FreeBSD 11



  • Seems FreeBSD 11 added a lot of stuff for SMP and NICs, including multi-queue for VMware 3, and a few other optimizations like faster hashes. I know it was quite a while between 8.x and now 10.x, but is there any plan to use 11 once it is stable? I don't see migrating to 11 being high priority, but I would hope it would be an easier transition than going to 10, and hopefully worth the effort once the 10.x platform gets its bugs ironed out.



  • i would think it might be better to keep up to date with every release instead of waiting for years and then making a huge effort to close the gap



  • FreeBSD 11.0-CURRENT Release Notes: https://www.freebsd.org/relnotes/CURRENT/relnotes/
    That is an ongoing set of release notes that are updated as things happen.
    Is there a "roadmap" document somewhere that has a target timetable for 11.0-RELEASE and what is hoped to be in it?


  • Netgate Administrator

    If I recall one of the biggest reasons for building 2.2 on a FreeBSD 10 base (which itself was still in beta at the time) was because it's much easier to stay current once you're there than continuously trying to play catch-up.

    Steve



  • @Harvy66:

    Seems FreeBSD 11 added a lot of stuff for SMP and NICs, including multi-queue for VMware 3, and a few other optimizations like faster hashes. I know it was quite a while between 8.x and now 10.x, but is there any plan to use 11 once it is stable? I don't see migrating to 11 being high priority, but I would hope it would be an easier transition than going to 10, and hopefully worth the effort once the 10.x platform gets its bugs ironed out.

    "added"?  FreeBSD 11 isn't done yet.  In fact, right now, serial consoles appear to be broken.

    It was "quite a while" between 8.x and 10.x because there was an aborted attempt at moving to FreeBSD 9, and early versions of 9 sucked.

    Believe me, we are quite interested at staying up-to-date.  You can help by submitting patches and/or testing snapshots when they happen.



  • @heper:

    i would think it might be better to keep up to date with every release instead of waiting for years and then making a huge effort to close the gap

    This completely misrepresents what happened.  Either you know this, and you're being rude, or you don't know this, and… you should research before you post.



  • @stephenw10:

    If I recall one of the biggest reasons for building 2.2 on a FreeBSD 10 base (which itself was still in beta at the time) was because it's much easier to stay current once you're there than continuously trying to play catch-up.

    Steve

    Work re-started on a port to something > FreeBSD 8, in October 2013, a few weeks after the pfSense 2.1 release (Sep 15, 2013).
    This release was to be called pfSense 2.2.

    FreeBSD 10.0-RELEASE occurred on Jan 20, 2014.
    pfSense 2.1.1 was released April 4th, 2014
    pfSense 2.1.2 was released April 10th, 2014
    pfSense 2.1.3 was released May 2nd, 2014
    pfSense 2.1.4 was released June 25th, 2014
    pfSense 2.1.5 was released August 27th, 2014
    pfSense 2.2-BETA was released  Sep 19, 2014
    FreeBSD 10.1 was released Nov 14, 2014
    pfSense 2.2-RC1 was released December 10th, 2014
    pfSense 2.2-RELEASE was released  January 23rd, 2015



  • @phil.davis:

    FreeBSD 11.0-CURRENT Release Notes: https://www.freebsd.org/relnotes/CURRENT/relnotes/
    That is an ongoing set of release notes that are updated as things happen.

    There is also https://wiki.freebsd.org/WhatsNew/FreeBSD11

    Looking at, potentially, the most important section of that for the average pfSense usr:

    • Support for linking NIC Receive Side Scaling (RSS) to the network stack's connection-group implementation (r263198)

    We actually (privately) support this by loaning a set of 10G and 40G cards to the individual doing this work.  It won't have a large
    impact on pfSense (yet), because it is all being done first to support reception on the box, rather than forwarding through it.

    • Support for the UDP-Lite protocol (RFC 3828) has been added to both IPv4 and IPv6 stacks (r264212)
      I doubt anyone cares (yet), and this was already in FreeBSD 10.1 (and thus pfSense 2.2) for IPv4.

    • IPX is no longer supported (r263140)
      Hurray!

    • AppleTalk is no longer supported (r263152)
      Hurray!

    • Flowid, bindmulti and RSS awareness have been added to the IPv6 stack (r268562)
      See above where we support this via loaned cards to the developer

    • RSS awareness has been added to the igb(4) driver (r268028)

    • RSS awareness has been added to the ixgbe(4) driver (r268029)
      These are Intel 1Gbps and 10Gbps cards.  Please see the paper, "Measure Twice, Code Once: Network Performance Analysis for FreeBSD" to be given by George Neville-Neil and myself at AsiaBSDcon in March.  I won't reveal the contents of the paper, but I will reveal that pfSense 2.2 is significantly faster than 11-CURRENT with a NODEBUG kernel.

    • netstat can display RSS and flow information with -R (r266448)
      See above.

    • PF hash has been changed from Jenkins to Murmur3 which shows a conservative 3% increase in packets per second (r272906)
      We're the party responsible for making this happen.  (It was George Neville-Neil and I.) and it's already in pfSense 2.2, btw.

    • Netmap support has been added to libpcap allowing tcpdump and other native pcap application to run directly on netmap ports (r272659)
      this is (just) importing more of Luigi's latest work.

    • faith(4) and faithd( 8 ) have been removed from base (r274331)
      Hurray!

    • cxgbe(4) will now front loads as much as possible before any driver lock or software queue gets involved (r276485)
      Chelsio cards.  There was a useless panic removed yesterday as well.

    @phil.davis:

    Is there a "roadmap" document somewhere that has a target timetable for 11.0-RELEASE and what is hoped to be in it?

    It's not that time, yet.    Nor is this the FreeBSD-CURRENT forum.

    The other major thing that is in pfSense 2.2 that is not yet in FreeBSD are the changes to the IPsec stack to support AES-GCM, enabling AES-NI accelerated IPsec.  Make no mistake, it's going in FreeBSD, it's just that the work isn't done, yet.