Speakers

Speakers | EuroBSDcon 2016

Speakers | EuroBSDcon 2016

An Introduction to the FreeBSD Open-Source Operating System
Kirk McKusick
Description:
This course provides a broad overview of how the FreeBSD kernel implements its basic services. It will be most useful to those who need to learn how these services are provided. Individuals involved in technical and sales support can learn the capabilities and limitations of the system; applications developers can learn how to effectively and efficiently interface to the system; systems programmers without direct experience with the FreeBSD kernel can learn how to maintain, tune, and interface to such systems. This course is directed to users who have had at least a year of experience using a UNIX-like system. They should have an understanding of fundamental algorithms (searching, sorting, and hashing) and data structures (lists, queues, and arrays).

The course is divided into two days. Together they cover the entire FreeBSD kernel but subjects have been arranged such that students can also decide to attend only the first or the second day depending on the subjects in which they are interested.

This course will provide a firm background in the FreeBSD kernel. The POSIX kernel interfaces will be used as examples where they are defined. Where they are not defined, the FreeBSD interfaces will be described. The course will cover basic kernel services, process structure, locking, jails, scheduling, signal handling, and virtual and physical memory management. The kernel I/O structure will be described showing disk management, how I/O is multiplexed, and the configuration of special devices. Next the organization of the filesystem will be described showing how its buffer pool is integrated with the virtual memory system. The course then covers the implementation of the fast filesystem and its capabilities including soft updates and snapshots. The filesystem interface will then be generalized to show how to support multiple filesystem types. The course also covers the socket-based network architecture, layering, and implementation. The socket communications primitives and internal layering will be discussed, with emphasis on the interfaces between the layers; the TCP/IP implementation will be used as an example. A discussion of routing issues will be included. The presentations will emphasize code organization, data structure navigation, and algorithms. It will not cover the machine specific parts of the system such as the implementation of device drivers.
Speaker biography:
Dr. Marshall Kirk McKusick writes books and articles, teaches classes on UNIX- and BSD-related subjects, and provides expert-witness testimony on software patent, trade secret, and copyright issues particularly those related to operating systems and filesystems. He has been a developer and commiter to the FreeBSD Project since its founding in 1994. While at the University of California at Berkeley, he implemented the 4.2BSD fast filesystem and was the Research Computer Scientist at the Berkeley Computer Systems Research Group (CSRG) overseeing the development and release of 4.3BSD and 4.4BSD. He earned his undergraduate degree in electrical engineering from Cornell University and did his graduate work at the University of California at Berkeley, where he received master's degrees in computer science and business administration and a doctoral degree in computer science. He has twice been president of the board of the Usenix Association, is currently a member of the FreeBSD Foundation Board of Directors, a member of the editorial board of ACM's Queue magazine, a senior member of the IEEE, and a member of the Usenix Association, ACM, and AAAS.

In his spare time, he enjoys swimming, scuba diving, and wine collecting. The wine is stored in a specially constructed wine cellar (accessible from the Web at www.mckusick.com/~mckusick) in the basement of the house that he shares with Eric Allman, his partner of 37-and-some-odd years and husband since 2013.
 
(D)Tracing FreeBSD for DevOps and Developers
George Neville-Neil
Description:
The tracing tutorial is meant for all software practitioners which includes software developers, DevOps, systems administrators and others who ought to understand the inner workings of the operating system in order to build, and maintain any type of computing platform.

With traditional methods it would be impossible to give students anything but a cursory understanding of an operating system in two days. Using DTrace we will be able to cover a wide range of topics, including the scheduler, network stack and filesystem. Using practical examples and publicly available tracing scripts this tutorial will give students a good grounding in DTrace, which is available on FreeBSD, MacOS and Illumos and then cover the listed topics in depth.

This course does not require that the students be fluent in C, but some familiarity with programming and scripting will help students to get the most out of the material. All materials will be available on-line before the course is taught and will remain on-line after the course completes.
Speaker biography:
George Neville-Neil is the author of two leading books on operating systems, the latest co-authored with Marshall Kirk McKusick and Robert N. M. Watson of “The Design and implementation of the FreeBSD Operating System” 2nd Ed.

George likes to say that he ‘works on networking and operating system code for fun and profit’. Writing machine code, building hardware and teaching computing since his teens, his first profit making programming gig was hacking DBase III code for an insurance company while still in High School. He published his first piece of commercial software, an audio digitizer for the then popular Amiga computer, while still in college.

For over ten years he has been the columnist better known as Kode Vicious, producing the most widely read column in both of ACM's premier flagship magazines, “Queue” and “Communications of the ACM”. More recently he was tapped to chair the ACM Practitioner Board, which is dedicated to bridging the gap between research and industry, where he helped create the ACM Applicative conference.

George has been a FreeBSD committer for over 10 years, and currently serves on the elected Core team which helps manage the overall project. Since 2012 he has been on the Board of Directors of the FreeBSD Foundation, the US 501c3 organization that helps to support the FreeBSD Project.
 
Keynote
Gert Döring
Speaker biography::
Gert Döring's main focus is IP networking on the Internet scale - that is: BGP routing, peering, Internet self regulation in RIPE and IETF, IPv6 advocacy, and so on. When not doing networking, he's sysadminning FreeBSD and Linux systems, and happy to hack on anything that has source code and proper documentation.
 

OpenBSD: Building a test-environment for multi-tenancy firewalls
Philipp Buehler

Description:
The talk OpenBSD: pf+rdomains create splendid multi-tenancy firewalls presents a working OpenBSD environment establishing a multi-tenant firewall with pf(4), rdomain/pair(4) and relayd(8) as work horses only. The environment shows how to provision, operate, isolate and manage all the components needed - and what isn't. It'll reveal how even complex setups can be developed, tested and provisioned in a straightforward way. Besides detailing on the OpenBSD bolts, there will be quick walkthrough how to create testing setups easily using Vagrant in preparation for live usage. For easy re-enacting all configuration of OpenBSD and Vagrant being used will be available online.

The tutorial OpenBSD: Building a test-environment for multi-tenancy firewalls will be a thorough walkthrough on creating a test-environment for a multi-tenant OpenBSD firewall based on Vagrant VMs. We will create a base image using packer and multiply that via Vagrant, including the needed networking to isolate the setup. Following is an introduction to pf(4) and rdomain(4) and how this is used to create the multi-tenant firewall. Furthermore it'll be shown how to operate, manage and extend this for further tenants. Since operations also need measurement and reporting, there will be some outlook on how to accomplish this.

If you attend the tutorial, please bring a laptop with Vagrant/1.7.2+, 10GB free disk, and 2GB free RAM.
Speaker biography:
Philipp Buehler uses Unix since mid 1990s and OpenBSD since 2000. Born and working in Germany mainly in Unix/Linux/BSD areas including ISP services and networking. Been an OpenBSD developer from 2002 to 2005, trying to cleanup and test pf(4). Co-founder of sysfive.com GmbH having the technical lead in designing and operating FOSS-based business platforms. Returning to EuroBSDcon after a co-authored talk with Henning in 2002!
 
Novice to Advanced Salt on BSD
G. Clifford Williams
Description:
This tutorial will take an in depth look at using Salt to manage BSD machines and walk through initial setup, creation of configuration management recipes (“states” in salt), custom modules, and simple remote execution. We'll talk about the special considerations when running against non-linux systems.

All setup instructions and commands will be in the handouts so attendees can work at their own pace.
Speaker biography:
G. Clifford Williams is currently Vice President of Development Operations at 8ions, Inc. and is a longtime advocate of open source software, maintainer of the wempy template system and contributor to such projects as Cherokee, SaltStack, and Web2py. He hosts the first (and longest running) US based mirror for Linux Mint and provides networking, hosting, and bootstrapping services for other, lesser known, projects.
 
Embracing the BSD routing table
Martin Pieuchot
Description:
Commonly seen as the reduced radix tree is it built upon, the BSD routing table over the years became the backbone of OpenBSD's network stack.

What has been introduced in 4.3 Reno to replace an inefficient hash- based lookup for forwarding packets is now used for most of the L3 address lookups.

This talk presents an original data structure separation, built on top of ART (Allotment Routing Table), that allowed us to build a lock-free lookup to query the single global tree on multi-core systems.
Speaker biography:
Martin Pieuchot is an OpenBSD developer coordinating the ongoing effort to make the network stack MP-safe. He works as a freelance developer and consultant.
 
Packaging the FreeBSD Base System
Brad Davis
Description:
Goals and benefits of packaging the FreeBSD Base System. We will cover what to expect when using the new system. How configuration file management will change with pkg'ed base. Tracking HEAD or STABLE with pkg. What Meta packages are available for controlling what packages are installed. Why there are so many packages. What features had to be added to make this a reality.
Speaker biography:
Brad Davis has been a FreeBSD User since 2003 and a FreeBSD Committer since 2005. He is also a committer to the FreeBSD pkg and poudriere projects and founder of the RaspBSD.org project to build images for embedded systems that ship with more packages configured and running.
 
Subfiles for NetBSD
William Dobbins
Description:
A number of file systems have a mechanism to store extra data with a file, either as a subfile, extended attribute or fork. The Berkeley Fast File System (FFS) as implemented on NetBSD does not have this feature. We present an implementation of core features of subfiles for NetBSD's FFS.
Speaker biography:
William Dobbins is currently designing flight controls software for the 777X at The Boeing Company. He recently completed his Master of Science in Computer Science at Western Washington University with Dr. Philip Nelson. He was introduced to Unix in 2005 while at the University of Minnesota when working on his Bachelors in Aerospace Engineering.
 
rc.d(8) on OpenBSD
Antoine Jacoutot
Description:
OpenBSD has always used the traditional static BSD initialization script: /etc/rc. While dependable, it did not allow for easy integration with monitoring, configuration management software and/or any kind of tools requiring automated service handling. rc.d(8) was developed to abstract service management while pertaining the existing behavior like predictive and sequential start-up ordering (dependency-less).

The way OpenBSD boots hasn't changed much since its inception. This presentation will describe the OpenBSD rc.d(8) framework and rc.subr(8) daemon control routines. While it resembles other implementations, it was written from scratch to match the project objectives (simple, ordered, non-intrusive). The talk describe the internals of rc.subr and talk about the implications that it had on the traditional BSD start-up sequence.

The talk will detail our requirements as well as the existing implementations and alternatives and explain why it was decided to write one from scratch. The talk will show how we managed to plug ourselves into the existent without having to transform it. The talk will describe how to use the rc.d control scripts and how start-up scripts look like. The talk will then introduce rcctl(8): an all-in-one utility for managing rc(8) daemons and services and look at how it helped orchestration and configuration management tools to work on OpenBSD (feature wise it is kind of a merge between the service(8) and chkconfig(8) utilities and a sysconfig editor as found in Red Hat).
Speaker biography:
Antoine Jacoutot has been an OpenBSD developer since 2006 and is part of the rc.d framework development team. He has been deploying and managing OpenBSD-based infrastructures for over a decade and wrote some of its admin tools like the sysmerge configuration files updater and the rc management helper, rcctl.

He is also a member of the GNOME Foundation and a committer for the GNOME Desktop which he ported and maintains along with 400 other ports. He is currently working as sysadmin at Dalenys near Paris, France.
 
Everything You Always Wanted to Know About "Hello, World"
Brooks Davis
Description:
The first example in the classic “The C Programming Language” by Kernighan and Ritchie is in fact a remarkably complete test of the C programming language. This talk provides a guided tour a slightly more complex program where printf() is called with multiple arguments. Along the way from the initial processes' call to exec() to the final _exit(), we'll tour the program loading code in the kernel and the dynamic linker, the basics of system call implementation, the implementation of the memory allocator, and of course printf(). We'll also touch on localization and a little on threading support. Where appropriate, I'll discuss portions of the system that need changing to accommodate memory safe versions of C like the version we are developing for our CHERI CPU.

This talk will assume some knowledge of a language with C-like syntax (C, C++, Java, and PHP should all be fine).
Speaker biography:
Brooks Davis is a Senior Software Engineer in the Computer Science Laboratory at SRI International and a Visiting Research Fellow at the University of Cambridge Computer Laboratory. He has been a FreeBSD user since 1994, a FreeBSD committer since 2001, and was a core team member from 2006 to 2012. He earned a Bachelors Degree in Computer Science from Harvey Mudd College in 1998. His computing interests include security, operating systems, networking, high performance computing, and, of course, finding ways to use FreeBSD in all these areas. When not computing, he enjoys cooking, brewing, gardening, woodworking, blacksmithing, and hiking.
 
A primer on synchronizing multiprocessor kernel resources
Taylor R. Campbell
Description:
You may have been taught about semaphores and monkeys crossing bridges in college, but in a real BSD multiprocessing kernel there is a dizzying array of ways to synchronize resources – and none of them is the semaphore-wielding monkey your professor taught you about!

For an audience of hackers who perhaps regret leaving the comfort of a giant lock, the talk will explain some of the facilities for synchronizing shared resources in the NetBSD kernel, discuss engineering tradeoffs, and identify general patterns in designing protocols for synchronizing the use of shared resources, beyond the scope of the NetBSD kernel.
Speaker biography:
Taylor ‘Riastradh’ Campbell has been a NetBSD developer since 2011. His first major contribution was to fix the synchronization of the rename system call, which has to juggle four different objects, any pair of which might be the same, and guarantee a local operation does not violate global invariants of the file system. Since then, he has been tweaking lock orders and synchronization protocols, including writing passive references for cheaply parallelizing read-mostly access to shared resources in the network stack.
 
OpenBSD meets 802.11n
Stefan Sperling
Description:
This talk discusses the implementation of 802.11n in OpenBSD's wireless subsystem. We start with a brief overview of 802.11n relative to earlier editions of the standard, followed by an account of the process which led to an initial 802.11n implementation released in OpenBSD 5.9. We'll also look at current wireless development efforts and attempt educated guesses about future work.
Speaker biography:
Stefan Sperling is a freelance Open Source Software developer and consultant based in Berlin. He has been involved in OpenBSD development since 2008. In 2015, Stefan wrote OpenBSD's initial implementation of 802.11n with help from the OpenBSD community and financial support from genua GmbH. He also develops and consults for Apache Subversion in partnership with elego Software Solutions GmbH.
 
BXR.SU, OpenGrok, nginx and all the web - writing and rewriting webapps with nginx.conf
Constantine A. Murenin
Description:
The talk will descend into a case study of developing and running BXR.SU OpenGrok and mdoc.su services for the benefit of the *BSD community. Attendees of this talk will learn how to effectively compose short and succinct semantic URLs to cross reference any source code files and manual pages of the 4 major BSD flavours – FreeBSD, NetBSD, OpenBSD and DragonFly BSD – as well as the inner workings of the services at stake.

Web applications are traditionally written in programming languages such as PHP, Ruby or Python.   But not mdoc.su – a deterministic URL shortener for *BSD manual pages – which stands apart from the established convention. The whole mdoc.su web service is written in the standard and basic `nginx.conf` configuration language alone (with the help of regular expressions and dozens of ‘rewrite’ and ‘location’ directives), resulting in a high-performance semantic URL service without any help from any higher-level programming languages like even Lua or Perl.

On the example of BXR.SU – Super User's BSD Cross Reference, we will also show how to ‘rewrite’ Sun/Oracle OpenGrok with the help of ‘nginx.conf’, and unite the BSDs at that. OpenGrok is written in Java, and is designed around the concept of cookies on every page (including the front page), and thus effectively cannot be cached or accelerated through a naive approach. We will show how to successfully get rid of all the cookies with nginx, and how to greatly improve the usability and the URL interface of the Java application, all entirely through ‘nginx.conf’-fu. We will also go over the OpenGrok modifications and optimisations that were required in order to make BSD search great again.
Speaker biography:
Constantine A. Murenin is a *BSD kernel developer and committer, and can write and rewrite complete web-applications with the help of regular expressions and nginx.conf. Also known as “cnst”, he has been affiliated with Mozilla, OpenBSD, FreeBSD, DragonFly BSD and NetBSD, as well as Google Summer of Code], and has been a frequent speaker at conferences around the world. Mr. Murenin is a graduate of David R. Cheriton School of Computer Science, University of Waterloo, MMath CS, 2010.
 
Bulk building in the many core era
Joerg Sonnenberger
Description:
The ‘pbulk’ system – the current generation of the pkgsrc bulk build infrastructure, was created during the GSoC 2007 and has since remained mostly unchanged. Meanwhile, increased processing power, affordable parallelisation, substantial RAM increases, and fast SSDs for storage have changed the build environment significantly.

This talk analyses the performance impact of different configuration choices. The current development towards looser coupling between clients and the build master are presented as well as the necessary changes for a secure integration of package signatures. The impact of the changes in quantified for environments ranges from memory-rich AMD64 build machine to clusters of tiny ARM boards.

Speaker biography:
Joerg Sonnenberger is a long term NetBSD developer. He has been working on a variety of topics from pkgsrc and the toolchain to power management.
 
LibreSSL replacing OpenSSL in FreeBSD base
Bernard Spil
Description:
This talk will primarily address the changes required for a configurable replacement of OpenSSL with LibreSSL in FreeBSD base. The prototype phase has evolved into a binary branch for HardenedBSD and is planned to become the default in due course.

Next to LibreSSL in base the talk will also address the issues that users may face when using LibreSSL with FreeBSD, either from ports or base. This includes a short history of the changes to ports required like removal of features e.g. EGD and SSLv3. The talk will also address the ongoing challenges, down- as well as up-sides, of OpenSSL and LibreSSL.
Speaker biography:
Bernard Spil has worked on l2k15 OpenBSD LibreSSL (use of LibreSSL outside of OpenBSD) and is a FreeBSD ports committer. He maintains the LibreSSL patch repository and is also a PC-BSD ports committer and maintainer of all LibreSSL related fixes. In addition, he is also a HardenedBSD base/ports committer where he also maintains the base LibreSSL changes and all LibreSSL related ports fixes.
 
Automated Learning From Man Pages
Abhinav Upadhyay
Description:
The BSDs are known for their top quality man pages, which are well maintained, and well organized. Not only that, man pages themselves are pretty well structured.

These qualities make them a good candidate to develop smart tools atop them. NetBSD's apropos(1) is one such application. However, there is a whole gamut of opportunities waiting to be exploited in this area. No one has really tried anything so far.

This paper talks about a set of machine learning experiments on the man page corpus data for applications like:
  • A smarter ranking algorithm for NetBSD's apropos.
  • A question answering system (could be used as an IRC bot for helping out with user queries).
  • Finding similar man pages based on their content, this could be useful for generating suggestions for the SEE ALSO section for man pages.
  • Learning keywords having same contextual meaning, such as “remove” and “uninstall” when used with “package”, “kill” and “terminate” when used in context of “process”. This would be useful for a better search experience.
Speaker biography:
Abhinav Upadhyay is based in Hyderabad, India. He is a NetBSD committer and works for Pramati Technologies Pvt. Ltd. as a Software Engineer.

Before that, he was a student and worked for The NetBSD Foundation during Google Summer of Code 2011. He worked on rewriting apropos(1) with full text search implementation which has been included in NetBSD since release 6.0 and has been well received.

His interests lie in the areas of systems software and machine learning. He is constantly on the lookout for opportunities to work in the cross section of the two fields.

He has also created man-k.org to help make NetBSD's apropos(1) reach wider and help people.
 
Dropping in 80Gbits (hopefully) of stateful firewalling capacity with PF and OpenOSPFd
Gareth Llewellyn
Description:
We had 2x datacenter colo cages each with 2x routers with each router having at least 10Gbit + 1Gb transit links, 10Gb crossconnects and each with 2x 10Gb links to the spine switches. When we first launched we used stateless rules on the boundary routers which is less than ideal and eventually we decided to drop firewalls between the routers and the the spine switches. I took this opportunity to not use Cisco et al and get OpenBSD into our network. Using OpenOSPFd and PF (on DL380 Gen 8s with 4x 10Gb NICs) we migrated each of our DC cages (IPv6 and IPv4) over to a HA, statefully firewalled setup without any downtime, minimal static routing and using opensource.
Speaker biography:
Gareth Llewellyn is into Network Operations in Reading, UK where he manages a big data platform: the lowest points on the network graphs are measured in tens of Gbits, application latency is measured in microseconds, and a processing run of terabytes is considered “small”.
 
Talos - why they use Open Source to fight threats
Dan Langille
Description:
Sometimes big companies use open source software and you never hear about it. That's about to change. Dan Langille works as a sysadmin for Talos (now part of Cisco), specifically for the area previously known as the SourceFire Vulnerability Research Team (the makers of Snort and ClamAV).

Talos makes use of open source every day, all day.

The talk will outline some of the tools and practices Talos uses, why they love open source, and go over the specific advantages it brings to everyday operations. Current users of these tools may find new ways in which they can benefit. If you're not using these tools, you'll definitely see how they can be adapted to your own daily work flow.
Speaker biography:
Dan Langille has been using open source since 1998. With a background as a software developer, Dan now works full time as a sysadmin. With his background in writing how-to guides, you are sure to find something useful, if not at least amusing. When not documenting his computer adventures, he occasionally attends a conference as opposed to running it (sometimes the two overlap). Having started his computer antics in Ottawa, he earned his first open source badges in New Zealand, and now resides near Philadelphia, where he works from home.
 
Synchronisation of userland source code amongst the BSD's
Sevan Janiyan
Description:
Due to our heritage, there is lot of overlap in user land amongst the" various BSDs which over time has grown wider apart, the topic of the talk will be about trying to shorten the gap in base amongst the various projects by patching the utilities across the operating systems and submitting them for inclusion.

I do not believe it's possible to reach 100% feature parity due to some changes being unsuitable use in other projects other than the one it was found in (specifically I'm thinking of the XML output from utilities in FreeBSD, upstreamed from Juniper, but we shall see). The idea for this was spawned from my work on pkgsrc and building on FreeBSD where packages which used pax(1) failed due to the use of an option that wasn't available at the time.

Through bootstrapping pkgsrc on OpenBSD, it was discovered that make was using memcpy() instead of memmove() to copy between buffers. It is a great opportunity for personal development to learn about how the operating systems work through studying the changes in each of the trees.
Speaker biography:
Sevan Janiyan is a sysadmin who likes to play around with lots of different operating systems, especially a big fan of the various BSD's. He's been a member of the NetBSD foundation since the beginning of 2015, pkgrc is the area of his work where he over the last year he has revived support for Darwin/PowerPC and resumed builds on Solaris/FreeBSD and OpenBSD.
 
What we learnt from natively building packages on exotic archs
Landry Breuil
Description:
Since the inception of the ports tree, OpenBSD strives at natively building packages on most of the architectures supported by the project. This leads to interesting questions:
  • How much of the ~9000 ports present in the ports tree build on non-mainstream' architectures ?
  • What's the infrastructure in place to build those packages, and what resources does it take ?
  • How does it exercise OpenBSD's toolchain ?
  • What's the point of building and providing packages for architectures very few people use in production ?
  • What kind of interesting breakage is found, how hard is it to fix it ?
  • What are the common mistakes upstream developers do in making their code non-portable ?
  • How hard is it to get relevant people involved in fixing things ?

We'll try to answer all this questions, providing data points, metrics, and hopefully this will shed some light on the processes used inside OpenBSD.
Speaker biography:
Landry Breuil has been an OpenBSD developer since 2007, mostly working on ports, desktop environments and browsers (been maintaining all mozillas since 2010).
 
Allwinner support in FreeBSD 11
Emmanuel Vadot
Description:
Allwinner SoCs are being more and more used by devboard and single computer boards. In this talk I'll expose the status of FreeBSD 11.0 on those SoC and the various boards that we support. in the last six month the Allwinner support in terms of SoC and peripherals have really grown in the FreeBSD source tree, we added hdmi, audio and power management unit just to name those. I'll cover also the ongoing work and the future one like adding the newly SoC like the R8 (found in the C.H.I.P. $9 computer).
Speaker biography:
Emmanuel Vadot is a Senior Systems Engineer in Paris, France and a FreeBSD src committer.
 
Toward MP-safe networking in NetBSD
Ryota Ozaki
Description:
For the last two years we have been working on making the NetBSD network components MP-safe and have added support for MSI/MSI-X and interrupt affinity, made some network device drivers MP-safe, made bridge(4) MP-safe utilizing lightweight synchronization mechanisms instead of mutex, added next-hop cache separation from the routing table, abd added packet input processing in software interrupt. Last but not least we wrote ATF tests for the network components which included much code restructuring and refactoring supported by the tests. Currently we are working on MP-safe Layer 3 forwarding that includes works on the routing table and network interfaces. We will decribe the completed work and report on the current status.
Speaker biography:
Ryota Ozaki is working at an ISP company in Japan. His main job is developing internet access routers that run NetBSD. He is a NetBSD developer since February 2014.
 
Bidirectional Forwarding Detection (BFD) implementation and support in OpenBSD
Peter Hessler
Description:
That Internet links fail is a truism as old as Internet links. When a link fails, traffic gets dropped until the failure is detected and traffic can be re-routed. Detection of failures can be quite tricky however, since they are not always directly visible. Most systems use link state or a form of keep-alives for detection of failures. Link state detection does not help when there are active devices between a router and the other system, such as a switch or long distance links which use MPLS. The in-protocol BGP timers can also be quite long (a common default is 90 seconds) which is a lot of traffic when one are sending 10Gbps or even faster rates.

BFD is a new protocol that exists outside of existing routing protocols, but can communicate the status to all protocols. This allows for a single keep-alive to detect the health of a single link, without having to depend on a keep-alive in each and every protocol being used. As this is part of the "parent" interface, this does not introduce another layer in the network configuration. And since the link-state is only per next-hop IP, one can mix and match BFD and non-BFD neighbours on the same interface. This is extremely useful for routers connected to an Internet Exchange Point, which can have hundreds of peers spread over 10 or more physical locations.

A clever description of this is described in a draft RFC, which introduces automagic configuration of BFD between parties allowing for stronger resilience when there are many potential neighbouring networks without the overhead of manual configuration.

The talk will describe the implementation of the BFD protocol for OpenBSD, mention problems discovered in both the protocol and network stack, and tell about use cases and production experience.
Speaker biography:
Peter Hessler has been a developer with the OpenBSD project since 2008.

Originally from San Francisco he has an interest in how things work. An OpenBSD user since 2000, he moved to Germany in 2008, to Switzerland in 2013, then back to Germany in 2015. In his spare time Peter enjoys drinking beer, filling out immigration documentation, and making bad puns.
 
Continuous Integration of the FreeBSD Project
Li-Wen Hsu
Description:
FreeBSD's continuous integration project starts in the late 2013. We use Jenkins automation server to build our continuous integration system. It monitors the svn repository for new commits and triggers a new build of it. In each build. The build server compiles the latest code and creates image to run tests on it. In the meantime, we collect the compiler warnings and perform some further checks like clang-scan build. All these information are published to the developers and users to improve the quality of the FreeBSD project.

This talk will discuss about how we setup the FreeBSD continuous integration system, future work.and how to participate.
Speaker biography:
Li-Wen Hsu is a FreeBSD ports committer since 2007 and part of FreeBSD continuous integration team since 2013. He is also Python ports team member and Jenkins port maintainer. He is a software engineer for fun and profit, whereas he is a scuba diver, biker, and snowboarder just for fun.
 
FreeBSD based high density filers
Baptiste Daroussin
Description:
For many years, all storage backing Gandi hosting services had been provided by customized Nexenta based filers. While redesigning the storage backing, an Illumos based OS, FreeBSD, and ZoL were compared.

Gandi is now replacing its old Nexenta filers with FreeBSD based ones. This talk will explain the reason of this choice, the policy regarding patches and contributions, the design of the new filers, and the setup of a regression test lab. The talk will also cover the migration process as well as the patches and contributions that where made to FreeBSD.
Speaker biography:
Baptiste Daroussin is a Unix system engineer in Paris, France and works at Gandi. He is a FreeBSD src committer since 2011, a member of the port management team since 2011. Among other things, Baptiste is author of pkg(8) and poudriere.
 
DTrace Internals: Digging into DTrace
Arun Thomas
Description:
DTrace is a powerful debugging and system introspection tool. BSD developers are merrily using DTrace to understand their systems, but how does DTrace work? In this talk, I will dig into the architecture and internals of the DTrace framework. I will discuss how both kernel and userland tracing work under the hood. I will also dig into DTrace's support for x86-64, ARMv8, and RISC-V on FreeBSD. Finally, I will answer the deep philosophical question: Can you dtrace DTrace?
Speaker biography:
Arun Thomas is an operating systems researcher and an open source developer. He got his first taste of BSD in 2002.

Arun is a Senior Principal Engineer at BAE Systems. He is currently leading a research collaboration with the University of Cambridge and Memorial University to create a new distributed tracing framework building on FreeBSD, DTrace, and clang/LLVM. He has contributed to several open-source projects over the years, including the MINIX 3 operating system as a core developer, the Gentoo Linux distribution as a Gentoo/Hardened and Gentoo/ARM developer, and the Linux kernel. Recently, he has been working on building the RISC-V software stack. He has given talks about open-source operating systems at ARM TechCon, the Embedded Systems Conference (ESC), BSDCan, EuroBSDcon, FOSDEM, and the RISC-V Workshop.
 
Towards Fast IP Forwarding
Nanako Momiyama
Description:
In this talk we discuss FreeBSD IP forwarding performance. Current FreeBSD can forward packets only at 1.2 Mpps with a single CPU core because of slow packet I/O, L2/L3 protocol processing and route lookup. We show that DXR that performs fast route lookup using a compact FIB alongside the radix tree increases this rate to 1.6 Mpps. We also show that VALE/mSwitch, a netmap-based modular and scalable software packet switching fabric, further accelerates this rate to 2.6 Mpps. Applying these two optimizations, we find that L2/L3 protocol processing is a bottleneck that should be improved in the future.
Speaker biography:
Nanako Momiyama is an undergraduate student at Keio University, Japan. She received B.A. from Keio University in 2009 before she has started second bachelor's degree majoring in environment and information studies since 2015. Her main research interests are operating system and networking. She is currently focusing on improving IP forwarding performance on FreeBSD as her bachelor's thesis.
 
Proposing a Replacement for FreeBSD's powerd
Dominic Fandrey
Description:
Or, how I tamed the fan of my notebook

The ‘powerd’ CPU frequency daemon provides userland P-State (power state) switching since 2005. Multi Core Processing has come a long way since 2005 and the increasing number of cores and pipelines in modern CPUs have exposed flaws in powerd's design that were not obvious at the time of its conception.

The talk proposes three design changes addressing these flaws. A daemon named `powerd++` implements this improved design. The talk will present:
  • Challenging load characteristics
  • The three core design differences between ‘powerd’ and ‘powerd++’
  • Benchmarking ‘powerd++’ vs. ‘powerd’
Speaker biography:
Dominic Fandrey is a Karlsruhe based hacker, working in research and development at the Karlsruhe University of Applied Sciences. He's a unicyclist, FreeBSD hacker, and a metal head with a fondness for 8-bit μCs.
 
Retrofitting privsep into ports tools
Marc Espie
Description:
The distributed ports builder was initially designed for speed, but parallel building means a trojan could potentially bleed over other ports being built concurrently. Retrofitting several users into a tool that was not designed to do so is an adventure. This is a sort of "inside-out" design: take sudo/doas out of the equation entirely, and drop privileges for good. This leads directly into privsepping pkg_add as well, and developping new tools to separate package building further.
Speaker biography:
Marc Espie is a long time OpenBSD developer since 1998, chief designer of the current incarnation of the ports subsystem. He is also a researcher at LSE Epita, working on various security problems and teaching source code best practices for security.
 
Math is Hard: Measurement and Improvement of the Open Crypto Framework
Jim Thompson (co-authored with George Neville-Neil)
Description:
The FreeBSD operating system has had at least two software based implementations of the IPsec protocols since they were first standardized in the 1990s. The original IPsec code came from the KAME project, along with IPv6, and later, a faster version of IPsec was added in parallel. The two code bases were merged into what is currently present in FreeBSD to this day. As part of our continuing longitudinal study of the performance of the network subsystems we have turned out attention to IPsec, looking at both the performance of the overall framework as well as the performance of more recent encryption and authentication protocols such as AES-GCM. Utilizing the native performance tool set on FreeBSD, including hwpmc(4) and DTrace we have tracked down various bottlenecks within the system and propose changes to clear them.

Our focus for the most recent work has been on characterizing and improving the performance of the Open Crypto Framework (ocf) which is the framework that handles the cryptographic operations required to secure the various protocols included in the IPSEC framework and which has been shown by our previous work to be a significant source of overhead.
Speaker biography:
Jim Thompson has been noodling around the UNIX world for far too long a time. He knows he started with BSD Unix Release 4.0c on a Vax 11/780 in 1980. He submitted his first patch to a Free Software project in 1987 for a port of GNU Emacs to a Convex vector supercomputer. Patches for gcc, gas and gdb followed.

Netgate was originally the name for a stateful packet filtering firewall he wrote in 1992. The manual is on-line, should you be curious: www.netgate.com/info/SW/Netgate/manual.

Jim refuses to divulge his qualifications and may, in fact, have none at all. He lives in a fortified compound near Austin with his wife Jamie and son, Hunter Speed.
 
Why and how you ought to keep multibyte character support simple
Ingo Schwarze
Description:
The talk is about multibyte character support in base operating systems (as opposed to in specialized application software like professional typesetting systems), including in the C library, command line editing tools (including libedit and shells), and small POSIX- and BSD-style command line text processing utilities like ls(1), man(1), fmt(1), cut(1) and similar ones.

The talk will first explain security and reliability issues that can occur in the context of programs like xterm(1), ssh(1), scp(1), and sftp(1), about what can be done about them, about what cannot be fixed in those respects due to many inadequacies in existing protocols, and about best practices to mitigate the unfixable dangers.

Then, the talk will show a number of examples demonstrating that code related to multibyte character handling is unusually buggy and fragile even in the otherwise rather high-quality BSD operating system codebases. Ingo will explain why it is desirable to restrict base system multibyte character support to UTF-8 only, and why it would be a particularly bad idea to attempt support for UTF-16 or state-dependent ("shift") locales in the base system.

Finally, a few coding techniques to achieve UTF-8 support that is simpler, smaller, more robust, more user-friendly, and less error-prone than the average existing code in BSD based systems will be demonstrated.
Speaker biography:
Ingo Schwarze is currently working on UTF-8 support on behalf of the OpenBSD Foundation. He maintains the mandoc(1) documentation toolbox developed by Kristaps Dzonsons as well as the OpenBSD groff(1) port and has contributed to various parts of the OpenBSD userland, for example the Perl rewrite of the security(8) script, as well as smaller contributions to the rc.d(8)/rcctl(8) framework, the yp(8) subsystem, the C library, and various other programs.

After studying in Siegen, Germany, Ingo Schwarze worked in experimental and theoretical high energy physics at CERN (NA48) and in Karlsruhe. Having used various flavours of UNIX and Linux in the nineties, he settled on OpenBSD as his server and desktop operating system of choice in 2000 and joined the project as a developer in the spring of 2009. As a day job, he maintained the central configuration daemon and the MiddleWare of the Astaro Security Gateway (now called Sophos UTM) for six years.