===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/62.html,v
retrieving revision 1.62
retrieving revision 1.63
diff -u -r1.62 -r1.63
--- www/62.html 2017/10/06 17:45:39 1.62
+++ www/62.html 2017/10/06 18:05:53 1.63
@@ -154,110 +154,132 @@
vmm(4)/
vmd(8) improvements:
- - vmctl(8) supports paused VM migration and memory snapshotting using send and receive commands.
-
- VPID/ASID reuse/rollover in vmm(4).
-
- SGABIOS imported as an option ROM payload in SeaBIOS (for VGA to serial console redirection.)
-
- vmd(8) resets the guest VM RTC (real time clock) on host resume from suspend/hibernate (OpenBSD guests only.)
-
- Allow guest VMs access to AVX/AVX2 host CPU features
-
- Support for AMD SVM/RVI hosts
-
- Allow larger guest VM memory sizes (up to MAXDSIZ sized guests - eg, 32GB on amd64 hosts)
-
- Better handling of guest VM MONITOR/MWAIT and HLT instructions
-
- Various device emulation improvements in vmd(8).
-
- Increase the virtio(4) queue size provided by vmd(8) from 64 to 128 entries, to increase performance.
-
- Many fixes to vmctl(8) and vmd(8) error handling.
+
- vmctl(8) supports
+ paused VM migration and memory snapshotting using send and receive commands.
+
- VPID/ASID reuse/rollover in vmm(4).
+
- SGABIOS imported as an option ROM payload in SeaBIOS (for VGA to serial
+ console redirection.)
+
- vmd(8) resets the
+ guest VM RTC (real time clock) on host resume from suspend/hibernate
+ (OpenBSD guests only.)
+
- Allow guest VMs access to AVX/AVX2 host CPU features.
+
- Support for AMD SVM/RVI hosts.
+
- Allow larger guest VM memory sizes (up to MAXDSIZ sized guests - e.g.
+ 32GB on amd64 hosts)
+
- Better handling of guest VM MONITOR/MWAIT and HLT instructions.
+
- Various device emulation improvements in vmd(8).
+
- Increase the virtio(4)
+ queue size provided by vmd(8) from 64 to 128 entries, to increase performance.
+
- Many fixes to vmctl(8)
+ and vmd(8) error handling.
IEEE 802.11 wireless stack improvements:
- - MiRA 802.11n TX rate scaling now supports devices with unequal numbers of Tx and Rx streams. Fixes 11n mode for some athn(8) devices.
-
- The iwn(8) and iwm(8) drivers will now start scanning for a new access point if they no longer receive beacons from their current AP.
+
- MiRA 802.11n TX rate scaling now supports devices with unequal numbers
+ of Tx and Rx streams. Fixes 11n mode for some
+ athn(8) devices.
+
- The iwn(8) and
+ iwm(8) drivers will now start
+ scanning for a new access point if they no longer receive beacons from
+ the current AP.
- Prefer the 5GHz band over the 2GHz band during access point selection.
-
- Improved debug output in dmesg(8) when a wireless interface is put into debug mode with ifconfig(8).
+
- Improved debug output in
+ dmesg(8) when a wireless
+ interface is put into debug mode with
+ ifconfig(8).
Generic network stack improvements:
- - Incoming and forwarded IP packets are now processed without
- KERNEL_LOCK, resulting in better performances and reduced latency
-
- The kernel no longer handles IPv6 Stateless Address
- Autoconfiguration (RFC 4862), allowing cleanup and simplification
- of the IPv6 network stack.
-
- The kernel sends IPv6 router solicitations for link local addresses
- with a link local source address.
-
- FQ-CoDel algorithm has been implemented for use with pf(4) queueing.
-
- Improve IPv6 checks for IPsec policies and make them consistent
+
- Incoming and forwarded IP packets are now processed without
+ KERNEL_LOCK, resulting in better performances and reduced latency.
+
- The kernel no longer handles IPv6 Stateless Address
+ Autoconfiguration (RFC 4862), allowing cleanup and simplification
+ of the IPv6 network stack.
+
- The kernel sends IPv6 router solicitations for link local addresses
+ with a link local source address.
+
- FQ-CoDel algorithm has been implemented for use with pf(4) queueing.
+
- Improved IPv6 checks for IPsec policies and made them consistent
with IPv4.
-
- Refactor local IP delivery to process IPsec packets in a flow.
- Avoid that they are enqueued a second time.
+
- Refactored local IP delivery to process IPsec packets in a flow and
+ avoid enqueueing a second time.
- pf(4)
- looks into AH packets and matches on the inner protocol.
+ now inspects AH packets and matches on the inner protocol.
This makes IPv4 authentication headers work like IPv6.
- The length of extension header chains in pf(4) is limited.
- This prevents spending excessive cpu time on crafted packets.
-
- Block IPv6 packets in pf(4) that have hop-by-hop options
- header or destination options header.
- Such packets can be passed by adding "allow-opts" to the
- rule.
- So IPv6 options are handled like their counterpart in IPv4
- now.
+ This prevents spending excessive CPU time on crafted packets.
+
- Block IPv6 packets in
+ pf(4)
+ that have a hop-by-hop options header or a destination options header.
+ Such packets can be passed by adding "allow-opts" to the rule.
+ This makes IPv6 option handling consistent with IPv4.
- If the IPv4 ID gets reused too fast, pf(4) fragment reassembly
uses a smarter strategy to drop packets.
-
- Enable the use of per-CPU caches on the network packet allocators
+
- Enabled the use of per-CPU caches in the network packet allocators.
Installer improvements:
- - The installer now uses the Allotment Routing Table (ART).
-
- A unique kernel is now created by the installer to boot from after install/upgrade.
-
- On release installs of architectures supported by syspatch "syspatch -c" is added to rc.firsttime.
-
- Backwards compatibility code to support the 'rtsol' keyword in hostname.if(5) has been removed.
-
- The install.site and upgrade.site scripts are now executed at the end of the install/upgrade process.
-
- More detailed information is shown to identify disks.
-
- The IPv6 default router selection has been fixed.
-
- On the amd64 platform, the AES-NI is used if present.
+
- The installer now uses the Allotment Routing Table (ART).
+
- A unique kernel is now created by the installer to boot from after
+ install/upgrade.
+
- On release installs of architectures supported by syspatch,
+ "syspatch -c" is now added to rc.firsttime.
+
- Backwards compatibility code to support the 'rtsol' keyword in
+ hostname.if(5)
+ has been removed.
+
- The install.site and upgrade.site scripts are now
+ executed at the end of the install/upgrade process.
+
- More detailed information is shown to identify disks.
+
- The IPv6 default router selection has been fixed.
+
- On the amd64 platform, AES-NI is used if present.
Routing daemons and other userland network improvements:
- - A new daemon, slaacd(8) handles IPv6
- Stateless Address Autoconfiguration (RFC 4862).
-
- rtadvd(8) now supports
- "Reducing Energy Consumption of Router Advertisements" (RFC 7772).
+
- A new daemon, slaacd(8) handles IPv6
+ Stateless Address Autoconfiguration (RFC 4862).
+
- rtadvd(8) now supports
+ "Reducing Energy Consumption of Router Advertisements" (RFC 7772).
- rtadvd(8) has
- been fixed to quickly handle IPv6 prefixes changes on the system.
+ been fixed to quickly handle IPv6 prefixes changes on the system.
- ipsecctl(8)
- can show SA bundles now.
- The keyword "bundle" allows to create them explicitly.
- This avoids confusion as they were used implicitly before.
+ can now show SA bundles and the "bundle" keyword allows them to be
+ explicitly created. This avoids confusion as they were previously
+ used implicitly.
- nc(1)
- has got the option -W "recvlimit" to terminate netcat after
- receiving a number of packets.
- This allows to send a UDP request, receive a reply and check
- the result on the command line.
+ now has a -W recvlimit option to terminate netcat after
+ receiving the specified number of packets. This allows for a UDP
+ request to be sent, a reply to be received and the result checked on
+ the command line.
- nc(1)
- now has a -Z option, allowing the peer certificate and chain to be
+ now has a -Z option, allowing the peer certificate and chain to be
saved to a file in PEM format.
-
- A new "-T tlscompat" option was added to
+
- A new -T tlscompat option was added to
nc(1), which enables the use
of all TLS protocols and libtls "compat" ciphers.
-
- Fix a bunch of races in
- relayd(8)
+
- Various races have been fixed in
+ relayd(8),
expecially in HTTP chunked mode.
-
- ndp(8) shows the
- relevant NDP information when run in a non-default routing
- domain.
+
- ndp(8) now shows the
+ relevant NDP information when run in a non-default routing
+ domain.
- ifstated(8) now
- copes with interface departures/arrivals.
+ copes with interface departures/arrivals.
- bgpd(8) can now
- be started multiple times in different
- routing domains,
- this provides virtual router functionality.
+ be started multiple times in different
+ routing domains,
+ this provides virtual router functionality.