available on alternate, embedded, architectures such as MIPS and XScale. This talk will cover porting support for the hwpmc(4) driver and associated libraries to non-x86 architectures as well as give details about how the counters provided on these new architectures differ from those available on the x86. A brief outline: *) History The history of support for performance monitoring counters will be described, from the early, limited sets on Pentium processors to the much more rich set of counters on modern hardware. *) Motivation Why these counters are important and how they are used in the real world to help to improve the performance of running software. *) Driver and Library API and Architecture A high level overview of how the driver and user level API interact giving details on where changes need to be made to port the driver to newer hardware and to make sure that it is up to date. *) MIPS Counters Specific examples from the new MIPS driver which is being developed for FreeBSD. *) Conclusions and Questions George Neville-Neil video 13:30 01:00 DMS 1120 Hacking lecture en With the advent of low cost wireless chipsets, wireless mesh networks became much more attractive for both companies, governments, and the general consumer. This talk will describe the FreeBSD implementation of 802.11s. Wireless mesh networks are being used extensively since the popularization of the 802.11 wireless technologies, but usually they worked with the help of layer 3 routing technologies. Since 802.11 didn't provide any kind of support for wireless mesh networks, in 2004, IEEE created the Task Group s (TGs) to create a new amendment to 802.11 which would define the operation of a wireless mesh network using existing 802.11 hardware and having a routing protocol work at layer 2. Later, the amendment also included provisions for mesh authentication, encryption, link management, bridging mesh networks with other types of networks, and channel reservation. On this lecture I will talk about the FreeBSD implementation of 802.11s that's available in version 8.0 and beyond. This work was sponsored by The FreeBSD Foundation. Rui Paulo video 10:00 01:00 DMS 1140 dummynet (and to userland) Hacking lecture en Porting userland code to different platforms is a common practice. Porting kernel code is much less common for many reasons, including the absence of common APIs, a fact which often prevents code reuse and suggest complete rewrites. There are however areas (including pieces of the network stack) where such differences are less important and porting becomes attractive. Furthermore, writing code with portability in mind also helps running kernel code in user-space, which is a huge help in testing and performance analysis. In this talk we will discuss our experience in porting the ipfw and dummynet subsystems to Linux and Windows. We will describe how we dealt with the OS-specific features in the subsystems we used: packet representation, locking, timers and other OS services, compilers and build environments. The experience helped us a lot in the development of the new (ipfw3) version of these two subsystems, which runs almost the same code on all three platforms. Luigi Rizzo slides video audio 11:30 01:00 DMS 1140 Embedded lecture en This talk covers the development work on providing FreeBSD with the ability to use Flattened Device Tree (FDT) technology, which allows for describing hardware resources of a computer system and their dependencies in a platform-neutral and portable way. The primary consumer of this functionality are embedded FreeBSD platforms (ARM, AVR32, MIPS, PowerPC) where a lot of designs are based on similar silicon chips, but have different assignment of pins, memory layout, addresses bindings, interrupts routing and other resources. Configuration data, which cannot be self discovered in run-time, has to be supplied from external source. The concept of flattened device trees is a platform and architecture independent approach to resolve such problems. The concept is inherited from Open Firmware IEEE 1275 device-tree notion, and has been successfully adopted by the embedded industry (for example, it is a basis for Power.org embedded platform reference specification, ePAPR). Starting with an overview of the technology, tools and existing conventions, the talk explains all major design decisions, and presents development steps taken during its course. Particular examples of platforms converted to the FDT approach are given (Freescale embedded PowerPC, Marvell embedded ARM), and finally a summary of the project is presented covering benefits for the FreeBSD, the current state of work and possible future directions. Work on this project has been sponsored by the FreeBSD Foundation. Rafal Jaworowski http://wiki.freebsd.org/FlattenedDeviceTree audio 13:30 01:00 DMS 1140 Hacking lecture en Since 2001 we have used FreeBSD as a high performance computing (HPC) cluster operating system. In the process we have ported a number of HPC tools including Ganglia, Globus, Open MPI, and Sun Grid Engine. In this talk we will discuss the process of porting these types of applications and issues encountered while maintaining these tools. In addition to generally issues of porting code from one Unix-like operating system to another, there are several type of porting common to many HPC infrastructure codes which we will explore. Beyond porting, we will discuss how the ports collection aids our use of HPC applications and ways we think overall integration could be improved. Brooks Davis audio 12:00 01:30 DMS 8161 bsda2 BSD Certification Exams other en Take the BSDA certification. The BSD Certification Group Inc. is a non-profit organization committed to creating and maintaining a global certification standard for system administration on BSD based operating systems. YOU MUST register and pay for this event. See the link for details. Dru Lavigne Register here 09:30 06:00 Out and About tourist Spend some time exploring Social other en Explore Ottawa Ottawa has a large number of great attractions. Spend some time looking around and explore. Spend as much time as you want with us, or leave early. We will walk everywhere we go. Wear sensible shoes. Bring your camera. We'll probably have lunch somewhere along the way. Consider the weather (sun block, rain coat, umbrella, swim suit). We will depart from the National Memorial at 9:30 AM *if the weather is good*. If it's raining, we'll assemble in the lobby of Residence instead (same time). If you have ideas/suggestions/plans, please let others know via the forum. From that list, we'll decide what to do on the day. Dan Langille National Memorial Residence Forum 09:30 06:30 DMS 3102 bsdp Certification workshop en BSDP planning day BSDP planning day Dru Lavigne