===== Marshall Kirk McKusick: An Introduction to the Kernel Services and I/O System of the FreeBSD Open-Source Operating System Who Should Take this Course This course provides a broad overview of how the FreeBSD kernel implements its basic services. It will be most useful to those who need to learn how these services are provided. Individuals involved in technical and sales support can learn the capabilities and limitations of the system; applications developers can learn how to effectively and efficiently interface to the system; systems programmers without direct experience with the FreeBSD kernel can learn how to maintain, tune, and interface to such systems. This course is directed to users who have had at least a year of experience using a UNIX-like system. They should have an understanding of fundamental algorithms (searching, sorting, and hashing) and data structures (lists, queues, and arrays). Description This course will provide a firm background in the kernel services and I/O structure of the FreeBSD kernel. The course will cover basic kernel services, locking, process structure, scheduling, signal handling, jails, capsicum sandboxing, and virtual and physical memory management. The kernel I/O structure will be described showing how I/O is multiplexed, disks are managed, special devices are configured, and system virtualization is done. The presentations will emphasize code organization, data structure navigation, and algorithms. It will not cover the machine specific parts of the system such as the implementation of device drivers. Morning - Kernel Overview Process structure Locking Communications Process Groups and Sessions Jails Scheduling Signals and timers Virtual memory management Afternoon - Kernel I/O structure I/O data structures Disk Management Multiplexing I/O Autoconfiguration strategy Configuration of a device driver Course Text Prior to taking the course, students are recommended to obtain a copy of the course text: Marshall Kirk McKusick, George Neville-Neil, and Robert N. M. Watson, ``The Design and Implementation of the FreeBSD Operating System'', Second Edition, Pearson Education, Boston, MA September 2014, ISBN-13: 978-0-321-96897-5, ISBN-10: 0-321-96897-2. Marshall Kirk McKusick: Dr. Marshall Kirk McKusick's work with Unix and BSD development spans four decades. It begins with his first paper on the implementation of Berkeley Pascal in 1979, goes on to his pioneering work in the eighties on the BSD Fast File System, the BSD virtual memory system, the final release of 4.4BSD-Lite from the University of California at Berkeley Computer Systems Research Group, and carries on with his work on FreeBSD. A key figure in Unix and BSD development, his experiences chronicle not only the innovative technical achievements but also the interesting personalities and philosophical debates in Unix over the past forty years. ===== Dave Cottlehuber: Do-It-Yourself Jails The Horrifically Popular tutorial from EuroBSDcon 2022 returns with less bugs, and no more bad puns. One of FreeBSD's unique features is the close alignment of containers, filesystems, and networking, within the base Operating System. There are many jail manager tools, but they all use the same functionality under the hood. Join the Elite. Attain Jail Enlightenment. Along the way, you'll learn how jails are actually built in practice, from scratch, and deepen your understanding of the relevant bits of FreeBSD that allow you to do so. This tutorial is suitable for beginners & intermediates, and will go at an appropriate pace depending on attendees. What You'll Learn learn the underlying truth about all jail tools wield & jail ZFS datasets like a ninja how to share data between hosts and jails summon customised jails like an arcane sorcerer route packets with abandon learn about vxlan(4) to make multiple jail hosts appear as one acquaint yourself with jail security Pre-requisites basic knowledge of FreeBSD & sh(1) a vague understanding of ZFS a UNIX laptop capable of SSH and ideally a wired ethernet connection the desire to ascend to a higher realm of reality What You'll Accomplish Why yes, you too can write your own Jail Management tool from scratch. Alternatively, you'll know how existing jail management tools actually work, and be able to get the most out of them. Dave Cottlehuber: Dave has spent the last 2 decades trying to stay at least 1 step ahead of The Bad Actors on the internet, starting off with OpenBSD 2.8, and the last 9 years with FreeBSD since 9.3, where he has a ports commit bit, and a prediliction for obscure functional programming languages that align with his enjoyment of distributed systems, & power tools with very sharp edges. Professional Yak Herder, shaving BSD-coloured yaks since ~ 2000 FreeBSD ports@ committer Ansible DevOops master Elixir developer Building distributed systems with RabbitMQ and Apache CouchDB enjoys telemark skiing, and playing celtic folk music on a variety of instruments ===== Benedict Reuschling: OpenZFS Introductory Workshop Intro: In this beginner-focused, hands-on tutorial, we will take a look at the features that OpenZFS provides. OpenZFS is a filesystem with integrated volume manager available on FreeBSD, NetBSD, and many Linux distributions. Storage administration plays an important part when administering systems. OpenZFS enables some new ways to secure data, but also allows rethinking some concepts focused around storage. It is a valuable skill to know even basic OpenZFS features and applying them to system administration problems. Since there are only two new commands to learn and the interface was designed with system administrators in mind, participants will be quickly using OpenZFS to their advantage. Content: In this tutorial, we will cover the following topics: Creating an OpenZFS pool from storage media such as disks Various pool configurations (RAID, log and cache devices) Creating OpenZFS datasets on top of the pool Quota and reservations Snapshots Compression ZFS Volumes ZFS Dataset Serialization Audience: This is a beginner tutorial for people with little to no prior experience with ZFS. After the tutorial is over, attendees will have a better understanding of the features of OpenZFS as they have used many of them during in practice. Delivery method: The tutorial will be presented in a hands-on manner, so that the audience can follow along on their own machines. It is recommended to bring a virtual machine to the tutorial with one of the above mentioned operating systems pre-installed. Basic Unix filesystem familiarity (e.g. cp, mv, ls) are required for those wanting to participate. Materials will be provided in PDF form as reference. The course is generally OS-agnostic, only device names may differ depending on which operating system is used. Benedict Reuschling: Joining the FreeBSD Project in 2009 as a documentation committer, Benedict has been a FreeBSD user many years before that. He joined the FreeBSD Foundation in 2015, where served on the board of directors as vice-president until May 2022. Benedict writes a column called Practical Ports for the FreeBSD Journal about various BSD topics. He has a Master of Science degree in Computer Science and is teaching a UNIX for software developers class at the University of Applied Sciences, Darmstadt, Germany. His day job involves managing the Big Data Cluster at the computer science department. Benedict is one of the hosts of the weekly BSD-focused podcast BSDnow.tv. ===== Peter N. M. Hansteen et al: Network Management with the OpenBSD Packet Filter Toolset The OpenBSD Packet Filter (PF) is at the core of the network management toolset available to professionals working with the BSD family of operating systems. Understanding the networking toolset is essential to building and maintaining a functional envirionment. The present session will teach the principles and hands-on operation of the extensive network tools available on OpenBSD and sister operating systems. Basic to intermediate understanding of TCP/IP networking is expected and required for this session. Topics covered include The basics of and network design and taking it a bit further Building rulesets best pracitces, avoiding common pitfalls in firewall rule construction. Keeping your configurations readable and maintainable Filtering, diversion, redirection, Network Address Translation Handling services that require proxying (ftp-proxy and others) Address tables and daemons that interact with your setup through them The whys and hows of network segmentation, DMZs and other separation techniques Tackling noisy attacks and other pattern recognition and learning tricks Annoying spammers with spamd Basics of and not-so basic traffic shaping Monitoring your traffic Redundancy of PF firewalls using PF sync + CARP + Ifstatd Troubleshooting: Discovering and correcting errors and faults Your network and its interactions with the Internet at large Common mistakes in internetworking and peering Keeping the old IPv4 world in touch with the new of IPv6 Using PF and OpenBGPd together to implement an automated, distributed implementation of PF policies Time allowing and to the extent necessary, we will cover recent developments in the networking tools and variations between the implementations in the sister BSD operating systems. Participants should bring a laptop, the format of the session will be compact lectures interspersed with hands-on lab excercises based directly on the theory covered in the lecture parts. This session is an evolutionary successor to previous sessions. Slides for previous PF tutorial sessions are up at https://home.nuug.no/~peter/pftutorial/, to be updated with the present version when the session opens. Peter N. M. Hansteen: Peter is a Unix and Cloud Security Engineer, Unix aficionado, systems and network administrator. Author of The Book of PF (https://nostach.com/pf3), occasional blogger (https://bsdly.blogspot.com) and lecturer on IT security with a strong preference for OpenBSD. Massimiliano Stucchi: Massimiliano "Max" Stucchi joined the Internet Society in 2019 as Technical Advisor for the European region. His previous experiences are as a trainer and IPv6 Programme Manager at the RIPE NCC, and before that he was the founder and technical director of a small Internet Service Provider and Wireless Internet Service Provider in Northern Italy. Max is a long time Unix fellow, with a specific love for FreeBSD and OpenBSD, which he's been using for around 20 years now. His interest also cover BGP, Routing Security, DNS and of course, IPv6. If possible, he tries to contribute to the development of these technologies by participating in the IETF. Tom Smyth: ISP co-founder and co-owner loves networking with BSD. Interested in security and facilitating communications between all people... we are better when we communicate openly, honestly and in good faith. =====