Changeset View
Changeset View
Standalone View
Standalone View
website/content/en/releases/13.0R/relnotes.adoc
Show First 20 Lines • Show All 417 Lines • ▼ Show 20 Lines | ||||||||||||
If the man:efibootmgr[8] utility is used to customize the boot environment, this file should be copied to the location set with the `-l` flag. | If the man:efibootmgr[8] utility is used to customize the boot environment, this file should be copied to the location set with the `-l` flag. | |||||||||||
[[network]] | [[network]] | |||||||||||
== Networking | == Networking | |||||||||||
This section describes changes that affect networking in FreeBSD. | This section describes changes that affect networking in FreeBSD. | |||||||||||
[[network-general]] | [[network-general]] | |||||||||||
debdrupUnsubmitted Done Inline Actions
debdrup: | ||||||||||||
=== General Network | === General Network | |||||||||||
Done Inline Actions
debdrup: | ||||||||||||
A new type of man:mbuf[9] (network data buffer) can represent multiple, | A new type of man:mbuf[9] (network data buffer) can represent multiple, | |||||||||||
Done Inline Actions
debdrup: | ||||||||||||
unmapped physical pages as a single buffer. | unmapped physical pages as a single buffer. | |||||||||||
This improves the performance of man:sendfile[2] by reducing the length of | This improves the performance of man:sendfile[2] by reducing the length of | |||||||||||
Done Inline Actions
debdrup: | ||||||||||||
mbuf linked lists in socket buffers. gitref:82334850ea45[repository=src], gitref:cec06a3edc52[repository=src] {{< sponsored "Netflix" >}} | mbuf linked lists in socket buffers. gitref:82334850ea45[repository=src], gitref:cec06a3edc52[repository=src] {{< sponsored "Netflix" >}} | |||||||||||
The kernel now supports in-kernel framing and encryption of Transport | The kernel now supports in-kernel framing and encryption of Transport | |||||||||||
Layer Security (TLS) data on TCP sockets for TLS versions 1.0 through 1.3. | Layer Security (TLS) data on TCP sockets for TLS versions 1.0 through 1.3. | |||||||||||
Transmit offload via in-kernel crypto drivers is supported for | Transmit offload via in-kernel crypto drivers is supported for | |||||||||||
MtE cipher suites using AES-CBC as well as AEAD cipher suites using | MtE cipher suites using AES-CBC as well as AEAD cipher suites using | |||||||||||
AES-GCM. | AES-GCM. | |||||||||||
Receive offload via in-kernel crypto drivers is supported for AES-GCM | Receive offload via in-kernel crypto drivers is supported for AES-GCM | |||||||||||
cipher suites for TLS 1.2. | cipher suites for TLS 1.2. | |||||||||||
Using KTLS requires the use of a KTLS-aware userland SSL library. | Using KTLS requires the use of a KTLS-aware userland SSL library. | |||||||||||
The OpenSSL library included in the base system does not enable KTLS | The OpenSSL library included in the base system does not enable KTLS | |||||||||||
support by default, | support by default, | |||||||||||
but support can be enabled by building with the `WITH_OPENSSL_KTLS` option. | but support can be enabled by building with the `WITH_OPENSSL_KTLS` option. | |||||||||||
gitref:b2e60773c6b0[repository=src], gitref:6554362c6640[repository=src], gitref:f1f934754638[repository=src], gitref:3c0e56850511[repository=src], gitref:c1c52cd57e88[repository=src] {{< sponsored "Netflix" >}} {{< sponsored "Chelsio Communications" >}} | gitref:b2e60773c6b0[repository=src], gitref:6554362c6640[repository=src], gitref:f1f934754638[repository=src], gitref:3c0e56850511[repository=src], gitref:c1c52cd57e88[repository=src] {{< sponsored "Netflix" >}} {{< sponsored "Chelsio Communications" >}} | |||||||||||
man:tcp[4] now supports Proportional Rate Reduction (as described by RFC6937) to improve SACK loss recovery during burst loss and ACK thinning scenarios. | man:tcp[4] now supports Proportional Rate Reduction (as described by RFC6937) to improve SACK loss recovery during burst loss and ACK thinning scenarios. | |||||||||||
Done Inline Actions
debdrup: | ||||||||||||
This feature is enabled by default. | This feature is enabled by default. | |||||||||||
Done Inline Actions
debdrup: | ||||||||||||
A new man:sysctl[8], `net.inet.tcp.do_prr`, can be set to `0` to restore the prior behavior. | A new man:sysctl[8], `net.inet.tcp.do_prr`, can be set to `0` to restore the prior behavior. | |||||||||||
Done Inline Actions
debdrup: | ||||||||||||
PRR should generally help improve loss recovery performance and prevent numerous preventable retransmit timeout (RTO) stalls. | PRR should generally help improve loss recovery performance and prevent numerous preventable retransmit timeout (RTO) stalls. | |||||||||||
Not Done Inline ActionsIs there a line too many here? debdrup: Is there a line too many here? | ||||||||||||
This surpasses the prior behavior, but a strictly packet conserving variant can be enabled. | This surpasses the prior behavior, but a strictly packet conserving variant can be enabled. | |||||||||||
A misconfigured token bucket traffic policer can cause persistent loss even during loss recovery. | A misconfigured token bucket traffic policer can cause persistent loss even during loss recovery. | |||||||||||
Done Inline Actions
debdrup: | ||||||||||||
In that case, activating the conservative PRR variant may prevent some retransmission timeouts (RTO) and associated session stalls for a few milliseconds while behaving less optimal in the general case. | In that case, activating the conservative PRR variant may prevent some retransmission timeouts (RTO) and associated session stalls for a few milliseconds while behaving less optimal in the general case. | |||||||||||
Done Inline Actions
debdrup: | ||||||||||||
A new man:sysctl[8], `net.inet.tcp.do_prr_conservative`, | A new man:sysctl[8], `net.inet.tcp.do_prr_conservative`, | |||||||||||
Done Inline Actions
debdrup: | ||||||||||||
can be set to `1` to enable strictly packet conserving behavior (at most 1 segment for each ACK received), while the normal variant may send up to 2 segments per received ACK - helping in cases of ACK thinning or significant burst loss events. gitref:0e1d7c25c5ab[repository=src] {{< sponsored "NetApp" >}} | can be set to `1` to enable strictly packet conserving behavior (at most 1 segment for each ACK received), while the normal variant may send up to 2 segments per received ACK - helping in cases of ACK thinning or significant burst loss events. gitref:0e1d7c25c5ab[repository=src] {{< sponsored "NetApp" >}} | |||||||||||
Done Inline Actions
debdrup: | ||||||||||||
The man:cc_cubic[4] man:tcp[4] congestion control algorithm aligns more closely with the standard in RFC8312. gitref:40f9078ff9d9[repository=src] {{< sponsored "NetApp" >}} | The man:cc_cubic[4] man:tcp[4] congestion control algorithm aligns more closely with the standard in RFC8312. gitref:40f9078ff9d9[repository=src] {{< sponsored "NetApp" >}} | |||||||||||
Done Inline Actions
debdrup: | ||||||||||||
The amount of queued packets in for unresolved ARP/NDP entries has been increased to 16. gitref:0da3f8c98d17d9[repository=src] | ||||||||||||
Stacked VLAN (802.1ad) support has been added: gitref:c7cffd65c5d8[repository=src]. | ||||||||||||
Done Inline ActionsQ: what is the proper way to reference the person who contributed this change? melifaro: Q: what is the proper way to reference the person who contributed this change? | ||||||||||||
Not Done Inline ActionsThe authorship is noted in that commit, so unless they explicitly asked to be mentioned in the release notes, I'm not sure. debdrup: The authorship is noted in that commit, so unless they explicitly asked to be mentioned in the… | ||||||||||||
Done Inline Actions
debdrup: | ||||||||||||
debdrupUnsubmitted Done Inline Actions
The colon should be a period. debdrup: The colon should be a period. | ||||||||||||
The man:ping[8] utility now supports setting network QoS, with IP DSCP gitref:6034024daddb[repository=src] and Ethernet PCP gitref:81a6f4c7ae69[repository=src]. {{< sponsored "NetApp" >}} | The man:ping[8] utility now supports setting network QoS, with IP DSCP gitref:6034024daddb[repository=src] and Ethernet PCP gitref:81a6f4c7ae69[repository=src]. {{< sponsored "NetApp" >}} | |||||||||||
Merged the man:ping[8] and man:ping6[8] utilities. | Merged the man:ping[8] and man:ping6[8] utilities. | |||||||||||
man:ping[8] supports both IPv4 and IPv6. | man:ping[8] supports both IPv4 and IPv6. | |||||||||||
A legacy man:ping6[8] is retained for backwards compatibility. gitref:3cde9171d2d5[repository=src] | A legacy man:ping6[8] is retained for backwards compatibility. gitref:3cde9171d2d5[repository=src] | |||||||||||
SCTP support is now available as a new [.filename]#sctp.ko# kernel module | SCTP support is now available as a new [.filename]#sctp.ko# kernel module | |||||||||||
and is no longer compiled into GENERIC by default. | and is no longer compiled into GENERIC by default. | |||||||||||
gitref:e64080e79c53[repository=src] {{< sponsored "The FreeBSD Foundation" >}} | gitref:e64080e79c53[repository=src] {{< sponsored "The FreeBSD Foundation" >}} | |||||||||||
[[[network-routing]] | ||||||||||||
=== Routing | ||||||||||||
FreeBSD 13 features a rewritten routing stack. It is based on the introduction of nexthops - objects holding all necessary state to pass a packet to the desired destination. gitref:a666325282ea[repository=src] | ||||||||||||
Multipath routing support has been rewritten in more scalable fashion, featuring 64-wide multipath routes with O(1) lookup time. gitref:fedeb08b6a58[repository=src]. | ||||||||||||
The `RADIX_MPATH` kernel option got replaced with `ROUTE_MPATH`, which is turned on by default. Additionally, the `net.route.multipath` sysctl has been added to control the feature in runtime. gitref:d1d941c5b910[repository=src], gitref:d5fe384b4d41[repository=src] | ||||||||||||
Support for custom route lookup algorithms has been added. The framework decouples control-plane and data-plane, resulting in both faster lookups and better convergence times for large tables under load. gitref:f5baf8bb12f3[repository=src] | ||||||||||||
DPDK librte-based IPv4/IPv6 route lookup algorithms has been added, optimising control-plane and data-plane for large routing tables. gitref:537d13437314[repository=src] | ||||||||||||
Interface fib is now used for proxyarp checks. gitref:66bc03d41566[repository=src] | ||||||||||||
Loopback route installation has been fixed for the interfaces in different fibs using the same prefix. gitref:9fdbf7eef5c0[repository=src] | ||||||||||||
Number of fibs can now be changed at runtime by controlling `net.fibs` sysctl. gitref:f5247a232a33[repository=src] | ||||||||||||
`net.add_addr_allfibs` sysctl default has been changed to 0. gitref:2d3982419593[repository=src] | ||||||||||||
Temporal routes (routes with `-expire` time set) expiration have been for both IPv4 and IPv6. gitref:34a5582c47c7[repository=src] | ||||||||||||
Duplicate routes installation issue for /32 or /128 interface aliases has been fixed. gitref:81728a538d24[repository=src] | ||||||||||||
IPv6 interface routes are now marked with RTF_PINNED like their IPv4 counterparts. gitref:81728a538d24[repository=src] | ||||||||||||
The {{< manpage "route" "8">}} network auto-guessing has been eliminated by removing remnants of classful behavior. gitref:d28210b2c2aa[repository=src] | ||||||||||||
Sysctl `net.inet6.ip6.deembed_scopeid` , making it possible to disable IPv6 scope de-embedding, has been removed. gitref:bec053ffe01d[repository=src] | ||||||||||||
[[hardware]] | [[hardware]] | |||||||||||
== Hardware Support | == Hardware Support | |||||||||||
This section covers general hardware support for physical machines, hypervisors, and virtualization environments, as well as hardware changes and updates that do not otherwise fit in other sections of this document. | This section covers general hardware support for physical machines, hypervisors, and virtualization environments, as well as hardware changes and updates that do not otherwise fit in other sections of this document. | |||||||||||
=== AMD64 | === AMD64 | |||||||||||
▲ Show 20 Lines • Show All 135 Lines • Show Last 20 Lines |