Tutorials

Tutorial Schedule

Attending the Tutorials at EuroBSDcon 2013 requires prior registration.

Thursday, Sep 26
Room /
Time
Track #1 Catra 1 Track #2 Gifen 1 Track #3 Catra 2 Track #4 Gifen 2
07:45-08:30 Registration, coffee
08:30-10:20 Design and Implementation of the FreeBSD Kernel (Part 1) by Dr. Kirk McKusick FreeBSD: Storage Setup Options with Filesystems, Partitioning, Boot Loaders, and Installers by Paul Schenkeveld pf: Building the Network you Need with Packet Filter by Peter N. M. Hansteen IPv6: Deploying and Managing Networks and Services by Massimiliano Stucchi and Philip Paeps
10:20-10:35 Coffee break
10:35-12:30
12:30-13:30 Lunch in foyer
13:30-15:25 continued HAST: Highly Available Storage on FreeBSD by Jeroen van Nieuwenhuizen continued continued
15:25-15:40 Coffee break
15:40-17:30
17:30-19:00 Spare time, refreshing
19:15-23:00 Optional:
Organized dinner at The Black Pearl
Departure from Hilton entrance by coach
Friday, Sep 27
Room /
Time
Track #1 Catra 1 Track #2 Gifen 1 Track #3 Catra 2 Track #4 Gifen 2 Track #5 Boardroom
07:45-08:30 Registration
08:30-10:20 Design and Implementation of the FreeBSD Kernel (Part 2) by Dr. Kirk McKusick SSH: Mastering Advanced Features and Efficient Usage in Small and Large Environments (half day) by Michael W. Lucas pfSense: Securing your Network in Depth with the Open Source Firewall and VPN Server System by Chris Buechler and Ermal Luçi BGP, OSPF: Advanced Network Routing with OpenOSPFD and OpenBGPD (half day) by Claudio Jeker
10:20-10:35 Coffee break
10:35-12:30
12:30-13:30 Lunch in foyer
13:30-15:25 continued DNSSEC: Mastering DNS Security (with BIND) by Michael W. Lucas continued VoIP: Setting Up and Configuring Asterisk Soft-PBX on BSD by Massimiliano Stucchi Prime Numbers – Breaking the Record by Dr. Landon Curt Noll
15:25-15:40 Coffee break
15:40-17:30
17:30-19:00 Spare time, refreshing
19:15-23:00 Optional:
Organized dinner at Tal Kaptan, Valletta Waterfront
Departure from Hilton entrance by coach

Tutorial Abstracts and Speaker Bio’s

Design and Implementation of the FreeBSD Kernel (2 days) by Dr. Kirk McKusick

Abstract: This course will provide a firm background in the FreeBSD kernel. The POSIX kernel interfaces will be used as examples where they are defined. Where they are not defined, the FreeBSD interfaces will be described. The course will cover basic kernel services, process structure, locking, jails, scheduling, signal handling, and virtual and physical memory management. The kernel I/O structure will be described showing disk management, how I/O is multiplexed, and the configuration of special devices. Next the organization of the filesystem will be described showing how its buffer pool is integrated with the virtual memory system. The course then covers the implementation of the fast filesystem and its capabilities including soft updates and snapshots. The filesystem interface will then be generalized to show how to support multiple filesystem types. The course also covers the socket-based network architecture, layering, and implementation. The socket communications primitives and internal layering will be discussed, with emphasis on the interfaces between the layers; the TCP/IP implementation will be used as an example. A discussion of routing issues will be included. The presentations will emphasize code organization, data structure navigation, and algorithms. It will not cover the machine specific parts of the system such as the implementation of device drivers.

Thursday morning – Kernel Overview

  • Process structure
  • Locking
  • Communications
  • Process Groups and Sessions
  • Jails Scheduling
  • Signals and timers
  • Virtual memory management

Thursday afternoon – Kernel I/O structure

  • I/O data structures
  • Disk Management
  • Multiplexing I/O
  • Autoconfiguration strategy
  • Configuration of a device driver

Friday morning – Filesystems Overview

  • Filesystem organization
  • Block I/O system (buffer cache)
  • Filesystem implementation
  • Soft Updates and Snapshots
  • Support for multiple filesystems

Friday afternoon – Networking Implementation

  • System layers and interfaces
  • Internet Protocols
  • Mbufs and control blocks
  • Routing issues
  • TCP algorithms

Course Text: Marshall Kirk McKusick, Keith Bostic, Michael J Karels, and John S. Quarterman, “The Design and Implementation of the 4.4BSD Operating System”, Addison-Wesley Publishing Company, Reading, Massachusetts, 1996, 608 pages.

About the Tutor: Dr. Marshall Kirk McKusick writes books and articles, teaches classes on UNIX- and BSD-related subjects, and provides expert-witness testimony on software patent, trade secret, and copyright issues particularly those related to operating systems and filesystems. He has been a developer and committer to the FreeBSD Project since its founding in 1994. While at the University of California at Berkeley, he implemented the 4.2BSD fast filesystem and was the Research Computer Scientist at the Berkeley Computer Systems Research Group (CSRG) overseeing the development and release of 4.3BSD and 4.4BSD. He earned his undergraduate degree in electrical engineering from Cornell University and did his graduate work at the University of California at Berkeley, where he received master’s degrees in computer science and business administration and a doctoral degree in computer science. He has twice been president of the board of the Usenix Association, is currently a member of the editorial board of ACM’s Queue magazine, and is a member of the Usenix Association and ACM, and is a senior member of the IEEE.

In his spare time, he enjoys swimming, scuba diving, and wine collecting. The wine is stored in a specially constructed wine cellar (accessible from the Web at http://www.mckusick.com/~mckusick/) in the basement of the house that he shares with Eric Allman, his domestic partner of 30-and-some-odd years.

pf: Building the Network you Need with Packet Filter (1 day) by Peter N. M. Hansteen

Abstract: The OpenBSD packet filter is a crucial component in the networking toolbox. This session by Book of PF author Peter Hansteen offers an opportunity to learn how to take control of your traffic and your network using state of the art tools. Basic TCP/IP knowledge is required and assumed, but we’ll make an effort fit the content to the participants’ needs and skill level.

This session is aimed at experienced or aspiring network administrators who want to expand their knowledge of PF, the OpenBSD packet filter, and related tools. A basic knowledge of Unix and TCP/IP network configuration is expected and required. Topics covered include

  • Configuration on OpenBSD, FreeBSD and NetBSD
  • PF ruleset basics and rule interactions: block, pass, match
  • Writing maintainable rulesets
  • Address families: IPv4 NAT vs IPv6
  • Redirection, divert and services with odd dependencies (ftp-proxy, spamd)
  • Adaptive rulesets (state tracking tricks)
  • ALTQ traffic shaping
  • Per user filtering with authpf
  • High availability with CARP, relayd
  • Wireless vs wired networks
  • Filtering bridges
  • Logging and monitoring with pflog, pflow and others
  • Testing, debugging, and optimizing your configuration

The session will provide updates on the new PF syntax and features introduced in OpenBSD 4.7 (with samples presented in the old and new syntax where appropriate), with newer updates, overview of relevant new features in the upcoming OpenBSD 5.4 release (planned release date November 1st, 2013) and time allowing hints at future developments.

About the Tutor: Peter N. M. Hansteen is a consultant, sysadmin and writer from Bergen, Norway. Realizing that his rock’n’roll career was going nowhere, he started tinkering with computers in the mid 1980s, and rediscovered Unixes about the time 386BSD appeared. By a natural progression of real-world challenges and a need to find useful solutions, he ended up with a strong preference for open source in general and OpenBSD in particular. A longtime freenix advocate, he is a member of the BLUG (Bergen (BSD and) Linux User Group) core group and a former vice president of NUUG (the Norwegian Unix User Group, the local USENIX sister organization).

pfSense: Securing your Network in Depth with the Open Source Firewall and VPN Server System (1 day) by Chris Buechler and Ermal Luçi

Abstract: In order for the Internet to continue to scale, IPv6 will need to become widely adopted in the coming years. The recent pfSense 2.1 release brings IPv6 support comparable with any commercial firewall solution. This full day tutorial will go over what you need to know about IPv6 to deploy it with pfSense. We will cover a range of topics including obtaining connectivity, general considerations in IPv6 deployments, firewall deployment considerations, new security concerns and how existing security concerns are applicable, and more. We will also go over recent developments in the project in general, as work progresses on the 2.2 release.

About the Tutors: Chris Buechler is the co-founder of the pfSense open source firewall distribution and its corporate arm, where he manages the project and works with clients on a wide range of networking and security-related needs. Chris has more than a decade of IT experience and holds numerous industry certifications. He has presented on security and networking topics at more than 20 conferences in the US, Canada and Europe.

Ermal Luçi is one of the core pfSense developers, and also a FreeBSD source committer. He makes a living working on pfSense. He earned a Bachelor’s Degree and a Master of Science in Computer Science from University of Tirana, Tirane, Albania. If not busy with working on pfSense he does work on FreeBSD and consulting. In his spare time he enjoys traveling and exploring other cultures.

SSH: Mastering Advanced Features and Efficient Usage in Small and Large Environments (half day) by Michael W. Lucas

Abstract: The class will learn to do the following with both OpenSSH and PuTTY:

  • Eliminate passwords.
  • Manage access to SSH server by users, groups, addresses, and more
  • Securely move files around your network
  • Forward graphic displays from one host to another
  • Forward TCP connections
  • Centrally manage host keys and client configurations
  • Use SSH as a secure transport for other applications
  • Secure applications run over SSH

About the Tutor: Michael W. Lucas has spent the last twenty years as a network and systems administrator. He is the author of Absolute FreeBSD, Absolute OpenBSD, DNSSEC Mastery, PGP & GPG, SSH Mastery, and more.

DNSSEC: Mastering DNS Security (with BIND) (half day) by Michael W. Lucas

Abstract: The class will learn about:

  • the design of DNSSEC
  • troubleshooting DNSSEC with dig and other tools
  • attaching your domains to the DNSSEC trust anchors
  • key and signature rotation
  • manual and automated key verification
  • using DNSSEC to distribute SSL certificates, SSH host keys, and more

Students should already understand basic DNS, including: master and slave servers, basic use of dig or nslookup, domain registrars, forward and reverse DNS, and basic TCP/IP.

About the Tutor: Michael W. Lucas has spent the last twenty years as a network and systems administrator. He is the author of Absolute FreeBSD, Absolute OpenBSD, DNSSEC Mastery, PGP & GPG, SSH Mastery, and more.

IPv6: Deploying and Managing Networks and Services (1 day) by Massimiliano Stucchi and Philip Paeps

Abstract: With the IPv4 depletion closer and closer, there is a rising need to be able to work with IPv6 in our everyday life. This tutorial aims at putting the audience with their hands on the new protocol, creating a test network and managing applications running on top of it. The tutorial is divided in small theory sessions, and a series of hands-on sessions right after them, where lessons learned will be applied in a real life environment.

We all know that IPv4 is running out faster than we could ever predict, and everybody should start getting acquainted with IPv6, a protocol – or better a suite of protocols – that has been available and usable for more than ten years but never got the right level of audience. Being ahead of the majority of the people will give those who were smart enough a lead over those that underestimated the ‘threat’.

This tutorial is intended for people wanting to get a greater grasp on the technology and implications of running IPv6, and will be presented along with a series of lab session to get running in this somewhat new world. There will be an introduction shedding light on key concepts and features, preparing the attendees for the rest of the session, focusing on putting hands on an IPv6-only network and connecting it to the world at large.

Focus will be on a hands-on approach, where the participant is requested to act and work on configuring services over a real network after a brief theoretical introduction to highlight key concepts. Topics of the tutorial include IPv6 subnetting, protocol implementation for different common internet services like www, mail, dns, along with digressions over routing protocols and implementations such as DS-LITE and NATx4

At the end of the session, participants should be able to set up an IPv6-enabled network with no hassle, and with the required know-how to migrate services to the new protocol, transition mechanisms and procedures, and everything else needed.

The tutorial is supported by a remote lab where every participant will be given a series of virtual machines to configure following the topics presented in the theory sessions, and will also have to relate to others to complete the required exercises, like setting up web services and interacting with other groups to test their communication on the live internet. Every participant will also be given a three week period over which the virtual machines will still work, so that he can keep on trying out IPv6 to strengthen key concepts outside of the class.

About the Tutors: Massimiliano Stucchi is a trainer at the RIPE NCC. In his position he travels around the RIPE region to perform trainings on how to better use the resources assigned by his employer.  In his past life he was CTO, founder and owner of an ISP/ITSP/WISP and also a consultant with experience ranging from web technologies to carrier-grade networking topics.  He is vice president of the Italian FreeBSD Users Group (GUFI), and in his spare time likes running and hiking around any possible mountain.

Philip Paeps is an independent consultant and contractor based in Belgium.  Philip provides research and development on operating systems, particularly in an embedded, real-time or massively parallel context. His main interests are bootloaders, device drivers and high-performance networking. In his so-called free time, Philip is a FreeBSD committer contributing mainly to the kernel and a member of the FreeBSD security team. He is also deeply involved in the organization of FOSDEM, one of the largest annual open source conferences in Europe.

VoIP: Setting Up and Configuring Asterisk Soft-PBX on BSD (half day) by Massiniliano Stucchi

Abstract: VoIP is now leading a revolution in the way the World communicates, and is the rising concept which will allow seamless integration between Voice and data networks. Proprietary systems such as Skype are out there, but are you aware of the endless possibilities of communications given by running your own asterisk system over your favorite operating system? In this tutorial we will introduce the key concepts around VoIP, and we will guide you through the terminology, setup and troubleshooting of a small VoIP network, looking towards a connection to some VoIP providers, setting up a simple IVR system, along with some ideas on how to integrate this work in an existing phone system.

This tutorial will guide you through the installation and configuration of the Asterisk Telephony system on BSD. Key telephony concepts are explained during the process to help the audience get into this new world with the right know-how, as well as the hands-on needed to manage the software. Advanced topics are covered such as AGI integration and PRI devices, including driver installation and integration. In the course of the tutorial I’ll be presenting the Daemonswitch project, which aims at creating a full featured easy-to-install version of FreeBSD already configured to work with Asterisk, with a configuration panel and preconfigured drivers.

About the Tutor: Massimiliano Stucchi is a trainer at the RIPE NCC. In his position he travels around the RIPE region to perform trainings on how to better use the resources assigned by his employer.  In his past life he was CTO, founder and owner of an ISP/ITSP/WISP and also a consultant with experience ranging from web technologies to carrier-grade networking topics.  He is vice president of the Italian FreeBSD Users Group (GUFI), and in his spare time likes running and hiking around any possible mountain.

FreeBSD: Storage Setup Options with Filesystems, Partitioning, Boot Loaders, and Installers (half day) by Paul Schenkeveld

Abstract: FreeBSD offers many different ways to organize storage space. Which configuration to choose is not always a trivial task unless you do this frequently.

This tutorial gives an in-depth overview of filesystems, partition managers, RAID modules, encryption layers, network storage options and boot loaders. After this overview real world configurations will be explained so attendees will leave this tutorial with enough information to make sensible decisions for installing the next system.

Preliminary table of contents:

  1. Genesis
  2. Partitioning
  3. PC world
  4. FreeBSD – traditional disk layout
  5. Ever growing disks
  6. Salami method
  7. UNIX filesystems
  8. Improvements
  9. Modern filesystems
  10. ZFS – life after Sunset
  11. Bootstrap loaders
  12. Boot environments
  13. GEOM
  14. HAST – High Availability STorage
  15. BSD installer(s)
  16. Planning your FreeBSD installation
  17. Your typical laptop or desktop
  18. A server with 2 disks and UFS filesystems
  19. A server with 3 or 5 disks and UFS filesystems
  20. A server with >= 2 disks and ZFS filesystems
  21. Encrypting everything
  22. Tips and tricks

Basic knowledge of (UNIX-like) operating system is assumed, having installed such a system one or more times is preferred.

About the Tutor: Paul Schenkeveld started programming computers while at high school when very few students had ever seen a computer. After finishing high school he decided to find a job as few people knew computers and demand was high. He first met UNIX in 1983 and immediately knew this was the OS to work with. After five jobs programming and supporting computers he became an independent consultant for UNIX, IP networking and security.

Having worked with many commercial UNIX versions during ten years, he found FreeBSD which he first installed when version 1.0 came out to be much more fun to play with. Today, he spends most of his time on projects involving (Free)BSD and, networking and security.

In the last three decades Paul has installed thousands of computers ranging from very small embedded systems to laptops, desktops and small and big servers. He knows like no other about the importance of choosing the right storage layout before starting the installation of a system.

Paul likes travelling, is active in Scouting and loves the food his Thai wife cookes for him and their son.

HAST: Highly Available Storage on FreeBSD (half day) by Jeroen van Nieuwenhuizen

Abstract: The tutorial will consist of 1.5 hours of introduction into HAST, how HAST works and needed components like CARP to be able to use it in a real world scenario. Also some comparison with other (open source) solutions is drawn. The second half consists of a lab in which the participants are encouraged to build an environment based on several possible case studies. E.g. a failover nfs server, mailserver etc.

About the Tutor: Jeroen studied Computer Science at the University of Twente in the late 90’s. He currently works as a Unix consultant for Snow B.V. and advises customers on infrastructure related issues.

BGP, OSPF: Advanced Network Routing with OpenOSPFD and OpenBGPD (half day) by Claudio Jeker

Abstract: OpenBSD is well known for its strength as a firewall and also its routing daemons. However many people hesitate to use dynamic routing in their networks. This tutorial will  show the best common practices on how to use ospfd, bgpd or npppd to build better networks. Additionally it will be shown how multiple routing tables and rdomains can be used to divide networks in an efficent way.

About the Tutor: Claudio Jeker is OpenBSD committer since late 2003 and works on many network related projects like bgpd, ospfd, ospf6d and the network stack itself.

Prime Numbers: Breaking the Record (half day) by Dr. Landon Curt Noll (Special Track on Friday)

Abstract: The quest to discover a new largest known prime has been on going for centuries. Those seeking to break the record for the largest known prime have pushed the bounds of computing. We have come a long way since 1978 when Landon’s record breaking 6533-digit prime was discovered. Today’s largest known prime is more than 17 million digits long! To encourage the discovery of ever-larger primes, awards of $150000 and $250000 are offered to the first published proof of a discovery of a prime of at least 100 million and 1 billion digits respectively.

The search for the largest known prime requires writing and running code that must run to completion, without any errors. Because it takes a very long time to run to completion (several thousand hours in many cases), the code must run correctly the very first time! A significant QA effort is required to write 100% error-free code. Moreover considerable effort must be put into fault tolerant coding and recovery from the eventual operating system and hardware errors that will arise. The record goes neither to the fastest coder nor to the person with the fastest hardware but rather to the first result that is proven to be correct.

How are these large primes discovered? What are some of the best ways to find a new world record-sized prime number? These and other prime questions will be explored. We will examine software and hardware based approaches and will look at code fragments and hardware machine state diagrams. Knowledge of advanced mathematics is not required for this seminar and active participation is welcomed.

About the Tutor: Landon serves as a technical leader in Cisco’s Data Center Group. His Cisco responsibilities encompass high-performance computing, cryptography, and security analysis.

Landon has held or co-held eight world records related to the discovery of large prime numbers, several of which were published in the Guinness World Records book. As chair of the EFF Cooperative Computing Award advisory committee, he helps oversee the awarding of $550,000 to the first published proofs of certain very large prime numbers.

Landon is an Astronomer who is studying the inner solar system. He has made astronomical observations all over the world: most recently from the Libyan Sahara, the Chinese Gobi, the Eniwetok Atoll, from French Polynesia and the South Pole. Landon graduated from Linfield College with a BA in Math/Physics. He is a member of the American Mathematical Society and is an associate of the American Astronomical Society.

EuroBSDcon 2014:

Check the 2014 conference website for information on the next EuroBSDcon!

Platinum sponsors:




Gold sponsors:



Silver sponsors:



Subscribe to our announcements

Mascot

EuroBSDcon 2013 Mascot