Sysctlinfo: a New Interface to Visit the Freebsd Sysctl MIB and to Pass the Objects Info to Userland

Total Page:16

File Type:pdf, Size:1020Kb

Sysctlinfo: a New Interface to Visit the Freebsd Sysctl MIB and to Pass the Objects Info to Userland sysctlinfo: a new interface to visit the FreeBSD sysctl MIB and to pass the objects info to userland Alfonso Sabato Siciliano [email protected] BSDCan 2020, Ottawa, Canada Abstract known as sysctl MIB-Tree or sysctl tree. The 4.4BSD operating system introduced the sysctl Listing 1: sysctl tree node system call to get or set the state of the system, the struct sysctl o i d f kernel exposes the available parameters for sysctl as struct sysctl o i d l i s t o i d c h i l d r e n ; objects of a Management Information Base. Nowa- struct sysctl o i d l i s t ∗ o i d p a r e n t ; days FreeBSD has thousands of sysctl parameters, SLIST ENTRY( s y s c t l o i d ) o i d l i n k ; moreover, they can also be added or deleted dynam- i n t oid number ; u i n t o i d k i n d ; ically, so the kernel has to provide additional fea- void ∗ o i d a r g 1 ; tures for exploring the MIB, converting the name intmax t o i d a r g 2 ; of a parameter in its corresponding MIB identifier const char ∗ oid name ; and getting the info of an object (e.g., name, de- i n t (∗ o i d h a n d l e r ) (SYSCTL HANDLER ARGS) ; scription, type, etc.). Currently the kernel provides const char ∗ oid fmt ; an undocumented interface to fulfill these tasks, it i n t o i d r e f c n t ; was introduced over twenty years ago, this paper u i n t o i d r u nn i n g ; presents a new interface providing new features and const char ∗ o i d d e s c r ; improving the efficiency to access to the MIB. const char ∗ o i d l a b e l ; g ; The sysctl syscall [Listing 2] represents an OID 1 Introduction by an array of integers and an unsigned integer, when the node with the specified OID is found its The FreeBSD [1] kernel maintains a Management handler is called: it can pass the values between Information Base ("MIB") where a component the kernel and userspace via two buffers. ("object") represents a parameter of the system. The MIB provides a convenient hierarchical nota- Listing 2: sysctl() system call tion to describe the kernel namespace [2], each ob- i n t ject has a number so an Object Identifier ("OID") sysctl(const int ∗ id , u int idlevel , is a series of integers separated by periods. The void ∗ oldp , s i z e t ∗ oldlenp , sysctl system call [3] explores the MIB to find an const void ∗newp , s i z e t newlen ) ; object by its OID then it can retrieve or set the It is often necessary finding an object not for its value of the corresponding parameter. value (calling the handler) but to retrieve its infor- The MIB is implemented by a collection of trees, mation (e.g., name, description, type, next node, the root nodes are the top level objects and are etc.), so the kernel provides an undocumented in- stored as entries of a SLIST [4], each node repre- terface, sysctlinfo is a new interface to visit the sents an object and is defined by a struct sysctl oid sysctl tree and to pass the info of a node to user- [Listing 1]; the complete MIB data structure is land. 1 The rest of the paper is organized as follows: Sec- is implemented in kern sysctl.c by a set of inter- tion 2 gives a description of the current interface nal nodes: sysctl.name, sysctl.next, sysctl.oidfmt, and its limitations, Section 3 introduces sysctlinfo sysctl.oiddescr, sysctl.oidlabel and sysctlname2oid. and explains its design and implementation, real The internal nodes, except sysctl.name2oid, are world use cases are shown in the successive section. CTLTYPE NODEs with a not-NULL handler, so The work is concluded with some consideration and the desired node is specified exending the OID of future directions. the internal node, [Linsting 5] shows how getting the description of a node via sysctl.oiddesc. 2 The current interface Listing 5: current interface API -1- ioid[0] = CTL SYSCTL ; Currently the sysctl MIB consists of thousands of ioid[1] = CTL SYSCTL DESC ; objects, they have various info: types, formats, memcpy(ioid+2, oid , oidlen ∗ sizeof(int)); flags, etc., furthermore the sysctl(9) interface [6] sysctl(ioid , oidlen+2, buf, &bufsize , 0, 0); allows to add or delete an object dinamically. The The sysctl.name2oid internal node uses the newp sysctl syscall finds an object by its OID then can and oldp buffers [Listing 6]. get or set its value, only this functionality is not suf- ficient, for example the sysctl(8) utility [5] needs to Listing 6: current interface API -2- explore the MIB, convert the name of an object in its corresponding OID and finally to get the info of ioid[0] = CTL SYSCTL ; ioid[1] = CTL SYSCTL NAME2OID; an object to display properly its value [Listing 3]. sysctl(ioid, 2, oid, oidlen, name, strlen(name) +1); Listing 3: sysctl(8) % sysctl kern.ostype kern.ostype: FreeBSD Limitations of the current interface % s y s c t l −t kern.ostype kern.ostype: string The CTL MAXNAME constant, in sys/sysctl.h, defines % s y s c t l −aN the max level of an OID, actually it is 24, so kern.ostype sysctl(9) can add a node of 24 levels: ... compat. ia32 .maxdsiz x1.x2.x3.x4.x5.x6.x7.x8.x9.x10.x11. x12.x13.x14.x15.x16.x17.x18.x19.x20. During the years new members were added to x21.x22.x23.x24 struct sysctl oid [Listing 1]: oid descr and oid label, they allow to know the description of an object and and the sysctl() syscall can get or set its value. to address the modern cloud computing require- Unfortunately, the current interface can manage ments [11], [Lising 4]. an object up to CTL MAXNAME-2 levels because the internal nodes, except sysctl.name2oid, use 2 Listing 4: object description and label levels for their OID (see sysctl() of [Listing 5]), % s y s c t l −d kern.ostype consequently an utility like sysctl(8) fails with an kern.ostype: Operating system type object of 23 or 24 levels [Listing 7]. % prometheus s y s c t l exporter kern. features .compat freebsd7 Listing 7: sysctl(8) false negative s y s c t l k e r n f e a t u r e s f feature="compat % /sbin/sysctl x1 f r e e b s d 7 "g 1 sysctl: sysctl(getnext) −1 8 8 : Cannot allocate memory The FreeBSD kernel provides an undocumented % /sbin/sysctl x1.x2.x3.x4.x5.x6.x7.x8. interface, introduced over twenty years ago [8], to x9.x10.x11.x12.x13.x14.x15.x16.x17.x18. retrieve the info of an object: name, type, for- x19.x20.x21.x22.x23.x24 mat, description, next leaf and OID by name, sysctl: sysctl fmt −1 1024 22: Invalid later: description [9] and label [10]. The interface argument 2 The current interface provides sysctl.next to ex- value of an object like "kern.proc.pid.1". plore the MIB, it finds the specified object and gets Furthermore sysctl.name2oid finishes to build the next leaf. However a MIB explorer [Figure 1] the OID if a level-name is just the "NULL string", needs to retrieve also the next internal node. The so sysctlbyname() could get or set the value of an early versions of sysctlview [18], a graphical sysctl unwanted object. Consider [Listing 8], the sysctl(8) MIB explorer, wasted computation in userspace utility uses sysctl.name2oid to retrieve the OID of comparing the OIDs of two consecutive leaves to "security.jail.param.allow.mount.", so it receives an retrieve the internal nodes. incomplete OID, in fact it shows the requested node and its brothers. Figure 1: sysctlview Listing 8: sysctl(8) shows unwanted objects % sysctl security. jail .param.allow.mount. security. jail .param.allow.mount.tmpfs: 0 security. jail .param.allow.mount.debugfs: 0 security . jail .param.allow.mount.anon i n o d e f s : 0 security. jail .param.allow.mount.procfs: 0 security. jail .param.allow.mount.devfs: 0 security. jail .param.allow.mount.: 0 Finally, the current interface does not take care of security: in capability mode [13] it exposes the info of a nodes without the CTLFLAG CAPRD or CTLFLAG CAPWR flag. 3 A new interface This paper presents a new interface: sysctlinfo [16], its purpose is to address the limitations of the cur- rent interface, to improve the efficiency and to im- plement new features; moreover the project pro- The sysctl.name node finds an object by vides: a README, a manual, helper macros, ex- its OID and gets its name, example: [1.1] ! amples, and converted tools. Obviously the inter- "kern.ostype". However if no object has the faces can coexist, the utilities and libraries can con- specified OID the internal node builds a "fake" tinue to use the current kernel interface while the name depending on the input OID and returns converted tools can take the advantages by using always '0' false positive [Listing 5], example: sysctlinfo. [1.1.100.500.1000] ! "kern.ostype.100.500.1000" or a totally non-existent OID [3000.4000.5000] ! Features "3000.4000.5000".
Recommended publications
  • Active-Active Firewall Cluster Support in Openbsd
    Active-Active Firewall Cluster Support in OpenBSD David Gwynne School of Information Technology and Electrical Engineering, University of Queensland Submitted for the degree of Bachelor of Information Technology COMP4000 Special Topics Industry Project February 2009 to leese, who puts up with this stuff ii Acknowledgements I would like to thank Peter Sutton for allowing me the opportunity to do this work as part of my studies at the University of Queensland. A huge thanks must go to Ryan McBride for answering all my questions about pf and pfsync in general, and for the many hours working with me on this problem and helping me test and debug the code. Thanks also go to Theo de Raadt, Claudio Jeker, Henning Brauer, and everyone else at the OpenBSD network hackathons who helped me through this. iii Abstract The OpenBSD UNIX-like operating system has developed several technologies that make it useful in the role of an IP router and packet filtering firewall. These technologies include support for several standard routing protocols such as BGP and OSPF, a high performance stateful IP packet filter called pf, shared IP address and fail-over support with CARP (Common Address Redundancy Protocol), and a protocol called pfsync for synchronisation of the firewalls state with firewalls over a network link. These technologies together allow the deployment of two or more computers to provide redundant and highly available routers on a network. However, when performing stateful filtering of the TCP protocol with pf, the routers must be configured in an active-passive configuration due to the current semantics of pfsync.
    [Show full text]
  • Mellanox OFED for Freebsd for Connectx-4 and Above Adapter Cards User Manual
    Mellanox OFED for FreeBSD for ConnectX-4 and above Adapter Cards User Manual Rev 3.5.2 www.mellanox.com Mellanox Technologies NOTE: THIS HARDWARE, SOFTWARE OR TEST SUITE PRODUCT (“PRODUCT(S)”) AND ITS RELATED DOCUMENTATION ARE PROVIDED BY MELLANOX TECHNOLOGIES “AS-IS” WITH ALL FAULTS OF ANY KIND AND SOLELY FOR THE PURPOSE OF AIDING THE CUSTOMER IN TESTING APPLICATIONS THAT USE THE PRODUCTS IN DESIGNATED SOLUTIONS. THE CUSTOMER'S MANUFACTURING TEST ENVIRONMENT HAS NOT MET THE STANDARDS SET BY MELLANOX TECHNOLOGIES TO FULLY QUALIFY THE PRODUCT(S) AND/OR THE SYSTEM USING IT. THEREFORE, MELLANOX TECHNOLOGIES CANNOT AND DOES NOT GUARANTEE OR WARRANT THAT THE PRODUCTS WILL OPERATE WITH THE HIGHEST QUALITY. ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT ARE DISCLAIMED. IN NO EVENT SHALL MELLANOX BE LIABLE TO CUSTOMER OR ANY THIRD PARTIES FOR ANY DIRECT, INDIRECT, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES OF ANY KIND (INCLUDING, BUT NOT LIMITED TO, PAYMENT FOR PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY FROM THE USE OF THE PRODUCT(S) AND RELATED DOCUMENTATION EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. Mellanox Technologies 350 Oakmead Parkway Suite 100 Sunnyvale, CA 94085 U.S.A. www.mellanox.com Tel: (408) 970-3400 Fax: (408) 970-3403 © Copyright 2019. Mellanox Technologies Ltd. All Rights Reserved. Mellanox®, Mellanox logo, Mellanox Open Ethernet®, LinkX®, Mellanox Spectrum®, Mellanox Virtual Modular Switch®, MetroDX®, MetroX®, MLNX-OS®, ONE SWITCH.
    [Show full text]
  • Performance, Scalability on the Server Side
    Performance, Scalability on the Server Side John VanDyk Presented at Des Moines Web Geeks 9/21/2009 Who is this guy? History • Apple // • Macintosh • Windows 3.1- Server 2008R2 • Digital Unix (Tru64) • Linux (primarily RHEL) • FreeBSD Systems Iʼve worked with over the years. Languages • Perl • Userland Frontier™ • Python • Java • Ruby • PHP Languages Iʼve worked with over the years (Userland Frontier™ʼs integrated language is UserTalk™) Open source developer since 2000 Perl/Python/PHP MySQL Apache Linux The LAMP stack. Time to Serve Request Number of Clients Performance vs. scalability. network in network out RAM CPU Storage These are the basic laws of physics. All bottlenecks are caused by one of these four resources. Disk-bound •To o l s •iostat •vmstat Determine if you are disk-bound by measuring throughput. vmstat (BSD) procs memory page disk faults cpu r b w avm fre flt re pi po fr sr tw0 in sy cs us sy id 0 2 0 799M 842M 27 0 0 0 12 0 23 344 2906 1549 1 1 98 3 3 0 869M 789M 5045 0 0 0 406 0 10 1311 17200 5301 12 4 84 3 5 0 923M 794M 5219 0 0 0 5178 0 27 1825 21496 6903 35 8 57 1 2 0 931M 784M 909 0 0 0 146 0 12 955 9157 3570 8 4 88 blocked plenty of RAM, idle processes no swapping CPUs A disk-bound FreeBSD machine. b = blocked for resources fr = pages freed/sec cs = context switches avm = active virtual pages in = interrupts flt = memory page faults sy = system calls per interval vmstat (RHEL5) # vmstat -S M 5 25 procs ---------memory-------- --swap- ---io--- --system- -----cpu------ r b swpd free buff cache si so bi bo in cs us sy id wa st 1 0 0 1301 194 5531 0 0 0 29 1454 2256 24 20 56 0 0 3 0 0 1257 194 5531 0 0 0 40 2087 2336 34 27 39 0 0 2 0 0 1183 194 5531 0 0 0 53 1658 2763 33 28 39 0 0 0 0 0 1344 194 5531 0 0 0 34 1807 2125 29 19 52 0 0 no blocked busy but not processes overloaded CPU in = interrupts/sec cs = context switches/sec wa = time waiting for I/O Solving disk bottlenecks • Separate spindles (logs and databases) • Get rid of atime updates! • Minimize writes • Move temp writes to /dev/shm Overview of what weʼre about to dive into.
    [Show full text]
  • BSD UNIX Toolbox 1000+ Commands for Freebsd, Openbsd
    76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page iii BSD UNIX® TOOLBOX 1000+ Commands for FreeBSD®, OpenBSD, and NetBSD®Power Users Christopher Negus François Caen 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page ii 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page i BSD UNIX® TOOLBOX 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page ii 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page iii BSD UNIX® TOOLBOX 1000+ Commands for FreeBSD®, OpenBSD, and NetBSD®Power Users Christopher Negus François Caen 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page iv BSD UNIX® Toolbox: 1000+ Commands for FreeBSD®, OpenBSD, and NetBSD® Power Users Published by Wiley Publishing, Inc. 10475 Crosspoint Boulevard Indianapolis, IN 46256 www.wiley.com Copyright © 2008 by Wiley Publishing, Inc., Indianapolis, Indiana Published simultaneously in Canada ISBN: 978-0-470-37603-4 Manufactured in the United States of America 10 9 8 7 6 5 4 3 2 1 Library of Congress Cataloging-in-Publication Data is available from the publisher. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permis- sion should be addressed to the Legal Department, Wiley Publishing, Inc., 10475 Crosspoint Blvd., Indianapolis, IN 46256, (317) 572-3447, fax (317) 572-4355, or online at http://www.wiley.com/go/permissions.
    [Show full text]
  • Linux Kernel and Driver Development Training Slides
    Linux Kernel and Driver Development Training Linux Kernel and Driver Development Training © Copyright 2004-2021, Bootlin. Creative Commons BY-SA 3.0 license. Latest update: October 9, 2021. Document updates and sources: https://bootlin.com/doc/training/linux-kernel Corrections, suggestions, contributions and translations are welcome! embedded Linux and kernel engineering Send them to [email protected] - Kernel, drivers and embedded Linux - Development, consulting, training and support - https://bootlin.com 1/470 Rights to copy © Copyright 2004-2021, Bootlin License: Creative Commons Attribution - Share Alike 3.0 https://creativecommons.org/licenses/by-sa/3.0/legalcode You are free: I to copy, distribute, display, and perform the work I to make derivative works I to make commercial use of the work Under the following conditions: I Attribution. You must give the original author credit. I Share Alike. If you alter, transform, or build upon this work, you may distribute the resulting work only under a license identical to this one. I For any reuse or distribution, you must make clear to others the license terms of this work. I Any of these conditions can be waived if you get permission from the copyright holder. Your fair use and other rights are in no way affected by the above. Document sources: https://github.com/bootlin/training-materials/ - Kernel, drivers and embedded Linux - Development, consulting, training and support - https://bootlin.com 2/470 Hyperlinks in the document There are many hyperlinks in the document I Regular hyperlinks: https://kernel.org/ I Kernel documentation links: dev-tools/kasan I Links to kernel source files and directories: drivers/input/ include/linux/fb.h I Links to the declarations, definitions and instances of kernel symbols (functions, types, data, structures): platform_get_irq() GFP_KERNEL struct file_operations - Kernel, drivers and embedded Linux - Development, consulting, training and support - https://bootlin.com 3/470 Company at a glance I Engineering company created in 2004, named ”Free Electrons” until Feb.
    [Show full text]
  • System Analysis and Tuning Guide System Analysis and Tuning Guide SUSE Linux Enterprise Server 15 SP1
    SUSE Linux Enterprise Server 15 SP1 System Analysis and Tuning Guide System Analysis and Tuning Guide SUSE Linux Enterprise Server 15 SP1 An administrator's guide for problem detection, resolution and optimization. Find how to inspect and optimize your system by means of monitoring tools and how to eciently manage resources. Also contains an overview of common problems and solutions and of additional help and documentation resources. Publication Date: September 24, 2021 SUSE LLC 1800 South Novell Place Provo, UT 84606 USA https://documentation.suse.com Copyright © 2006– 2021 SUSE LLC and contributors. All rights reserved. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or (at your option) version 1.3; with the Invariant Section being this copyright notice and license. A copy of the license version 1.2 is included in the section entitled “GNU Free Documentation License”. For SUSE trademarks, see https://www.suse.com/company/legal/ . All other third-party trademarks are the property of their respective owners. Trademark symbols (®, ™ etc.) denote trademarks of SUSE and its aliates. Asterisks (*) denote third-party trademarks. All information found in this book has been compiled with utmost attention to detail. However, this does not guarantee complete accuracy. Neither SUSE LLC, its aliates, the authors nor the translators shall be held liable for possible errors or the consequences thereof. Contents About This Guide xii 1 Available Documentation xiii
    [Show full text]
  • SAP HANA Server Installation and Update Guide Company
    PUBLIC SAP HANA Platform 2.0 SPS 05 Document Version: 1.1 – 2021-09-24 SAP HANA Server Installation and Update Guide company. All rights reserved. All rights company. affiliate THE BEST RUN 2021 SAP SE or an SAP SE or an SAP SAP 2021 © Content 1 SAP HANA Server Installation and Update Guide....................................9 2 SAP HANA Installation and Update Overview......................................10 2.1 SAP HANA Platform Software Components..........................................10 2.2 Software Download...........................................................11 2.3 Software Authenticity Verification.................................................13 3 Concepts and Requirements for an SAP HANA System...............................15 3.1 SAP HANA Hardware and Software Requirements.....................................15 3.2 Recommended File System Layout................................................18 3.3 SAP HANA System Concepts....................................................21 3.4 SAP HANA System Types...................................................... 22 3.5 SAP HANA Deployment Types...................................................25 3.6 SAP HANA and Virtualization....................................................27 3.7 Local Secure Store (LSS).......................................................28 4 Overview of SAP HANA Tenant Databases........................................30 4.1 Server Architecture of Tenant Databases............................................31 4.2 Scale-Out Architecture of Tenant Databases.........................................33
    [Show full text]
  • Red Hat Enterprise Linux 8 Managing, Monitoring and Updating the Kernel
    Red Hat Enterprise Linux 8 Managing, monitoring and updating the kernel A guide to managing the Linux kernel on Red Hat Enterprise Linux 8 Last Updated: 2019-11-05 Red Hat Enterprise Linux 8 Managing, monitoring and updating the kernel A guide to managing the Linux kernel on Red Hat Enterprise Linux 8 Legal Notice Copyright © 2019 Red Hat, Inc. The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/ . In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version. Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law. Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries. Linux ® is the registered trademark of Linus Torvalds in the United States and other countries. Java ® is a registered trademark of Oracle and/or its affiliates. XFS ® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries. MySQL ® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
    [Show full text]
  • Recent Filesystem Optimisations in Freebsd
    Recent Filesystem Optimisations in FreeBSD Ian Dowse <[email protected]> Corvil Networks. David Malone <[email protected]> CNRI, Dublin Institute of Technology. Abstract 2.1 Soft Updates In this paper we summarise four recent optimisations Soft updates is one solution to the problem of keeping to the FFS implementation in FreeBSD: soft updates, on-disk filesystem metadata recoverably consistent. Tra- dirpref, vmiodir and dirhash. We then give a detailed ex- ditionally, this has been achieved by using synchronous position of dirhash’s implementation. Finally we study writes to order metadata updates. However, the perfor- these optimisations under a variety of benchmarks and mance penalty of synchronous writes is high. Various look at their interactions. Under micro-benchmarks, schemes, such as journaling or the use of NVRAM, have combinations of these optimisations can offer improve- been devised to avoid them [14]. ments of over two orders of magnitude. Even real-world workloads see improvements by a factor of 2–10. Soft updates, proposed by Ganger and Patt [4], allows the reordering and coalescing of writes while maintain- ing consistency. Consequently, some operations which have traditionally been durable on system call return are 1 Introduction no longer so. However, any applications requiring syn- chronous updates can still use fsync(2) to force specific changes to be fully committed to disk. The implementa- Over the last few years a number of interesting tion of soft updates is relatively complicated, involving filesystem optimisations have become available under tracking of dependencies and the roll forward/back of FreeBSD. In this paper we have three goals.
    [Show full text]
  • Freebsd + Nginx: Best WWW Server for the Best OS Sergey A
    FreeBSD + nginx: Best WWW server for the best OS Sergey A. Osokin Moscow, Russia Ports committer FreeBSD Project [email protected] Abstract • modularity (more original and third-party mod- ules); Today the NGINX web server can be safely consid- • byte-ranges, chunked answers; ered mature. Launched 10 years ago the project is still • Server Side Includes (SSI); gaining popularity. This paper introduced the NGINX • SSL (secure socket layer). webserver, describes its implementation approach and Additional functions of HTTP server are: architectural goals. Also it demonstrates how NGINX works on FreeBSD operating system and reveals strate- • virtual servers (by IP and hostname); gies of the product usage, the ways to deploy and opti- • keep-alive support and pipelined connections; mize t and other challenges. • configuration flexibility (ability to change timeouts and size of buffers); 1 Introduction • ability to ¡¡hot update¿¿ of the main executable file on-the-fly, without any service disruption, the old You probably remember the tagline of one of the most process is stopped afterward; popular email mail user agent: All mail clients suck. This • log files customization; one just sucks less. OK. To paraphrase the message to • limit speed rate for answers; the topic of my speech I’d like to say: All web servers • URI modifications by using regular expression; suck. This one just sucks less. • customized error pages for 400 and 500 error codes; Now let’s be seriuos. • embedded perl. Today Internet is different from what it was 10-20 years ago. Those day it was a collection of a small num- Other functions are: ber of HTML pages sometimes interconnected by hy- • User redirection to IMAP/POP3 backend using an perlinks.
    [Show full text]
  • Debugging the Freebsd Kernel by Mark Johnston As I Write This, the Long-Awaited Freebsd 12.0 Release Is Within Days of Shipping
    SEE TEXT ONLY DeBUGGING the FreeBSD Kernel By Mark Johnston As I write this, the long-awaited FreeBSD 12.0 release is within days of shipping. Of course, FreeBSD developers have been meticulously polishing and testing 12.0's kernel for months and we're confident that every last bug has been squashed. or the typical FreeBSD user, the subject of kernel debugging is just an intellectual curiosity, right? This is how it should be, at least; FreeBSD's stability is one of its main selling points and contributes a lot Fto its reputation. The stability of an operating system kernel is especially important since a fault in the kernel will typically bring down the entire system. In truth, however, no matter how many bugs were fixed in the lead-up to 12.0, the harsh reality is that some are still lingering and will emerge later to bite users, often with a stress-inducing kernel panic. It is useful to have some familiarity with FreeBSD kernel debugging even if you are not a FreeBSD devel- oper. The permissiveness of the BSD license has allowed many companies to build products on top of the FreeBSD source tree, often directly extending the kernel. These extensions will, of course, contain bugs or may expose latent bugs in FreeBSD itself. Moreover, developers working on such a code base generally cannot work directly with the FreeBSD community and thus would need to do some debugging them- selves, perhaps before reporting the issue upstream. Another very common scenario is the case where developers do not have direct access to the system exhibiting a problem, so live debugging is not possible.
    [Show full text]
  • One Server Per City: Using TCP for Very Large SIP Servers
    One Server Per City: Using TCP for Very Large SIP Servers Kumiko Ono and Henning Schulzrinne Dept. of Computer Science, Columbia University. Email: {kumiko, hgs}@cs.columbia.edu Abstract The transport protocol for SIP can be chosen based on the requirements of services and network conditions. How does the choice of TCP affect the scalability and performance compared to UDP? We experimentally analyze the im- pact of using TCP as a transport protocol for a SIP server. We first investigate scalability of a TCP echo server, then compare performance of a SIP server for three TCP connection lifetimes: transaction, dialog, and persistent. Our results show that a Linux machine can establish 450,000+ TCP connections and maintaining connections does not affect the transaction response time. Additionally, the transaction response times using the three TCP connection life- times and UDP show no significant difference at 2,500 registration requests/second and at 500 call requests/second. However, sustainable request rate is lower for TCP than for UDP, since using TCP requires more message processing. More message processing causes longer delays at the thread queue for the server implementing a thread-pool model. Finally, we suggest how to reduce the impact of TCP for a scalable SIP server especially under overload control. This is applicable to other servers with very large connection counts. 1 Introduction The Session Initiation Protocol (SIP) [1] is used for Internet telephony signaling, i.e., establishing and tearing down sessions. The SIP is a request-response protocol, similar to HTTP, but can work over any transport protocol such as UDP, TCP or SCTP (Stream Control Transmission Protocol) [2].
    [Show full text]