From 0 to Bhyve on FreeBSD 13.1
FreeBSD has its own high-performance hypervisor called “bhyve”. Much like the Linux kernel’s KVM hypervisor, bhyve enables the creation and maintenance of virtual machines—aka “guests”—which run at near-native speed alongside the host operating system. Although bhyve got a later start than Linux KVM, in most ways it has caught up with its primary rival—and in some ways surpassed it.
Using Netgraph for FreeBSD’s Bhyve Networking
FreeBSD 13 adds new support for a netgraph backend for virtual network devices under bhyve. Netgraph is a modular networking framework that allows for arbitrary stacking of protocols and transports, along with filtering, tunneling, redirection, inspection, injection and more—fast and feature-rich, netgraph is to networking what the geom layer is to disks and storage. This article provides a basic recipe to demonstrate some common netgraph syntax and use-cases.Why might you want to run CURRENT? If you have a large modified code base, or are building a product based on FreeBSD, CURRENT gives you a look into the future of FreeBSD. Running CURRENT will help you understand changes that are happening in the FreeBSD Operating System and it gives you an opportunity to see how your stack performs with new features.
In this article we will show how to build a CURRENT system with the debugging features disabled, and perform some benchmarks to test the impact debugging features have on performance.
Modern inetd in FreeBSD
The inetd ‘super-server’ is a special application that ties incoming network connections to locally-run commands. While it is not a common part of deployments today, it still has potential to be useful in production environments, and definitely has a place in the future of FreeBSD.
Packet Scheduling with Dummynet and FreeBSD
Let’s talk Dummynet! A traffic manager, bandwidth manager and link emulator, Dummynet is a powerful part of FreeBSD. Dummynet gives us the tools to control how traffic at bottlenecks is treated and can be used to make reservations on our hosts so they remain reachable when under high packet load.
Using the FreeBSD RACK TCP Stack
Did you know that FreeBSD has more than one TCP stack and that TCP stacks are pluggable at run time? Since FreeBSD 12, FreeBSD has support pluggable TCP stacks, and today we will look at the RACK TCP Stack. The FreeBSD RACK stack takes this pluggable TCP feature to an extreme: rather than just swapping the congestion control algorithm, FreeBSD now supports dynamically loading and an entirely separate TCP stack. With the RACK stack loaded, TCP flows can be handled either by the default FreeBSD TCP stack or by the RACK stack.
FreeBSD TCP Performance System Controls
While new protocols are constantly being developed, the venerable Transmission Control Protocol (TCP) still accounts for most global traffic. The FreeBSD kernel TCP stack offers a lot of opportunities to tweak different performance features. The options it includes allow a lot of flexibility in the configuration of machines without having to do custom kernel builds.
Find out how to make use of the Initial Window, what the TCP Segment OffLoad is, and how to use TCP Buffer Tuning to your advantage.
FreeBSD Network Troubleshooting: Understanding Network Performance
Network performance is one of the most complex topics to analyse and understand. FreeBSD has a full set of debugging features, and the network stack reports a ton of information. So much that it can be hard to figure out what is relevant and what is not. In this article, we define performance, look at how to measure what is available and how to get the system to report what it is managing to do.
Simple and Secure VPN in FreeBSD – Introducing WireGuard
Looking for a FreeBSD VPN solution? Wireguard is a Virtual Private Network (VPN) technology that aims to enable the easy deployment and configuration of servers and clients.
Routing and Firewalling VLANS with FreeBSD
VNET virtual network stacks are a powerful network stack isolation technology that gives FreeBSD jails super powers. Follow our guide to use VLANs on FreeBSD, combine VLANs and VNETs and use VLANs with VNET Jails. Learn useful tricks with many exemplifying instances.
Virtualize Your Network on FreeBSD with VNET
FreeBSD Jails – a well-known feature that has become core to many excellent tools on FreeBSD such as the Poudriere package builder. Jails offer process and file system isolation, but for a long time they did not offer very satisfying network isolation. Learn how to isolate networks, how to test potentially hazardous firewall changes and how to do proper jail networking.