Converting File Systems to Services
Started with an introduction on how File system interact with the kernel. Only kernel solution seems to perform correctly all the time. The idea is to do that in UserSpace - because makes it way easier and expandable when written in user-space. Writing in user space using kernel interface of course. Presentation was a bit boring because it was barely audible.UTORvpn: A BSD based VPN service for the masses
Great demand for of campus access hence why the speaker started working with vpn. Encapsuale -> encrypt-> send.
PPTP is the most used protocol , the RFC was not taken into account by IETF. Many open source implementation of it.
L2TP RFCs with v3. Create the tunnel and then use standard open protocol to encrypt (IPsec), tunnel easy. 100 mouse clicks doing that on Windows. Does not work for the Masses.
IPsec : suite of protocols , 10 years olds, it's done at the kernel level. It's transparent to the user. Issues with Firewalls and Nat gateways. And it's native in IPv6. Many commercial clients available.
Layer 4 technologies -> ssh, TLS.
Open VPN uses TLS, Open SSL , certificates. For our large institution, openvpn seemed to be the solution, because it would be scalable. It's been designed as client and server are the same software. Does layer 2 and 3 encryption. UDP tunnels - TCP also supported. Very easy to configure, confs can be pushed to the client.
It's been running for 4 years - initially on debian and it's now running FreeBSD, using Php+Mysql+Apache for managing - those tools are available email Russel to get them.. 9/1 users use windows, so having NSIS service was nice to use and build our installer - one package per user with your personal credentials. First time package creation is 10 seconds. No cpu issues. Ports are globally filtered except maybe for the president of the university. Then Rusell gave us a nice demonstration.
70% of the library transactions at the university of Toronto are done electronically.
Very interesting presentation with demo.
Isolating Cluster Jobs for Performance and Predictability
Clusters using Freebsd from 6.3, 6.4 and going to go to 7.x ...
Clusters needs to be shared for cost issues - but it implies risk. How to use virtualization in a cluster ? How to make the best use of the hardware in the clusters. Mostly focused on sun's grid.
Isolating Cluster Jobs for Performance and Predictability
Clusters using Freebsd from 6.3, 6.4 and going to go to 7.x ... Clusters needs to be shared for cost issues - but it implies risk. How to use virtualization in a cluster ? How to make the best use of the hardware in the clusters. Mostly focused on sun's grid.Had a very interesting with Michael dexter of bsdfund.org about hardware.
eXtreme Programming: FreeBSD a case study
You first start with unit tests because they come directly from the specification. It forces developers to write them. Once written you write the code - and as time passes tests are passing. I think that I really like this concept - you of course need the time to implement that. Ha but extreme programming does not require QA :-( FreeBSD is not an XP project. FreeBSD is agile.Dynamic memory allocation for dirhash in UFS2
Most of the things are done in memory before being committed to disk. this speeds up Directory Lookups. A nice return of experience on a SOC project.Quotes :
"NFS was nice 20 years ago"
"malloc(3) vs. malloc(9)"
"VPN are built using tunnels"
"Managing keys is the biggest problem in Cryptography"
Leave a comment