(in alphabetic order)
The contents below may re-posted or linked under the condition that
the respective speaker terms and credits are met and clearly stated, and
that the originating URL is clearly posted.
- High-throughput concurrent disk IO in FreeBSD
There are many different methods for implementing disk IO heavy
applications in user-space. These range from simple multi-process
servers up through threaded applications with task queues, mmap(),
sendfile() and POSIX AIO with the pros and cons of each discussed.
Standard issues revolving around traditional disks and controllers will
be covered along with the increasing shift toward cheap SATA and flash
- A closer look at the ZFS file system,
Pawel Jakub Dawidek
ZFS is SUN's revolutionary file system. It merges roles of a file
system and volume manager. The features list it provides is really
astonishing and includes: simple administration, transactional
semantics, end-to-end data integrity, cheap snapshots, storage pool
model, immense scalability, no fsck and more.
ZFS is part of the FreeBSD system, the first FreeBSD release that
includes ZFS is 7.0.
The author will focus on presenting ZFS design. He'll describe ZFS
layers and features and explain how they work together. So prepare
yourself for a journey into ZFS world - the most advanced file system
Pawel Jakub Dawidek is a FreeBSD committer.
In the FreeBSD project, he works mostly in the storage subsystems area
(GEOM, file systems), security (disk encryption, opencrypto framework,
IPsec, jails), but his code is also in many other parts of the system.
Pawel currently lives in Warsaw, Poland,
running his company where he works on security related products.
- The HAMMER File System
HAMMER is a brand new BSD filesystem which saw first light in July 2008
with the DragonFlyBSD 2.0 release. This presentation will cover
HAMMER's long list of features with a particular emphasis on its
historical data retention and mirroring features, and future directions.
In a nutshell, the HAMMER filesystem is a B-Tree and extent-structured
filesystem with fast (almost instant) crash recovery, a large 60 bit (1
Exabyte) addressable space, automatic 30-60 second granular snapshots
with full retention of historical state immediately accessible via
filename extensions, queue-less master-to-multi-slave mirroring, and
HAMMER represents a new way of thinking about what a filesystem should
do. With today's storage greatly exceeding what most individuals or
businesses actually need, and a major requirement for live access to
backups, it is no longer appropriate to destroy data simply because
someone does a 'rm', or modifies the contents of a file or directory
structure. HAMMER presents a storage paradigm which seamlessly
integrates the live view with fine-grained historical access, fast and
efficient queue-less mirroring streams which have little effect on
production filesystem performance, and the ability to manage a long-
term data retention policy across both production and backup systems.
Matthew Dillon is a well known Open Source
developer. He currently runs the DragonFly BSD project at
- BSD versus GPL
BSD vs GPL is a sweeping epic, focused on the dichotomy between good and
evil. It peers inside the hearts and minds of the creators of these
movements and dissects their battle for world domination. No common
documentary will dare to follow the path that BSD vs GPL blazes.
Jason Dixon is an unknown help desk
technician from Maryland. He enjoys long walks in the park and the
occassional hair tousling. The audience is cautioned against making
direct eye contact.
- Network Refactoring, or doing an oil change at
Michael W. Lucas
This is a discussion of things to look at as a network administrator
when you take over a new network. For the last two years I've been
responsible for integrating networks all across North and South America
into one private MPLS network. Lessons learned, lessons not learned,
and the technical and administrative problems you can expect in such
Michael W Lucas is a network engineer and
system administrator responsible for a network that stretches across the
Western Hemisphere. He is the author of Absolute FreeBSD, Absolute
OpenBSD, and assorted other computer-related books. He lives in
Detroit, Michigan, with his wife and pet rats. He has promised to wear
pants to this conference.
- Design and Implementation of the Portable C Compiler
PCC was the first wide-spread portable C Compiler, written by S.C.
Johnson in the late 70's. It became the de-facto standard C compiler
included in most Unix systems and was the base for many other compilers.
In 2001 the PCC sources were released by Caldera and became freely
available. This presentation gives an overview of its design and the
changes that I have made to make it conform to modern standards while
still keeping it small, fast, simple and easy to port to new targets.
- OpenBSD's Position Independent Executables (PIE) Implementation
OpenBSD has randomized the load addresses of shared libraries for many
years. This helps prevent attacks that are described as return-to-libc
attacks. However, programs are linked at fixed addresses which provides
some optimizations for executables over shared libs. When a program is
complied and linked to be position independent (e.g. Position
Independent Executable/PIE) some of those optimizations are waived for
the ability to load the program at a random address. In this session,
Kurt will discuss OpenBSD's PIE implementation. It's impact on existing
security mechanisms such as W^X on i386 and the various enhancements
needed to the runtime linker, kernel and other system libs.
Kurt J. Miller is a Software Consultant
and has been an open source advocate for many years. He has been
involved as a commiter on projects such as OpenBSD, Apache Tomcat, and
the BSD Java porting team. Kurt is most active in the OpenBSD project
where he has helped improve OpenBSD's runtime linker (ld.so), userland
pthreads library and has been active in porting large applications to
OpenBSD just as Sun's JDK's, OpenOffice, Eclipse and help improve
stability of the Mozilla.org applications.
- Introduction to DNSSEC,
Jeremy C. Reed
The presentation will introduce the DNS Security Extensions
(DNSSEC-bis). It will cover the need, creation, use, troubleshooting,
and problems of DNSSEC signed zones. The presentation will also
introduce EDNS0, new resource records, DLV, and DNSSEC related tools.
The examples will be shown using ISC BIND. Due to limited time, the
lecture will be very introductory while still covering these many
DNSSEC extends standard DNS to add resource records and algorithms to
provide source authentication (not encryption) for DNS. It is backward
compatible, so non-DNSSEC systems can still use the normal DNS data.
Presented by Jeremy C. Reed. Reed is a
NetBSD and DragonFly committer, board member for BSD Certification
Group, and an ISC employee.
Great advances in operating system architecture, filesystem, security,
etc. have been made in the last 10 years. Great advances in monitoring
have not. Reconnoiter's primary goal is to change that and provide
powerful tools to infrastructure operators to achieve success.
The UNIX philosophy surrounding BSD it is old and proven. Simple tools
combined to provide powerful and maintainable function. The world is a
lot bigger, and while this concept still applies, the interpretation
must change. Monitoring is a deep and important aspect of production
systems management; yet the way we have gone about monitoring services
over the past decade has not evolved. Monitoring encompasses both
assessing availability and functional performance (fault detection) as
well as tracking resource utilization (for trending, capacity planning,
and post-mortem analysis). When you have tens of thousands of services
being monitored, the old interpretation of "simple tools" must be
Reconnoiter (https://labs.omniti.com/trac/reconnoiter/) reinvents
monitoring architecture by focusing heavily on decentralization of
configuration and operation and centralization of policy and analysis.
Each component follows the UNIX philosophy of "single purpose tool," but
on a more macroscopic level allowing thousands of services to be
monitored on inexpensive servers in each data center.
This presentation will be a review of the Reconnoiter monitoring system
on it's core development platform OpenBSD. We'll discuss the what you
should expect to see returned after investing in a monitoring system.
We'll talk about how Reconnoiter is designed to meet the demands of
"large" system deployments. Lastly we'll take a whirlwind tour though
Reconnoiter in real life.
- Porting PCC,
Porting PCC requires very little work. A typical back end is under 100k
of code. We will demonstrate typical design using a couple of real
architectures as an example.
- Detecting TCP regressions with tcpdiff
Determining if a TCP stack is working correctly is hard. The tcpdiff
project aims for a simpler goal: To automatically detect differences in
TCP behavior between different versions of an operating system and
display those differences in an easy to understand format. The value
judgment of whether a certain change between version X and Y of a TCP
stack is good or bad will be left to human eyes.
The initial version of tcpdiff will focus on how TCP stacks react to
packet loss. Using Lawrence Stewart's DPD, a set of simple tcp
connections will be made repeatedly. Each time the connection is made,
packet loss will occur in a different predetermined pattern. Tcpdump
logs for each of these connections will be saved to disk. The resulting
logs will then be run through tcpdiff, which will normalize and compare
the set of connections from each version of the OS being tested. The
places where one version of the OS retransmitted in a different manner
than the base OS will then be flagged so that a developer can see how
behavior has changed.
- When Hardware Is Wrong, or "They can Fix It In Software"
Jason L Wright
In the world of hardware design, time to market pressures dictate the
speed with which products are designed and developed. Sometimes in the
rush, bad decisions are made and the device driver author has to
compensate for the resulting ill-conceived hardware. In this
presentation, several pieces of modern hardware will be examined to show
the impact of hardware design decisions on the resulting driver.
Particular emphasis will be placed on the more egregious errors and the
performance impact. The idea is to poke a bit of fun at the bad design
decisions and to also have the audience walk away knowing a bit more
about what goes into the device drivers upon which they depend.
Jason L. Wright has been involved with the
OpenBSD project as a developer since 1998. In that time he has
developed device drivers for just about every class of device: network
cards, USB devices, frame buffers, disk drivers, hardware cryptography
accelerators, and more. Also during that time he has seen his share of
odd hardware design choices and the "they can fix it in software"
attitude. He now works for the Idaho National Laboratory as a cyber
security researcher examining critical infrastructure.
- An introduction to the Automated Testing Framework (ATF) for NetBSD
Julio M. Merino Vidal
The Automated Testing Framework, or ATF for short, is a project that
provides a set of libraries to ease in the development of C, C++ and
shell-based test programs as well as a collection of utilities to run
these tests automatically and summarize their results in nicely
formatted reports. ATF is an independent project supported by The
NetBSD Foundation and, as such, it runs on many Unix-like operating
systems. However, its development originated in and is mainly focused
on the NetBSD Operating System; after all, the main goal of the ATF
project is to provide a modern testing framework for the NetBSD
In this presentation, I will explain ATF in the context of NetBSD. We
will see why NetBSD needed a renewed testing framework, why the existing
alternatives did not suit the needs of the project, which are the main
features and goals of ATF, how ATF works within NetBSD and, if time
permits, a few code examples and little demonstration of automated
Julio Merino has been officially involved with the NetBSD project since
November 2002. Since then, he has worked on many areas of the system,
ranging from the packaging system to the kernel and, along the process,
realized that automated tests are an extremely important tool to have
for the successful development of a project the size of NetBSD. He is
the main developer of ATF and this has been his latest contribution to
NetBSD. At the moment, he is enrolled in a Ph.D. program at the
Computer Architecture department of the Universitat Politécnica de
Catalunya at Spain and pursuing an engineering internship at Google,