• Motivation
• Introduction to Ansible
• Setting up Ansible
  • Requirements
  • Creating and exchanging SSH keys to target systems
  • Setting up an inventory file
  • Ansible con guration file locations and contents
• Running Ansible ad-hoc commands from the shell
  • Checking availability of target systems (Ansible ping)
  • Transferring les to and from target hosts
  • Managing packages on remote systems (installation, upgrades)
  • File modi cations (inserting, changing, or removing single/multiple lines)
  • User management (mass creation of users with speci c patterns including group membership)
• Writing playbooks (Motivation)
  • Introduction to YAML
    • Basic syntax
    • YAML lists & dictionaries
  • Variables de nitions (in inventory le, playbook, or as gathered facts)
  • Using Jinja2 templates
• A complete example
• Conclusion and where to go from here

Benedict Reuschling joined the FreeBSD Project in 2009. After receiving his full documentation commit bit in 2010, he actively began mentoring other people to become FreeBSD committers over the years. He is a proctor for the BSD Certi cation Group. Benedict has a Master of Science degree in Computer Science and is teaching a UNIX for software developers class at the University of Applied Sciences, Darmstadt, Germany. He is managing the Big Data cluster for the CS department using Ansible since mid 2014. Benedict joined the FreeBSD Foundation Board of Directors in 2015 and is currently serving as vice president.

This is a new and revised version of the classic PF tutorial, with added content covering more topics related to networking, and with additional exercises to put the knowledge in practice.

This session is aimed at both experienced or aspiring network administrators who want to expand their knowledge of PF, the OpenBSD packet filter, and have a broader understanding of networking concepts and protocols.

The tutorial is divided in two main parts. The first part covers the basics of PF, while the second part refocuses on the local network and its interactions with the global internet.

The goal of the tutorial is to give participants a very broad understanding of networking in an enterprise network using OpenBSD and PF as the basis for all the communication needs.

A basic knowledge of Unix and TCP/IP network configuration is expected and required. The session content will be largely determined by your questions (if possible sent to tutorial@bsdly.net in advance).

The tutorial is divided in two main parts. The first part covers the basics of PF, such as:

• Configuration on OpenBSD, FreeBSD and NetBSD (and possibly Solaris)
• PF ruleset basics and rule interactions: block, pass, match
• Writing maintainable rulesets
• Address families: IPv4 NAT vs IPv6
• Redirection, divert and services with odd dependencies (ftp-proxy, spamd)
• Adaptive rulesets (state tracking tricks)
• Traffic shaping with priorities and 'newqueue', OpenBSD 5.5 style
• Legacy ALTQ traffic shaping
• Per user filtering with authpf
• High availability with CARP, relayd
• Wireless vs wired networks
• Filtering bridges
• Logging and monitoring - pflog, pflow and others
• Testing, debugging, and optimizing your configuration
• Updates on recent developments and what to expect in upcoming releases

While the second part refocuses on the local network and its interactions with the global internet, covering topics such as:

• Basic OpenOSPFd configuration, operation and interaction with PF;
• Basic OpenBGPd configuration, operation and interaction with PF;
• Introducing VXLAN in your network;
• Choosing your ISP, a quick guide;
• Use cases for OSPF, BGP or ECMP;
• BCP38, the routing manifesto and Internet peering;

Peter N. M. Hansteen is a sysadmin and writer based in Bergen, Norway. He wrote The Book of PF (3rd edition No Starch Press 2014, https://www.nostarch.com/pf3), occasionally contributes articles from an OpenBSD user perspective to journals and maintains a blogosphere presence at bsdly.blogspot.com. He maintains that he will get another book out any decade now, in the meantime he will be doing tutorials and trainings on OpenBSD and related matters.

Massimiliano Stucchi Massimiliano Stucchi is a longtime networker with a strong attachments to BSDs and IPv6. Trainer and IPv6 evangelist (formally IPv6 Programme Manager at RIPE NCC), with a web presence at https://stucchi.ch

• Introduction
• A Brief History of OpenZFS
• Problems with Todays non-ZFS Filesystems
• OpenZFS - Feature Overview
  • Simple Storage Administration
  • Data Integrity from Beginning to End
  • Performance
• OpenZFS Requirements
• ZPool - The ZFS Volume Management for Storage Media
  • Building our rst single disk pool
  • Displaying the Pool Status and Available Space
  • Building multi-disk pools
    • Striped Pools for Performance
    • Mirrors and RAIDZ for Redundancy
    • Self-healing demonstration
  • Displaying I/O Statistics
• Datasets (create, destroy)
• ZFS Properties
  • Viewing dataset and pool properties
  • Changing properties (setting mountpoints)
  • Custom Properties
• Quotas and Reservations
• Snapshots
  • Creating Snapshots (recursively)
  • Snapshot rollback
  • Displaying Snapshot differences
  • Restoring individual files
• Clones
• Boot Environments
• Compression
• Deduplication
• ZFS Volumes
• ZFS Send and Receive
• Conclusion and further Ressources

Benedict Reuschling joined the FreeBSD Project in 2009. After receiving his full documentation commit bit in 2010, he actively began mentoring other people to become FreeBSD committers over the years. He is a proctor for the BSD Certi cation Group. Benedict has a Master of Science degree in Computer Science and is teaching a UNIX for software developers class at the University of Applied Sciences, Darmstadt, Germany. He is managing the Big Data cluster for the CS department using Ansible since mid 2014. Benedict joined the FreeBSD Foundation Board of Directors in 2015 and is currently serving as vice president.

TBA

Massimiliano Stucchi Massimiliano Stucchi is a longtime networker with a strong attachments to BSDs and IPv6. Trainer and IPv6 evangelist (formally IPv6 Programme Manager at RIPE NCC), with a web presence at https://stucchi.ch

The tutorial will cover in full Netmap and its features, from the basics to the most advanced NFV setups.

• 9am - 10:30am Background and motivation. Introduction to the Netmap API with examples. The VALE switch and Netmap pipes.
• 10:30am - 11:00am Coffee Break
• 11:00am - 12:30 Netmap as a backend for VMs. Pass-through of host Netmap ports.
• 12:30am - 1:30pm Lunch Break
• 1:30pm - 3:00pm Hands-on experience: writing an NFV application using the Netmap API. Exploiting the different kinds of Netmap ports and port passthrough.
• 3:00pm - 3:30pm Coffee Break
• 3:30pm - 5:00pm Continue hands-on experience: writing and loading an in-kernel VALE switch module.

The tutorial targets network engineers and system developers that want to learn what Netmap is and how it can help improving throughput, latency and energy efficiency of their packet processing pipelines, both on bare-metal and Virtual Machines. Attendees must bring their own laptop, with FreeBSD (11 or HEAD) or a Linux distribution installed directly on the laptop or inside a Virtual Machine. Attendees are also expected to have familiarity with networking and programming in C or C++.

The first part of this tutorial provides an overview and an analysis of the challenges for fast user-space network I/O frameworks such as netmap, DPDK, PF_RING. These frameworks support packet processing applications (e.g., routers, middleboxes) that need to deal with millions of packets per seconds (e.g., 10 Gbps or higher), which are often needed in the context of Network Function Virtualization (NFV). For performance reasons, the frameworks typically bypass the kernel or its network stack, and provide user-space applications with a device-independent API for direct access to the physical or virtual Network Interface Card (NIC) hardware.

The tutorial then focuses on Netmap [1, 2, 3] because of its flexibility, multi-faceted capabilities and unique advantages to other frameworks, in particular for NFV use cases. We introduce Netmap along with its API and example programs. The different features are then presented one by one along with their corresponding use cases and performance numbers.

We aim at attendees becoming able to write a simple packet processing application using the netmap API and run it on several netmap ports on bare metal or inside containers and virtual machines.

Giuseppe Lettieri is researcher and lecturer at the Dipartimento di Ingegneria dell'Informazione at Universit� di Pisa, Italy. In the past few years he has contributed to the development and maintenance of the netmap framework for fast packet I/O, including the introduction of netmap pipes, a very fast IPC mechanism based on the netmap API, and the design of ptnetmap, a very fast virtual passthrough for virtual machines. For the Openlab EU project he has designed and implemented the Open vSwitch port for the PlanetLab EU testbed.

Vincenzo Maffione is a third-year PhD student the Dipartimento di Ingegneria dell'Informazione of the Universit� di Pisa, Italy. In the past five years he has worked as a netmap maintainer and developed some of its subsystems, including the emulated netmap mode (to run netmap applications over any network interface), ptnetmap host support and guest drivers. He has also integrated the netmap datapath within various hypervisors, including QEMU, bhyve and Xen. His main research interests include high speed user-space networking and Virtual Machine networking.

Michio Honda is a senior researcher at NEC Laboratories Europe in Germany. He has joined the netmap project since 2012. He has worked on transport protocols, middleboxes, user- and kernel-space network stacks, software switch and most recently, network stack design for non-volatile main memory. He received IRTF/ISOC Applied Networking Research Prize in 2011 for middlebox measurement work determining extensibility of TCP, and best paper award at ACM SOSR'15 for work on a scalable, modular software switch with other netmap developers.

The FreeBSD operating system includes the isolation and virtualization multiplicity facilities chroot(8), jail(8), bhyve and Xen, but offers limited facilities for the creation and management of isolated or virtualized targets1. The ‘bsdinstall(8) jail’, jail.conf(8), and vmrun.sh tools support rudimentary Jail and bhyve target creation and management and are not designed for automation using in-base or external tools. This paper will explore how the bsdinstall(8), nfsd(8) and zfs(8) in-base FreeBSD resources can be leveraged to create authentic, block and file storage- backed operating system installations suitable for use with not only chroot(8) and jail(8) isolated environments, bhyve(8) and Xen virtual machines, but also network-booted hardware machines. Leveraging in-base tools in support of in-base multiplicity facilities enables not only traditional isolated or virtualized “guest” hosts2, but also enables the efficient, more-comprehensive testing of supported and end-of-life releases of BSD operating systems for regression investigation. While the work described in this paper is based on the FreeBSD operating system, its fundamental methodologies described should apply in part or in full to other BSD operating systems.

Michael has used BSD Unix systems for over 20 years and has organized open source events and projects around the world for over a decade with a focus on virtualization. Michael provides FreeNAS and FreeBSD training, support and marketing services at Gainframe, based in Portland, Oregon.

It is believed that UNIX operating system (OS) built on ne granular small parts is preferable to one built on the traditional large tarballs in order to support speedy security update, easy replacement and rollback of speci c parts. In Linux distributions, the system are already divided into many small packages. On the other hand, BSD Unix variants are behind the curve on the base system packaging. To improve NetBSD base system granularity, we propose a framework for OS base system packaging. We have developed a software "basepkg" by making the best use ofpkgsrc framework and operate an experimental base package distribution server to evaluate our software in realistic environment. It is shown that replacement of a few OS granular parts is clearly faster and can provide extra useful functions for NetBSD users and customers.

FreeBSD is often used as a router or a firewall, but the vast majority of tuning guides available for this use case doesn't explain in detail how to calculate each value to be tuned. This study, after describing how to bench a router and the most important basic concepts to understand, demonstrate the benefit of tuning major parameters to obtain the best routing and firewalling performance with FreeBSD 11.1-RELEASE.

Network Engineer at Orange, founder of FreeNAS and BSD Router Project, FreeBSD port committer and network performance grapher.

FreeBSD is one of the most popular Unix-like operating systems, though there are not many appliances that have been built which are based on it. The situation looks even more pessimistic, once we discuss security appliances. The author of the paper, in his daily work, has spent the last 4-years building the most advanced PAM solution in the world, which is based on the FreeBSD operating system. In this paper we will discuss which, and more importantly how FreeBSD features can be used to build appliances. The presentation will present only features that are available in the base system not in third-party programs. The author of the paper looks forward to presenting all the nuances and best practices of using FreeBSD as the main component of the appliance. He hopes the article will raise awareness in the community, that FreeBSD can be used in building security appliances which will finally result in convincing companies to employ this operating system more often.

Mariusz Zaborski is a team leader and a software developer at WHEEL Systems. Mariusz's main ares of interest are OS security and low-level programming. At Wheel Systems, Mariusz is developing a solution to monitor, record and control traffic in an IT infrastructure. He has been involved in the development of Capsicum and Casper since Google Summer of Code 2013, which he successfully passed under the mentorship of Pawe� Jakub Dawidek. Mariusz has been a FreeBSD project commiter since 2015.

This paper describes the FreeBSD operating system port for the IBM POWER8 System on a Chip family. POWER8 are massively parallel 64-bit RISC microprocessors designed for the server market and optimized for Cloud and Big Data workloads. A single POWER8 socket contains up to 12 physical CPU cores, each divisible to up to 8 SMT threads. The main focus of this article is to provide a bottom-up overview of how the FreeBSD platform support for POWER8 was implemented and present the benets and pitfalls of the PowerPC-64 technology in terms of OS development. The paper also describes key components of the POWER8 system and explains how they are supported in FreeBSD. Finally, possible fields of of further improvement are pointed out briefly.

While porting FreeBSD to a new architecture can be hard and requires a lot of knowledge of a lot of the kernel subsystem, porting to a new ?board? is much easier. We will take the Rock64 board from Pine64 for the exercise of porting FreeBSD to it and see what it take to have kernel booting for the first time and what are the next step when porting to a new SoC. Even if the Rock64 is an ARM64 board the step are the same for an ARM32 one.

Kernel hacker and ARM board collector

Mininet is an interactive development tool designed for the purpose of prototyping and testing of Software-defined network (SDN) controllers, their applications, and SDN-capable switches. It, however, heavily depends on Linux-specific network virtualization features and applications. This talk describes the work to create a version of Mininet that is capable of running on OpenBSD by making use of rdomain(4)s and the SDN components available on it, namely switch(4) and switchd(8). Along the way, we describe the motivation for porting a tool like Mininet, and provide some examples of how it is used. We also describe some of the issues that were encountered in the porting process so far, and how they were resolved.

Ayaka Koshibe is an engineer in the SDN controller platform team at Big Switch Networks. Previously Ayaka worked on SDN applications at ON.Lab (ONF), and prior to that, the GENI campus trial deployments at Rutgers University. Ayaka has been a FreeBSD user since 2009, an OpenBSD user since 2016, and a developer with the latter since 2017.

We describe work we have done to profile the FreeBSD kernel boot — both adding instrumentation to the kernel to collect data while the system is booting, and converting the resulting timestamp records into a graphical visualization of where time is spent in the boot process. We show results from two systems and highlight some places where it is clear that the performance of the FreeBSD boot process can be improved.

Dr. Colin Percival has been a FreeBSD developer since 2004, and has served over the years as the project Security Officer, a Core Team member, and most recently as the maintainer of the FreeBSD/EC2 platform. He is also the founder of the Tarsnap online backup service. On the rare occasions when he steps away from his laptop, he can be found playing violin in an amateur orchestra near to his home in Vancouver, Canada.

In this paper, we are going to describe various improvements we have made to DragonFlyBSD to help reduce and stabilize network latency, and increase network performance. How it works and why it works in DragonFlyBSD will be explained.

Yanmin Qiao has been working on DragonFlyBSD since 2005. His major focus is network stack and network device drivers. He is also known as Sepherosa Ziehau.

Web applications export an attractive attack surface. First, since they're open front-ends to valuable data sources. And second, since they usually accept a non-trivial set of inputs (forms, JPGs, etc.), perform complex tasks, and produce diverse outputs---where each step along the way may be manipulated by a skilled attacker. Or an unskilled one with well-built tools. A great deal of active research concerns itself with restricting system resources from attackers, but there remain few resources for protecting an application's internal data sources: most importantly, the database. In this talk, I describe recent developments in BCHS web applications that allow programmers to define, enforce, and audit access roles of the application and its data source. We'll show real-world applications with hard guarantees on access control.

Contributes to BSD.lv open source projects.

Virtualization allows a host computer to run multiple virtual machines. A virtual machine makes it possible for a guest operating system to run in an environment that from its point of view acts like the native hardware. The ARMv8 family of processors developed by ARM provide various hardware features which make virtualization efficient by removing or reducing some of the overhead usually associated with running virtual machines. We are working on porting the FreeBSD bhyve hypervisor to this architecture, a port we have called bhyvearm64. This paper describes the porting process and the modifications we have made to the FreeBSD kernel and to the bhyve hypervisor

Alexandru Elisei is a 4th year college student studying Computer Science at University Politehnica of Bucharest. He is very passionate about computers and open source software. Alexandru Elisei has made contributions to various open source projects, like Gentoo's package manager, Portage, Moodle core and Moodle plugins, and libmraa. He has also taken part in Google Summer of Code as a student developer.

Modern, digital x-ray machines are pretty complex beasts. They contain several networked systems and must in turn be connected to the hospital or doctor's office network - basically, requests with the patient data are being sent to the x-ray machine, the operator processes these requests and the records are sent back with the images attached. To further complicate matters, there are external image readers in some cases, connected to the external network, not the x-ray machine itself, that the x-ray machine needs to talk to. Thanks to the wonderful combination of high certification costs and monopolies in certain areas, some of these sensors only speak ftp. The x-ray machine's internal network must be the same layer 2 network as the external one thanks to the mandantory protocols involved, and medical regulations make any kind of investigation or information gathering on production systems outright impossible. The same regulations impose very very strict limits on remote access - only if the machine is in maintainance mode and not operational, of course. Certification requirements make upgrading hard, and the field engineers are x-ray engineers, not networking specialists. Even a DoS has unexpected consequences - if the data transfer between the image sensor and the imaging station fails, the x-ray process has to be repeated, and that is considered bodily injury. While most vendors just ignore the problem, at least one has its digital x-ray and fluoroscopy (think x-ray movies) ship with an OpenBSD bridge for roughly 10 years now to seperate the internal from the external network. This system as recently been redone and is getting rolled out to their CT and MRI machines as well. I will show how OpenBSD is being used on this scenario, dive into the arp filter I wrote for the bridge in the process as well as several smaller pf changes, and provide new insights - even literally.

Henning has been an OpenBSD developer since 2002. He's the lead pf developer for many years now. Henning also started OpenBGPD and OpenNTPD, and the framework he wrote for them is the base of all newer network deamons in OpenBSD. Aside from OpenBSD, Henning is the CEO of BS Web Services GmbH, an ISP, and net-activities GmbH, and also runs Henning Brauer Consulting. He also is an elected member of the Hamburg Chamber of Commerce plenary, on the Board of Directors at the EuroBSDcon Foundation and co-chair of Standpunkt.Schanze e. V.

Interrupts are used in modern systems to signal events that require immediate action. Current CPUs implement interrupts using some type of controller circuit. As such, the ARM architecture uses a system called Generic Interrupt Controller to manage interrupts. In order for virtualization to be possible on ARM hardware, a Virtual Generic Interrupt Controller needs to be present to manage interrupts for guest operating systems. This research project describes implementing such a system for an ARMv7 processor running the FreeBSD hypervisor - bhyve.

My name is Mihai Carabas and I'm a assistant profesor at University POLITEHNICA of Bucharest in the domains like computer architecture and operating systems. I've contributed over the last five years in FreeBSD and DragonFlyBSD virtualization code. I've started working on BSD systems four years ago, on DragonFly BSD, tweaking its scheduler to be SMT (or HT) aware. In the next year I've implemented hardware nested page table support (EPT for Intel) for the DragonFly BSD vkernels eliminating the need of shadow page tables. In 2014 I've worked on a bhyve project where I've tried to minimize the impact of instruction emulation by caching the emulated instructions. Thus, at further usage, we use the hot cache instead of fetch-and-decode the faulted instruction again (the work has been presented during AsiaBSDCon 2015). In 2015 I've started working on porting the bhyve hypervisor on ARM-based platforms. I had to write from scratch the low-level context switch code and adapt it to a Type-2 hypervisor: ARM, by its design, ensures support for Type-1 hypervisors (a hypervisor that runs without a host OS). bhyve is written to be part of the FreeBSD and use its management features and thus its a Type-2 hypervisor. Another problem was to fork the current bhyve code base and reuse it with minor modifications for ARM (basically to preserve the same API - in the near future to be able to create a generic code-base for bhyve and only the context switch code to reside in the machine-dependant code). Until now I've manage to run a virtual machine on top of the bhyve hypervisor using FastModels simulation platform. There is work in progress at the virtualization of the interrupts to have a fully functional GuestOS. From 2014 in parallel with the work at bhyve I've promoted bhyve in my University and coordinated students to do bhyve-related projects. The current main projects I'm coordinating are: - save/restore feature for x86_64 bhyve and porting bhyve to ARM architecture.

Kernel coredumps over the network are useful for debugging embedded machines, disk driver and machines with large amounts of RAM relative to swap partitton size. There has been a netdump patch for FreeBSD since the early 2000s. iflib was introduced in the fall of 2017 providing a standarized set of functions for network driver implementation. iflib currently supports most In- tel drivers and Broadcom NetExtreme Family cards, with vtnet support and more planned. Porting netdump to iflib gives all drivers that iflib support netdump support. Improving the netdump facility by generalizing it’s driver support with iflib will ease supporting new hardware. Modern network cards can transmit at 10, 40, or 100 Gbps. The ability of the netdump server to receive core dumps is variable based on traffic on that network inter- face, especially when handiling multiple dump stream at once. Improving core dump performance on >= 10G net- work cards is a question of solving the congestion control problem in netdumpd, and the netdump client, which is similar to an embedded environment without iterrupts or dynamic memory allocation.

Sam Gwydir is an engineer at Joyent, Inc. There he works on their cloud platform,. A FreeBSD user since 9.0, Sam was previously been a systems engineer at Groupon.

As ARM-based processors achieve better per-watt performance compared to the more complicated x86-based CPUs, while also being powerful enough to complete some of the most demanding tasks, servers created with ARM processors at their core become increasingly viable. Server systems usually rely on virtualization technology for resource management and component isolation. Depending on application type, the guest may need large amounts of data to be transferred to, and from, the virtual machine through the host. However, the limited amount of computational resources means that their superfluous use will reduce performance. Consequently, creating communication mechanisms between guest and host with as little overhead as possible is a must. VirtIO devices are a solution to this problem, reducing data transfer overhead by employing paravirtualization techniques.

My name is Darius Mihai. I am a first year Master's student at University POLITEHNICA of Bucharest in the field of Security of Complex Networks. I began my work on FreeBSD virtualization on ARM systems in March 2017 as part of my Bachelor Diploma project, when I worked on debugging a faulty implementation of caches in virtual machines and the virtual machine power-off mechanism. I began work on the current project (porting the VirtIO devices to bhyve on ARM) in August 2017. Besides the somewhat obvious interests in operating systems and security, I love video games and tinkering with code for fun (in C).

FreeBSD's use in virtualization workloads has been hampered by its lack of Virtual Private Cloud ("VPC") functionality. While the bhyve(4) hypervisor has proven to be robust and performant Hardware Virtual Machine ("HVM"), it has lacked the necessary companion networking stack in order to be used as a first-class hypervisor for cloud computing workloads. The FreeBSD vpc(4) subsystem was designed to augment the capabilities of bhyve(4) in order to support the demands of cloud workloads. After experimentation and extending with the existing network interfaces (e.g. bridge(4), tap(4), ptnetmap(9)), it became clear that it would be necessary to implement a new networking subsystem custom built for virtualization workloadschange course. We settled on implementing vpc(4) by extending the iflib(9) framework, a generalized NIC interface in the FreeBSD kernel. Using iflib(9) we created a suite of network services that allow FreeBSD to be used as a performant and flexible hypervisor for cloud workloads. Depending on the configuration and policies, it is also possible to use vpc(4) for desktop applications, too. We outline the intial performance achieved, both with ptnetmap(9) and iflib(9), the list of services in vpc(4), and how to deploy a cloud environment.

Sean Chittenden is a pluralist infrastructure engineer. He is a long-time participant of the FreeBSD and PostgreSQL communities with over 15+ years experience at building and managing data center applications. Sean tick-tocks back-and-forth between operations and engineering roles. At Groupon Sean helped design and build Groupon's internal Database-as-a-Service. More recently Sean worked at HashiCorp and is currently at Joyent where he is working to meet the needs of Samsung-scale computing.

Virtualization is one of the most powerful concepts of today's technology and virtual machine migration becomes a common operation in online service management. To do that, we need a state save and restore mechanism implemented in the hypervisor we use. VMware, VirtualBox or Hyper-V have such features already implemented for their products. Bhyve, FreeBSD's own hypervisor, does not have this kind of feature implemented yet, although it is necessary. An ongoing project at the University POLITEHNICA of Bucharest is implementing this feature for bhyve. This paper presents two contributions to the Save & Restore Project. The first one is related to the process of saving and restoring a virtual machine's device structures such as VATPIC, VATPIT, VRTC, VPMTMR. The second one presents the way the save and restore feature is implemented for virtual machines which run on AMD CPUs.

My name is Maria-Elena Mihailescu. I am currently pursuing a Master's degree in Security of Complex Network at The Faculty of Automatic Control and Computer Science, University POLITEHNICA of Bucharest. My domain of interests includes operating systems internals and computer security. I have started working on FreeBSD virtualization in September 2017 when I began implementing a Save and Restore feature for bhyve for AMD CPUs.