tpid98

Upcoming EuroBSDCon OpenBSD talk Confidential Computing with OpenBSD by Hans-Jörg Höxer

Confidential computing is a family of techniques to enhance security
and confidentiality for data in use. One technical approach is strong
isolation for virtual machines.

AMDs Secure Encrypted Virtualization (SEV) offers several feature sets
for isolation of guest virtual machines from an non-trusted host hypervisor
and operating system. These feature sets include memory encryption,
encryption of guest state including CPU registers and an attestation
framework.

In this talk we will explore some of the AMD SEV feature sets. We will
describe how to use them to run OpenBSD as both

• a confidential guest VM and
• a host hypervisor providing a confidential execution environment.

Topics covered are CPU feature detection, low level kernel initialization,
memory management, virtio(4) device drivers and the virtual machine
daemon vmd(8).

I](https://events.eurobsdcon.org/2024/speaker/ZZNGCU/)

Tickets are still available and this talk will be streamed and recorded for later release.

Upcoming EuroBSDCon OpenBSD talk Building a SD-WAN appliance suitable for an Australian Health Sector NFP/NGO by Jason Tubnor

Latrobe Community Health Service (LCHS) - AS139466 - is a Not for Profit (NFP)/Non-Government Organisation (NGO) headquartered in Victoria, Australia. The organisation consists of 40 offices and 2 data centres across the States of Victoria and New South Wales with over 1,500 employees. All LCHS infrastructure is designed and managed in-house without the use of large-scale cloud infrastructure. Since 2015, BSD Unix has been used for various workloads within the organisation.

This talk focuses on our next generation SD-WAN appliance built on OpenBSD technology using commodity hardware. Topics will include the network topology, design choices, various OpenBSD VPN and routing technologies and orchestrating build, deployment and management across the fleet using Ansible.

Jason Tubnor

Tickets are still available and this talk will be streamed and recorded for later release.

Upcoming EuroBSDCon OpenBSD talk A Packet's Journey Through the OpenBSD Network Stack by Alexander Bluhm

When debugging network issues, it is important to understand when
certain things happen. Tcpdump provides valuable insight, pf
transforms packets, pseudo devices add features, and netstat counters
show action. The call graph of the functions within the kernel is
the base to comprehend the relation between these sources of
information.

The layering of kernel code in hardware drivers, pseudo devices,
IP processing, forwarding and protocol layer is explained. The
kernel provides the socket interface to userland processes. Packet
forwarding happens within the kernel. Bridge code uses certain
shortcuts. pf is a swiss knife that can manipulate traffic in
multiple layers. IPsec has an independent interface that overrides
routing. Routing itself and neighbor discovery is a necessary step
that has its tentacles everywhere. Checksum calculation can be
performed by hardware offloading.

By using examples with a single packets, their way through the
kernel is shown. The possible branches, configuration options, and
measurement output are put in correlation.

Alexander Bluhm

Tickets are still available and this talk will be streamed and recorded for later release.

Upcoming EuroBSDCon talk: Why (and how) we're migrating many of our servers from Linux to the BSDs by Stefano Marinelli

A few years ago, we decided to migrate many of our servers (and many of those of our clients) from Linux to the BSDs - FreeBSD, OpenBSD, NetBSD - depending on the specific services. In this presentation, I will discuss the reasons behind our decision, the technical and organizational challenges we faced, the tangible benefits we have experienced, and why we believe this migration is successful. I will provide specific examples and real-life case studies. In an increasingly complex world, relying on simple, stable, and secure solutions is becoming more and more important, and the BSDs can make a significant contribution in this direction.

Stefano Marinelli

Tickets are still available and this talk will be streamed and recorded for later release.

Upcoming EuroBSDCon OpenBSD talk OpenBSD vs. IPv6 by Florian Obser

** .ical](https://events.eurobsdcon.org/2024/talk/AV78U9.ics)09-21, 17:45–18:30 (Europe/Dublin), Foyer B **

We will give an overview of past, present and future work on IPv6 in OpenBSD.

We will show how we replaced KAME stack code in both the kernel as well as userland with modern, privilege separated daemons for stateless address auto configuration. slaacd(8) runs on the host to solicit router advertisements and configures addresses and routes. rad(8) runs on the router to send router advertisements. A newly written daemon for DHCPv6, dhcp6leased(8), requests prefixes from an upstream ISP which then can be used by rad(8) for router advertisements.

Next we will show the new IPv6 source address selection in the kernel, including support for the infamous Rule 5.5 of RFC 6724.

In ongoing and future work we will touch on client-side address translation using pf(4)'s af-to feature to support the 464XLAT transition mechanism for v6-mostly networks.

Florian Obser

Upcoming EuroBSDCon OpenBSD talk Global anycast using OpenBSD on a budget by Rob Keizer

This talk goes over using OpenBSD as the basis for a highly available globally distributed public anycast network. Distributed decision systems corosync, consul, and raft (using Elixir) are discussed, as are highly available distributed storage and routing systems, all on OpenBSD, all on a budget.

Rob Keizer

Upcoming EuroBSDCon OpenBSD talk Why rewrite fw_update(8)? By Andrew Hewus Fresh

OpenBSD provides the fw_update(8) utility to handle installing firmware for hardware from manufacturers whose licensing isn't compatible with our base system. We will take a trip into the history of fw_update(8), its structure and why it exists. A recent rewrite provides an illustration of the value OpenBSD places on simplicity and user experience.

Andrew Hewus Fresh

Tickets are still available and this talk will be streamed and recorded for later release.

Upcoming EuroBSDCon talk: vmd's multi-process device emulation: 2 releases later by Dave Voutila

** .ical09-21, 14:45–15:30 (Europe/Dublin), Foyer B **

In OpenBSD 7.4, the native hypervisor, vmd(8)became the only open source type-2 hypervisor to default to using a multi-process, privilege separated model for emulating block and network devices.

This talk provides a look at the inspiration from Oracle's contributions to QEMU as a means of multi-layered defense, a review of the challenges and changes required to OpenBSD across 7.4 and 7.5, and a look at the road ahead.

Upcoming OpenBSD talk: Puffy does Realtime Hypermedia by Patrick Marchand

Modern web development is intrinsically tied to javascript and frameworks have been pushing us further and further away from the initial model of the internet as a web of documents. In response to this, libraries like htmx and data-star have arisen to demonstrate ways to use hypermedia to create interactive applications.

Hypermedia as the engine of application state (HATEOS) is a driving principle of these new libraries and by allowing the backend to drive the state of the frontend directly without requiring the user to write javascript code, they make it possible to do hypermedia on whatever you like (Otherwise known as the HOWL stack). 

That means that with nothing but the OpenBSD base install and a small javascript shim (12kb at the time of writing), we can write realtime hypermedia applications. We will explore the case of a small web application that monitors the state of it's server and offers real time updates of it's metrics.

Patrick Marchand

Tickets are still available and this talk will be streamed and recorded for later release.

Upcoming EuroBSDCan talk: Building a wind speed logger in NetBSD with GPIO by Nicola Mingotti

(https://events.eurobsdcon.org/2024/talk/7RKDFU.ics)09-21, 13:45–14:30 (Europe/Dublin), Foyer A **

We will see how to set up a small ARM computer (RPi3B+ or BeagleBone Black) to be a remote data logger for wind speed. We will be using gpioctl(8) and gpioirq(4) to collect data. The main objective of the talk is to show how to use gpios to interact with the world that lives outside the computer.

Nicola Mingotti (https://events.eurobsdcon.org/2024/speaker/UYB88T/)

Tickets are still available and this talk will be streamed and recorded for later release.

Upcoming EuroBSDCon NetBSD talk: Flipping Bits: Memory Errors in the Machine By Taylor R Campbell

(https://events.eurobsdcon.org/2024/talk/EHTVPK.ics)09-21, 11:45–12:30 (Europe/Dublin), Foyer A **

We've all heard stories of the dreaded cosmic ray angrily flipping bits
in your RAM. But how much does it matter, really? And, more
importantly, how do you tell?

This talk will cover an overview of hardware architecture around
detecting and correcting memory errors, software support for handling
them and other types of hardware errors, and stories of memory errors
in the real world.

And, if the stars align, perhaps we'll have a live demo.

Taylor R Campbell (https://events.eurobsdcon.org/2024/speaker/ENKTTF/)

EuroBSDCon tickets are still available and it will be streamed and recorded for later release.

For all the completists out there, may I offer the complete BSDCan 2024 playlist: