SlideShare a Scribd company logo

MOD server & FreeBSD (FreeBSD Day Taiwan)

Kevin Lo
Kevin Lo

MOD server & FreeBSD (FreeBSD Day Taiwan)

Engineering
1 of 24
Download to read offline
MOD server and FreeBSD Kevin Lo msi funtoro The FreeBSD project
The beginning ...
Why choose FreeBSD It was chosen by accident Apart from that, there are a couple of good reasons
Why choose FreeBSD,cont. ● The community is always willing to help out ● The ports tree contains a large collection of 3rd party software ● Service initialization is simple rc.conf(5) ● Creating a customized memstick/iso is easy release(7) ● The BSD license, high performance network, stable, etc.
Architecture From http://www.funtoroeurope.com/files/clankove/struktura-bus.jpg
development(7) Based on -CURRENT; see Benno Rice's talk on keeping current: https://goo.gl/C5tWYa Building a memstick/iso on bhyve(4)
Making root file system read only ● /etc/fstab: # Device Mountpoint FStype Options Dump Pass# /dev/gpt/rootfs / ufs ro 1 1 ● /etc/rc.conf: hostid_enable="NO" sendmail_enable="NONE" syslogd_enable="NO" dumpdev="NO" root_rw_mount="NO" update_motd="NO"
Making root file system read only, cont. ● A Few things which should be taken care of 3rd party applications such as MySQL /etc/localtime, /etc/resolv.conf /var/db/pkg For example, you might add a line to /etc/rc.d/var that symlinks the directory to /var/db/pkg
Managing services boot order Services can be skipped during the boot time because impacted services haven't access to resources that haven't been booted yet Control services boot order with rcorder(8) # rcorder /etc/rc.d/* /usr/local/etc/rc.d/* ... /etc/rc.d/moused rcorder: requirement `usbd' in file `/usr/local/etc/rc.d/hald' has no providers. /usr/local/etc/rc.d/hald ...
Multicast TFTP server (atftpd) Clients need to download an image of the kernel through TFTP Unfortunately atftpd only built on Linux machine https://bugs.debian.org/cgi-bin/bugreport.cgi? bug=522192 Ported to FreeBSD (r262417)
Issues and solutions in our deployment File systems Networking
File systems FUSE MSDOSFS NTFS UFS2 EXT2FS TMPFS
FUSE FUSE is SLOW
MSDOSFS Lack of Unicode support Added Unicode support to MSDOSFS, SMBFS, and NTFS (r227650, r228023) Cannot export a msdosfs file system bigger than 128GB with NFS Doesn't change ctime and mtime
NTFS Lack of write support GSoC 2012 project "NTFS for FreeBSD" was based on Apple implementation Removed NTFS kernel support (r241636, r247665) Possible solution:Tuxera NTFS kernel driver
UFS2 In rw mode, softupdates + journaling = corruption ?! We disable journaling on all our UFS2 devices and in addition use this: background_fsck="NO" fsck_y_enable="YES" There's no open source utility that can read and write to UFS(2) partitions in Windows
EXT2FS Lack of journaling and EXT4 write supports Open source utilities (Ext2Fsd, Ext2IFS) are available for Windows that allow both reading and writing EXT2/3/4 partitions
TMPFS Could not be exported over NFS Quick fix for adding NFS export support to TMPFS (r230208); plus a bug fixed by jh: allow update mounts only for certain options(r234346)
Networking NICs rpcbind(8) Firewalls
NICs: em(4) Works good without known wired behavior and has produced good performance over a gigabit wire The datasheet is available The client was unable to mount NFS share over UDP Fixed by yongari (r214441) Incorrect Rx checksum handling when testing VLC's UDP-Lite (r264212) streaming mode Corrections to the RX checksum code (r249509)
NICs: re(4) Fails at high traffic; stress test with ftp/axel re0: watchdog timeout re0: link state changed to DOWN Use the vendor driver with minor modifications but it has one drawback: it doesn't use miibus(4) The datasheet is not available
rpcbind(8) rpcbind can be abused by remote attackers for rpc amplification attacks(DDoS) Prevent rpcbind from listening on all interfaces for UDP and TCP connections rpcbind_flags="-h 192.168.1.1" nfs_server_flags="-h 192.168.1.1" mountd_flags="-h 192.168.1.1"
Firewalls: ipfw(4) & pf(4) Kernel panic with pf kept happening locking issue; fixed as r226938 Switching to ipfw makes me/us happy
Support the FreeBSD project https://www.freebsdfoundation.org/donate/

Recommended

olf10
olf10olf10
olf10
Dru Lavigne
 
Introduction to Btrfs - FLOSS UK Spring Conference York 2015
Introduction to Btrfs - FLOSS UK Spring Conference York 2015Introduction to Btrfs - FLOSS UK Spring Conference York 2015
Introduction to Btrfs - FLOSS UK Spring Conference York 2015
Richard Melville
 
Part 03 File System Implementation in Linux
Part 03 File System Implementation in LinuxPart 03 File System Implementation in Linux
Part 03 File System Implementation in Linux
Tushar B Kute
 
Case study of BtrFS: A fault tolerant File system
Case study of BtrFS: A fault tolerant File systemCase study of BtrFS: A fault tolerant File system
Case study of BtrFS: A fault tolerant File system
Kumar Amit Mehta
 
Lavigne bsdmag may13
Lavigne bsdmag may13Lavigne bsdmag may13
Lavigne bsdmag may13
Dru Lavigne
 
Tlf2013
Tlf2013Tlf2013
Tlf2013
Dru Lavigne
 
4. linux file systems
4. linux file systems4. linux file systems
4. linux file systems
Marian Marinov
 
Nelf2013
Nelf2013Nelf2013
Nelf2013
Dru Lavigne
 

Recommended

olf10
olf10olf10
olf10
Dru Lavigne
 
Introduction to Btrfs - FLOSS UK Spring Conference York 2015
Introduction to Btrfs - FLOSS UK Spring Conference York 2015Introduction to Btrfs - FLOSS UK Spring Conference York 2015
Introduction to Btrfs - FLOSS UK Spring Conference York 2015
Richard Melville
 
Part 03 File System Implementation in Linux
Part 03 File System Implementation in LinuxPart 03 File System Implementation in Linux
Part 03 File System Implementation in Linux
Tushar B Kute
 
Case study of BtrFS: A fault tolerant File system
Case study of BtrFS: A fault tolerant File systemCase study of BtrFS: A fault tolerant File system
Case study of BtrFS: A fault tolerant File system
Kumar Amit Mehta
 
Lavigne bsdmag may13
Lavigne bsdmag may13Lavigne bsdmag may13
Lavigne bsdmag may13
Dru Lavigne
 
Tlf2013
Tlf2013Tlf2013
Tlf2013
Dru Lavigne
 
4. linux file systems
4. linux file systems4. linux file systems
4. linux file systems
Marian Marinov
 
Nelf2013
Nelf2013Nelf2013
Nelf2013
Dru Lavigne
 
Linux kernel
Linux kernelLinux kernel
Linux kernel
Siji Sunny
 
Btrfs by Chris Mason
Btrfs by Chris MasonBtrfs by Chris Mason
Btrfs by Chris MasonTerry Wang
 
Linux kernel booting
Linux kernel bootingLinux kernel booting
Linux kernel booting
Ramin Farajpour Cami
 
Debian on ARM - Gnunify2015
Debian on ARM - Gnunify2015Debian on ARM - Gnunify2015
Debian on ARM - Gnunify2015
Siji Sunny
 
Проблема фрагментации виртуальных дисков и способы её решения -- Дмитрий Монахов
Проблема фрагментации виртуальных дисков и способы её решения -- Дмитрий МонаховПроблема фрагментации виртуальных дисков и способы её решения -- Дмитрий Монахов
Проблема фрагментации виртуальных дисков и способы её решения -- Дмитрий Монахов
OpenVZ
 
Linux file system
Linux file systemLinux file system
Linux file system
Midaga Mengistu
 
Vfs
VfsVfs
Vfs
Waqas !!!!
 
Linux kernel system call
Linux kernel system callLinux kernel system call
Linux kernel system call
Ramin Farajpour Cami
 
11 linux filesystem copy
11 linux filesystem copy11 linux filesystem copy
11 linux filesystem copy
Shay Cohen
 
linux file system
linux file systemlinux file system
linux file system
AryaTadbir Network Designers
 
Linux Tor Browser kurulum
Linux Tor Browser kurulumLinux Tor Browser kurulum
Linux Tor Browser kurulum
reso95
 
Users guide-to-winfe
Users guide-to-winfeUsers guide-to-winfe
Users guide-to-winfeGol D Roger
 
File Systems
File SystemsFile Systems
File SystemsAnil Kumar Pugalia
 
Ext filesystem4
Ext filesystem4Ext filesystem4
Ext filesystem4
Neha Kulkarni
 
Os2
Os2Os2
Os2
sbk50000
 
How to mount ntfs in linux
How to mount ntfs in linuxHow to mount ntfs in linux
How to mount ntfs in linux
siraza5
 
Windows 真的不好用...
Windows 真的不好用...Windows 真的不好用...
Windows 真的不好用...
Chih-Hsuan Kuo
 
005 skyeye
005 skyeye005 skyeye
005 skyeyeSherif Mousa
 
Linux io-stack-diagram v1.0
Linux io-stack-diagram v1.0Linux io-stack-diagram v1.0
Linux io-stack-diagram v1.0bsd free
 
Pc bsd-intro
Pc bsd-introPc bsd-intro
Pc bsd-introShteryana Shopova
 
The TCP/IP stack in the FreeBSD kernel COSCUP 2014
The TCP/IP stack in the FreeBSD kernel COSCUP 2014The TCP/IP stack in the FreeBSD kernel COSCUP 2014
The TCP/IP stack in the FreeBSD kernel COSCUP 2014Kevin Lo
 
Train 2012 MOD
Train 2012 MODTrain 2012 MOD
Train 2012 MOD
FUNTORO Europe
 

More Related Content

What's hot

Linux kernel
Linux kernelLinux kernel
Linux kernel
Siji Sunny
 
Btrfs by Chris Mason
Btrfs by Chris MasonBtrfs by Chris Mason
Btrfs by Chris MasonTerry Wang
 
Linux kernel booting
Linux kernel bootingLinux kernel booting
Linux kernel booting
Ramin Farajpour Cami
 
Debian on ARM - Gnunify2015
Debian on ARM - Gnunify2015Debian on ARM - Gnunify2015
Debian on ARM - Gnunify2015
Siji Sunny
 
Проблема фрагментации виртуальных дисков и способы её решения -- Дмитрий Монахов
Проблема фрагментации виртуальных дисков и способы её решения -- Дмитрий МонаховПроблема фрагментации виртуальных дисков и способы её решения -- Дмитрий Монахов
Проблема фрагментации виртуальных дисков и способы её решения -- Дмитрий Монахов
OpenVZ
 
Linux file system
Linux file systemLinux file system
Linux file system
Midaga Mengistu
 
Vfs
VfsVfs
Vfs
Waqas !!!!
 
Linux kernel system call
Linux kernel system callLinux kernel system call
Linux kernel system call
Ramin Farajpour Cami
 
11 linux filesystem copy
11 linux filesystem copy11 linux filesystem copy
11 linux filesystem copy
Shay Cohen
 
linux file system
linux file systemlinux file system
linux file system
AryaTadbir Network Designers
 
Linux Tor Browser kurulum
Linux Tor Browser kurulumLinux Tor Browser kurulum
Linux Tor Browser kurulum
reso95
 
Users guide-to-winfe
Users guide-to-winfeUsers guide-to-winfe
Users guide-to-winfeGol D Roger
 
Ext filesystem4
Ext filesystem4Ext filesystem4
Ext filesystem4
Neha Kulkarni
 
Os2
Os2Os2
Os2
sbk50000
 
How to mount ntfs in linux
How to mount ntfs in linuxHow to mount ntfs in linux
How to mount ntfs in linux
siraza5
 
Windows 真的不好用...
Windows 真的不好用...Windows 真的不好用...
Windows 真的不好用...
Chih-Hsuan Kuo
 
Linux io-stack-diagram v1.0
Linux io-stack-diagram v1.0Linux io-stack-diagram v1.0
Linux io-stack-diagram v1.0bsd free
 

What's hot (20)

Linux kernel
Linux kernelLinux kernel
Linux kernel
 
Btrfs by Chris Mason
Btrfs by Chris MasonBtrfs by Chris Mason
Btrfs by Chris Mason
 
Linux kernel booting
Linux kernel bootingLinux kernel booting
Linux kernel booting
 
Debian on ARM - Gnunify2015
Debian on ARM - Gnunify2015Debian on ARM - Gnunify2015
Debian on ARM - Gnunify2015
 
Проблема фрагментации виртуальных дисков и способы её решения -- Дмитрий Монахов
Проблема фрагментации виртуальных дисков и способы её решения -- Дмитрий МонаховПроблема фрагментации виртуальных дисков и способы её решения -- Дмитрий Монахов
Проблема фрагментации виртуальных дисков и способы её решения -- Дмитрий Монахов
 
Linux file system
Linux file systemLinux file system
Linux file system
 
Vfs
VfsVfs
Vfs
 
Linux kernel system call
Linux kernel system callLinux kernel system call
Linux kernel system call
 
11 linux filesystem copy
11 linux filesystem copy11 linux filesystem copy
11 linux filesystem copy
 
linux file system
linux file systemlinux file system
linux file system
 
Linux Tor Browser kurulum
Linux Tor Browser kurulumLinux Tor Browser kurulum
Linux Tor Browser kurulum
 
Users guide-to-winfe
Users guide-to-winfeUsers guide-to-winfe
Users guide-to-winfe
 
File Systems
File SystemsFile Systems
File Systems
 
Ext filesystem4
Ext filesystem4Ext filesystem4
Ext filesystem4
 
Os2
Os2Os2
Os2
 
How to mount ntfs in linux
How to mount ntfs in linuxHow to mount ntfs in linux
How to mount ntfs in linux
 
Windows 真的不好用...
Windows 真的不好用...Windows 真的不好用...
Windows 真的不好用...
 
005 skyeye
005 skyeye005 skyeye
005 skyeye
 
Linux io-stack-diagram v1.0
Linux io-stack-diagram v1.0Linux io-stack-diagram v1.0
Linux io-stack-diagram v1.0
 
Pc bsd-intro
Pc bsd-introPc bsd-intro
Pc bsd-intro
 

Viewers also liked

The TCP/IP stack in the FreeBSD kernel COSCUP 2014
The TCP/IP stack in the FreeBSD kernel COSCUP 2014The TCP/IP stack in the FreeBSD kernel COSCUP 2014
The TCP/IP stack in the FreeBSD kernel COSCUP 2014Kevin Lo
 
Train 2012 MOD
Train 2012 MODTrain 2012 MOD
Train 2012 MOD
FUNTORO Europe
 
Raspberry Pi Introduction
Raspberry Pi IntroductionRaspberry Pi Introduction
Raspberry Pi Introduction
Michal Sedlak
 
Esalter web-cirilica
Esalter web-cirilicaEsalter web-cirilica
Esalter web-cirilica
nemanjakovacevic
 
Ahlan Ramadan presentation
Ahlan Ramadan presentationAhlan Ramadan presentation
Ahlan Ramadan presentationbintMahmood
 
Recommendatory report based on a study on emerging trends of csr in india
Recommendatory report based on a study on emerging trends of csr in indiaRecommendatory report based on a study on emerging trends of csr in india
Recommendatory report based on a study on emerging trends of csr in india
varunkmr26
 
Sms obaveštenja - prezentacija
Sms obaveštenja - prezentacijaSms obaveštenja - prezentacija
Sms obaveštenja - prezentacija
nemanjakovacevic
 
Web Apps for the Masses
Web Apps for the MassesWeb Apps for the Masses
Web Apps for the Masses
David Tufts
 
Esalter web-latinica
Esalter web-latinicaEsalter web-latinica
Esalter web-latinica
nemanjakovacevic
 
สายตาสั้น
สายตาสั้นสายตาสั้น
สายตาสั้น
Methawee Srirattanasopon
 
Esalter cirilica
Esalter cirilicaEsalter cirilica
Esalter cirilica
nemanjakovacevic
 
Celebracion especial dd.hh y la paz.
Celebracion especial dd.hh y la paz.Celebracion especial dd.hh y la paz.
Celebracion especial dd.hh y la paz.zitamaria
 
สตอก
สตอกสตอก
สตอก
Methawee Srirattanasopon
 
Esalter latinica
Esalter latinicaEsalter latinica
Esalter latinica
nemanjakovacevic
 
WordCamp GR 2012 Web Apps for the Masses
WordCamp GR 2012 Web Apps for the MassesWordCamp GR 2012 Web Apps for the Masses
WordCamp GR 2012 Web Apps for the Masses
David Tufts
 

Viewers also liked (20)

The TCP/IP stack in the FreeBSD kernel COSCUP 2014
The TCP/IP stack in the FreeBSD kernel COSCUP 2014The TCP/IP stack in the FreeBSD kernel COSCUP 2014
The TCP/IP stack in the FreeBSD kernel COSCUP 2014
 
Train 2012 MOD
Train 2012 MODTrain 2012 MOD
Train 2012 MOD
 
Raspberry Pi Introduction
Raspberry Pi IntroductionRaspberry Pi Introduction
Raspberry Pi Introduction
 
Esalter web-cirilica
Esalter web-cirilicaEsalter web-cirilica
Esalter web-cirilica
 
Ahlan Ramadan presentation
Ahlan Ramadan presentationAhlan Ramadan presentation
Ahlan Ramadan presentation
 
Recommendatory report based on a study on emerging trends of csr in india
Recommendatory report based on a study on emerging trends of csr in indiaRecommendatory report based on a study on emerging trends of csr in india
Recommendatory report based on a study on emerging trends of csr in india
 
Sms obaveštenja - prezentacija
Sms obaveštenja - prezentacijaSms obaveštenja - prezentacija
Sms obaveštenja - prezentacija
 
Web Apps for the Masses
Web Apps for the MassesWeb Apps for the Masses
Web Apps for the Masses
 
My presentation
My presentationMy presentation
My presentation
 
Esalter web-latinica
Esalter web-latinicaEsalter web-latinica
Esalter web-latinica
 
Tec1
Tec1Tec1
Tec1
 
Esalter madjarski
Esalter madjarskiEsalter madjarski
Esalter madjarski
 
สายตาสั้น
สายตาสั้นสายตาสั้น
สายตาสั้น
 
Esalter web-madjarski
Esalter web-madjarskiEsalter web-madjarski
Esalter web-madjarski
 
สตอก
สตอกสตอก
สตอก
 
Esalter cirilica
Esalter cirilicaEsalter cirilica
Esalter cirilica
 
Celebracion especial dd.hh y la paz.
Celebracion especial dd.hh y la paz.Celebracion especial dd.hh y la paz.
Celebracion especial dd.hh y la paz.
 
สตอก
สตอกสตอก
สตอก
 
Esalter latinica
Esalter latinicaEsalter latinica
Esalter latinica
 
WordCamp GR 2012 Web Apps for the Masses
WordCamp GR 2012 Web Apps for the MassesWordCamp GR 2012 Web Apps for the Masses
WordCamp GR 2012 Web Apps for the Masses
 

Similar to MOD server & FreeBSD (FreeBSD Day Taiwan)

FreeBSD Portscamp, Kuala Lumpur 2016
FreeBSD Portscamp, Kuala Lumpur 2016FreeBSD Portscamp, Kuala Lumpur 2016
FreeBSD Portscamp, Kuala Lumpur 2016
Muhammad Moinur Rahman
 
WinFE: The (Almost) Perfect Triage Tool
WinFE: The (Almost) Perfect Triage ToolWinFE: The (Almost) Perfect Triage Tool
WinFE: The (Almost) Perfect Triage Tool
Brent Muir
 
Linux Survival Kit for Proof of Concept & Proof of Technology
Linux Survival Kit for Proof of Concept & Proof of TechnologyLinux Survival Kit for Proof of Concept & Proof of Technology
Linux Survival Kit for Proof of Concept & Proof of Technology
Nugroho Gito
 
FreeBSD - LinuxExpo
FreeBSD - LinuxExpoFreeBSD - LinuxExpo
FreeBSD - LinuxExpowebuploader
 
NFS.ppt
NFS.pptNFS.ppt
NFS.ppt
Salman K.h
 
Unix and Linux Common Boot Disk Disaster Recovery Tools by Dusan Baljevic
Unix and Linux Common Boot Disk Disaster Recovery Tools by Dusan BaljevicUnix and Linux Common Boot Disk Disaster Recovery Tools by Dusan Baljevic
Unix and Linux Common Boot Disk Disaster Recovery Tools by Dusan Baljevic
Circling Cycle
 
A million ways to provision embedded linux devices
A million ways to provision embedded linux devicesA million ways to provision embedded linux devices
A million ways to provision embedded linux devices
Mender.io
 
101 2.1 design hard disk layout v2
101 2.1 design hard disk layout v2101 2.1 design hard disk layout v2
101 2.1 design hard disk layout v2
Acácio Oliveira
 
Hacking with ARM Mobile devices on Linux
Hacking with ARM Mobile devices on LinuxHacking with ARM Mobile devices on Linux
Hacking with ARM Mobile devices on Linux
Netwalker lab kapper
 
2.1 design hard disk layout v2
2.1 design hard disk layout v22.1 design hard disk layout v2
2.1 design hard disk layout v2
Acácio Oliveira
 
Linux introduction (eng)
Linux introduction (eng)Linux introduction (eng)
Linux introduction (eng)
Anatoliy Okhotnikov
 
Hp ux-11iv3-multiple-clones-with-dynamic-root-disks-dusan-baljevic-mar2014
Hp ux-11iv3-multiple-clones-with-dynamic-root-disks-dusan-baljevic-mar2014Hp ux-11iv3-multiple-clones-with-dynamic-root-disks-dusan-baljevic-mar2014
Hp ux-11iv3-multiple-clones-with-dynamic-root-disks-dusan-baljevic-mar2014
Circling Cycle
 
Linux conf-admin
Linux conf-adminLinux conf-admin
Linux conf-adminbadamisri
 
Linux conf-admin
Linux conf-adminLinux conf-admin
Linux conf-admin
badamisri
 
Linux fundamentals Training
Linux fundamentals TrainingLinux fundamentals Training
Linux fundamentals Training
Love Steven
 

Similar to MOD server & FreeBSD (FreeBSD Day Taiwan) (20)

FreeBSD Portscamp, Kuala Lumpur 2016
FreeBSD Portscamp, Kuala Lumpur 2016FreeBSD Portscamp, Kuala Lumpur 2016
FreeBSD Portscamp, Kuala Lumpur 2016
 
Sweden11
Sweden11Sweden11
Sweden11
 
Unix 6 en
Unix 6 enUnix 6 en
Unix 6 en
 
WinFE: The (Almost) Perfect Triage Tool
WinFE: The (Almost) Perfect Triage ToolWinFE: The (Almost) Perfect Triage Tool
WinFE: The (Almost) Perfect Triage Tool
 
Linux Survival Kit for Proof of Concept & Proof of Technology
Linux Survival Kit for Proof of Concept & Proof of TechnologyLinux Survival Kit for Proof of Concept & Proof of Technology
Linux Survival Kit for Proof of Concept & Proof of Technology
 
FreeBSD - LinuxExpo
FreeBSD - LinuxExpoFreeBSD - LinuxExpo
FreeBSD - LinuxExpo
 
NFS.ppt
NFS.pptNFS.ppt
NFS.ppt
 
Unix and Linux Common Boot Disk Disaster Recovery Tools by Dusan Baljevic
Unix and Linux Common Boot Disk Disaster Recovery Tools by Dusan BaljevicUnix and Linux Common Boot Disk Disaster Recovery Tools by Dusan Baljevic
Unix and Linux Common Boot Disk Disaster Recovery Tools by Dusan Baljevic
 
A million ways to provision embedded linux devices
A million ways to provision embedded linux devicesA million ways to provision embedded linux devices
A million ways to provision embedded linux devices
 
101 2.1 design hard disk layout v2
101 2.1 design hard disk layout v2101 2.1 design hard disk layout v2
101 2.1 design hard disk layout v2
 
Hacking with ARM Mobile devices on Linux
Hacking with ARM Mobile devices on LinuxHacking with ARM Mobile devices on Linux
Hacking with ARM Mobile devices on Linux
 
2.1 design hard disk layout v2
2.1 design hard disk layout v22.1 design hard disk layout v2
2.1 design hard disk layout v2
 
Linux introduction (eng)
Linux introduction (eng)Linux introduction (eng)
Linux introduction (eng)
 
Basic Linux Internals
Basic Linux InternalsBasic Linux Internals
Basic Linux Internals
 
Hp ux-11iv3-multiple-clones-with-dynamic-root-disks-dusan-baljevic-mar2014
Hp ux-11iv3-multiple-clones-with-dynamic-root-disks-dusan-baljevic-mar2014Hp ux-11iv3-multiple-clones-with-dynamic-root-disks-dusan-baljevic-mar2014
Hp ux-11iv3-multiple-clones-with-dynamic-root-disks-dusan-baljevic-mar2014
 
Linux conf-admin
Linux conf-adminLinux conf-admin
Linux conf-admin
 
Linux Conf Admin
Linux Conf AdminLinux Conf Admin
Linux Conf Admin
 
Linux conf-admin
Linux conf-adminLinux conf-admin
Linux conf-admin
 
Touch your NetBSD
Touch your NetBSDTouch your NetBSD
Touch your NetBSD
 
Linux fundamentals Training
Linux fundamentals TrainingLinux fundamentals Training
Linux fundamentals Training
 

Recently uploaded

Water billing management system project report.pdf
Water billing management system project report.pdfWater billing management system project report.pdf
Water billing management system project report.pdf
Kamal Acharya
 
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
thanhdowork
 
原版制作(unimelb毕业证书)墨尔本大学毕业证Offer一模一样
原版制作(unimelb毕业证书)墨尔本大学毕业证Offer一模一样原版制作(unimelb毕业证书)墨尔本大学毕业证Offer一模一样
原版制作(unimelb毕业证书)墨尔本大学毕业证Offer一模一样
obonagu
 
digital fundamental by Thomas L.floydl.pdf
digital fundamental by Thomas L.floydl.pdfdigital fundamental by Thomas L.floydl.pdf
digital fundamental by Thomas L.floydl.pdf
drwaing
 
一比一原版(Otago毕业证)奥塔哥大学毕业证成绩单如何办理
一比一原版(Otago毕业证)奥塔哥大学毕业证成绩单如何办理一比一原版(Otago毕业证)奥塔哥大学毕业证成绩单如何办理
一比一原版(Otago毕业证)奥塔哥大学毕业证成绩单如何办理
dxobcob
 
KuberTENes Birthday Bash Guadalajara - K8sGPT first impressions
KuberTENes Birthday Bash Guadalajara - K8sGPT first impressionsKuberTENes Birthday Bash Guadalajara - K8sGPT first impressions
KuberTENes Birthday Bash Guadalajara - K8sGPT first impressions
Victor Morales
 
Swimming pool mechanical components design.pptx
Swimming pool mechanical components design.pptxSwimming pool mechanical components design.pptx
Swimming pool mechanical components design.pptx
yokeleetan1
 
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
bakpo1
 
Recycled Concrete Aggregate in Construction Part III
Recycled Concrete Aggregate in Construction Part IIIRecycled Concrete Aggregate in Construction Part III
Recycled Concrete Aggregate in Construction Part III
Aditya Rajan Patra
 
[JPP-1] - (JEE 3.0) - Kinematics 1D - 14th May..pdf
[JPP-1] - (JEE 3.0) - Kinematics 1D - 14th May..pdf[JPP-1] - (JEE 3.0) - Kinematics 1D - 14th May..pdf
[JPP-1] - (JEE 3.0) - Kinematics 1D - 14th May..pdf
awadeshbabu
 
一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理
一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理
一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理
ydteq
 
NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...
NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...
NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...
Amil Baba Dawood bangali
 
Understanding Inductive Bias in Machine Learning
Understanding Inductive Bias in Machine LearningUnderstanding Inductive Bias in Machine Learning
Understanding Inductive Bias in Machine Learning
SUTEJAS
 
sieving analysis and results interpretation
sieving analysis and results interpretationsieving analysis and results interpretation
sieving analysis and results interpretation
ssuser36d3051
 
Hierarchical Digital Twin of a Naval Power System
Hierarchical Digital Twin of a Naval Power SystemHierarchical Digital Twin of a Naval Power System
Hierarchical Digital Twin of a Naval Power System
Kerry Sado
 
Literature Review Basics and Understanding Reference Management.pptx
Literature Review Basics and Understanding Reference Management.pptxLiterature Review Basics and Understanding Reference Management.pptx
Literature Review Basics and Understanding Reference Management.pptx
Dr Ramhari Poudyal
 
Building Electrical System Design & Installation
Building Electrical System Design & InstallationBuilding Electrical System Design & Installation
Building Electrical System Design & Installation
symbo111
 
Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024
Massimo Talia
 
6th International Conference on Machine Learning & Applications (CMLA 2024)
6th International Conference on Machine Learning & Applications (CMLA 2024)6th International Conference on Machine Learning & Applications (CMLA 2024)
6th International Conference on Machine Learning & Applications (CMLA 2024)
ClaraZara1
 
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdf
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdfGoverning Equations for Fundamental Aerodynamics_Anderson2010.pdf
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdf
WENKENLI1
 

Recently uploaded (20)

Water billing management system project report.pdf
Water billing management system project report.pdfWater billing management system project report.pdf
Water billing management system project report.pdf
 
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
 
原版制作(unimelb毕业证书)墨尔本大学毕业证Offer一模一样
原版制作(unimelb毕业证书)墨尔本大学毕业证Offer一模一样原版制作(unimelb毕业证书)墨尔本大学毕业证Offer一模一样
原版制作(unimelb毕业证书)墨尔本大学毕业证Offer一模一样
 
digital fundamental by Thomas L.floydl.pdf
digital fundamental by Thomas L.floydl.pdfdigital fundamental by Thomas L.floydl.pdf
digital fundamental by Thomas L.floydl.pdf
 
一比一原版(Otago毕业证)奥塔哥大学毕业证成绩单如何办理
一比一原版(Otago毕业证)奥塔哥大学毕业证成绩单如何办理一比一原版(Otago毕业证)奥塔哥大学毕业证成绩单如何办理
一比一原版(Otago毕业证)奥塔哥大学毕业证成绩单如何办理
 
KuberTENes Birthday Bash Guadalajara - K8sGPT first impressions
KuberTENes Birthday Bash Guadalajara - K8sGPT first impressionsKuberTENes Birthday Bash Guadalajara - K8sGPT first impressions
KuberTENes Birthday Bash Guadalajara - K8sGPT first impressions
 
Swimming pool mechanical components design.pptx
Swimming pool mechanical components design.pptxSwimming pool mechanical components design.pptx
Swimming pool mechanical components design.pptx
 
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
 
Recycled Concrete Aggregate in Construction Part III
Recycled Concrete Aggregate in Construction Part IIIRecycled Concrete Aggregate in Construction Part III
Recycled Concrete Aggregate in Construction Part III
 
[JPP-1] - (JEE 3.0) - Kinematics 1D - 14th May..pdf
[JPP-1] - (JEE 3.0) - Kinematics 1D - 14th May..pdf[JPP-1] - (JEE 3.0) - Kinematics 1D - 14th May..pdf
[JPP-1] - (JEE 3.0) - Kinematics 1D - 14th May..pdf
 
一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理
一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理
一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理
 
NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...
NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...
NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...
 
Understanding Inductive Bias in Machine Learning
Understanding Inductive Bias in Machine LearningUnderstanding Inductive Bias in Machine Learning
Understanding Inductive Bias in Machine Learning
 
sieving analysis and results interpretation
sieving analysis and results interpretationsieving analysis and results interpretation
sieving analysis and results interpretation
 
Hierarchical Digital Twin of a Naval Power System
Hierarchical Digital Twin of a Naval Power SystemHierarchical Digital Twin of a Naval Power System
Hierarchical Digital Twin of a Naval Power System
 
Literature Review Basics and Understanding Reference Management.pptx
Literature Review Basics and Understanding Reference Management.pptxLiterature Review Basics and Understanding Reference Management.pptx
Literature Review Basics and Understanding Reference Management.pptx
 
Building Electrical System Design & Installation
Building Electrical System Design & InstallationBuilding Electrical System Design & Installation
Building Electrical System Design & Installation
 
Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024
 
6th International Conference on Machine Learning & Applications (CMLA 2024)
6th International Conference on Machine Learning & Applications (CMLA 2024)6th International Conference on Machine Learning & Applications (CMLA 2024)
6th International Conference on Machine Learning & Applications (CMLA 2024)
 
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdf
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdfGoverning Equations for Fundamental Aerodynamics_Anderson2010.pdf
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdf
 

MOD server & FreeBSD (FreeBSD Day Taiwan)

  • 1. MOD server and FreeBSD Kevin Lo msi funtoro The FreeBSD project
  • 3. Why choose FreeBSD It was chosen by accident Apart from that, there are a couple of good reasons
  • 4. Why choose FreeBSD,cont. ● The community is always willing to help out ● The ports tree contains a large collection of 3rd party software ● Service initialization is simple rc.conf(5) ● Creating a customized memstick/iso is easy release(7) ● The BSD license, high performance network, stable, etc.
  • 6. development(7) Based on -CURRENT; see Benno Rice's talk on keeping current: https://goo.gl/C5tWYa Building a memstick/iso on bhyve(4)
  • 7. Making root file system read only ● /etc/fstab: # Device Mountpoint FStype Options Dump Pass# /dev/gpt/rootfs / ufs ro 1 1 ● /etc/rc.conf: hostid_enable="NO" sendmail_enable="NONE" syslogd_enable="NO" dumpdev="NO" root_rw_mount="NO" update_motd="NO"
  • 8. Making root file system read only, cont. ● A Few things which should be taken care of 3rd party applications such as MySQL /etc/localtime, /etc/resolv.conf /var/db/pkg For example, you might add a line to /etc/rc.d/var that symlinks the directory to /var/db/pkg
  • 9. Managing services boot order Services can be skipped during the boot time because impacted services haven't access to resources that haven't been booted yet Control services boot order with rcorder(8) # rcorder /etc/rc.d/* /usr/local/etc/rc.d/* ... /etc/rc.d/moused rcorder: requirement `usbd' in file `/usr/local/etc/rc.d/hald' has no providers. /usr/local/etc/rc.d/hald ...
  • 10. Multicast TFTP server (atftpd) Clients need to download an image of the kernel through TFTP Unfortunately atftpd only built on Linux machine https://bugs.debian.org/cgi-bin/bugreport.cgi? bug=522192 Ported to FreeBSD (r262417)
  • 11. Issues and solutions in our deployment File systems Networking
  • 14. MSDOSFS Lack of Unicode support Added Unicode support to MSDOSFS, SMBFS, and NTFS (r227650, r228023) Cannot export a msdosfs file system bigger than 128GB with NFS Doesn't change ctime and mtime
  • 15. NTFS Lack of write support GSoC 2012 project "NTFS for FreeBSD" was based on Apple implementation Removed NTFS kernel support (r241636, r247665) Possible solution:Tuxera NTFS kernel driver
  • 16. UFS2 In rw mode, softupdates + journaling = corruption ?! We disable journaling on all our UFS2 devices and in addition use this: background_fsck="NO" fsck_y_enable="YES" There's no open source utility that can read and write to UFS(2) partitions in Windows
  • 17. EXT2FS Lack of journaling and EXT4 write supports Open source utilities (Ext2Fsd, Ext2IFS) are available for Windows that allow both reading and writing EXT2/3/4 partitions
  • 18. TMPFS Could not be exported over NFS Quick fix for adding NFS export support to TMPFS (r230208); plus a bug fixed by jh: allow update mounts only for certain options(r234346)
  • 20. NICs: em(4) Works good without known wired behavior and has produced good performance over a gigabit wire The datasheet is available The client was unable to mount NFS share over UDP Fixed by yongari (r214441) Incorrect Rx checksum handling when testing VLC's UDP-Lite (r264212) streaming mode Corrections to the RX checksum code (r249509)
  • 21. NICs: re(4) Fails at high traffic; stress test with ftp/axel re0: watchdog timeout re0: link state changed to DOWN Use the vendor driver with minor modifications but it has one drawback: it doesn't use miibus(4) The datasheet is not available
  • 22. rpcbind(8) rpcbind can be abused by remote attackers for rpc amplification attacks(DDoS) Prevent rpcbind from listening on all interfaces for UDP and TCP connections rpcbind_flags="-h 192.168.1.1" nfs_server_flags="-h 192.168.1.1" mountd_flags="-h 192.168.1.1"
  • 23. Firewalls: ipfw(4) & pf(4) Kernel panic with pf kept happening locking issue; fixed as r226938 Switching to ipfw makes me/us happy
  • 24. Support the FreeBSD project https://www.freebsdfoundation.org/donate/