Copyright © 2012 The FreeBSD Documentation Project
+ +$FreeBSD: stable/9/release/doc/en_US.ISO8859-1/errata/article.sgml
+229685 2012-01-06 05:12:57Z hrs $
+
FreeBSD is a registered trademark of the FreeBSD Foundation.
+ +Intel, Celeron, EtherExpress, i386, i486, Itanium, Pentium, and Xeon are trademarks or +registered trademarks of Intel Corporation or its subsidiaries in the United States and +other countries.
+ +SPARC, SPARC64, SPARCengine, and UltraSPARC are trademarks of SPARC International, Inc +in the United States and other countries. SPARC International, Inc owns all of the SPARC +trademarks and under licensing agreements allows the proper use of these trademarks by +its members.
+ +Many of the designations used by manufacturers and sellers to distinguish their +products are claimed as trademarks. Where those designations appear in this document, and +the FreeBSD Project was aware of the trademark claim, the designations have been followed +by the “™” or the “®” symbol.
+++ +++This document lists errata items for FreeBSD 9.0-RELEASE, containing significant +information discovered after the release or too late in the release cycle to be otherwise +included in the release documentation. This information includes security advisories, as +well as news relating to the software or documentation that could affect its operation or +usability. An up-to-date version of this document should always be consulted before +installing this version of FreeBSD.
+ +This errata document for FreeBSD 9.0-RELEASE will be maintained until the release of +FreeBSD 9.1-RELEASE.
+
This errata document contains “late-breaking news” about FreeBSD +9.0-RELEASE. Before installing this version, it is important to consult this document to +learn about any post-release discoveries or problems that may already have been found and +fixed.
+ +Any version of this errata document actually distributed with the release (for +example, on a CDROM distribution) will be out of date by definition, but other copies are +kept updated on the Internet and should be consulted as the “current errata” +for this release. These other copies of the errata are located at http://www.FreeBSD.org/releases/, plus any sites which keep up-to-date +mirrors of this location.
+ +Source and binary snapshots of FreeBSD 9.0-STABLE also contain up-to-date copies of +this document (as of the time of the snapshot).
+ +For a list of all FreeBSD CERT security advisories, see http://www.FreeBSD.org/security/ or ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/.
+Problems described in the following security advisories have been fixed in +9.0-RELEASE. For more information, consult the individual advisories available from http://security.FreeBSD.org/.
+ +| Advisory | +Date | +Topic | +
|---|---|---|
| SA-11:01.mountd | +20 April 2011 | +
+ Network ACL mishandling in +mountd(8) + |
+
| SA-11:02.bind | +28 May 2011 | +
+ BIND remote DoS with large RRSIG RRsets and negative caching + |
+
| SA-11:04.compress | +28 September 2011 | +
+ Errors handling corrupt compress file in +compress(1) and + +gzip(1) + |
+
| SA-11:05.unix | +28 September 2011 | +
+ Buffer overflow in handling of UNIX socket addresses + |
+
| SA-11:06.bind | +23 December 2011 | +
+ Remote packet Denial of Service against +named(8) +servers + |
+
| SA-11:07.chroot | +23 December 2011 | +
+ Code execution via chrooted ftpd + |
+
| SA-11:08.telnetd | +23 December 2011 | +
+ telnetd code execution vulnerability + |
+
| SA-11:09.pam_ssh | +23 December 2011 | +
+ pam_ssh improperly grants access when user account has unencrypted SSH private +keys + |
+
| SA-11:10.pam | +23 December 2011 | +
+
|
+
This file, and other release-related documents, can be +downloaded from http://www.FreeBSD.org/releases/.
+ +For questions about FreeBSD, read the documentation before contacting <questions@FreeBSD.org>.
+ +All users of FreeBSD 9.0-STABLE should subscribe to the <stable@FreeBSD.org> mailing list.
+ +For questions about this documentation, e-mail <doc@FreeBSD.org>.
+ + + diff --git a/en/releases/9.0R/relnotes-detailed.html b/en/releases/9.0R/relnotes-detailed.html new file mode 100644 index 0000000000..afdf8e6fb0 --- /dev/null +++ b/en/releases/9.0R/relnotes-detailed.html @@ -0,0 +1,2584 @@ + + + + +Copyright © 2012 The FreeBSD Documentation Project
+ +$FreeBSD: stable/9/release/doc/en_US.ISO8859-1/relnotes/article.sgml
+229998 2012-01-12 00:34:54Z hrs $
+
FreeBSD is a registered trademark of the FreeBSD Foundation.
+ +IBM, AIX, EtherJet, Netfinity, OS/2, PowerPC, PS/2, S/390, and ThinkPad are trademarks +of International Business Machines Corporation in the United States, other countries, or +both.
+ +IEEE, POSIX, and 802 are registered trademarks of Institute of Electrical and +Electronics Engineers, Inc. in the United States.
+ +Intel, Celeron, EtherExpress, i386, i486, Itanium, Pentium, and Xeon are trademarks or +registered trademarks of Intel Corporation or its subsidiaries in the United States and +other countries.
+ +SPARC, SPARC64, SPARCengine, and UltraSPARC are trademarks of SPARC International, Inc +in the United States and other countries. SPARC International, Inc owns all of the SPARC +trademarks and under licensing agreements allows the proper use of these trademarks by +its members.
+ +Many of the designations used by manufacturers and sellers to distinguish their +products are claimed as trademarks. Where those designations appear in this document, and +the FreeBSD Project was aware of the trademark claim, the designations have been followed +by the “™” or the “®” symbol.
+The release notes for FreeBSD 9.0-RELEASE contain a summary of the changes made to the +FreeBSD base system on the 9.0-STABLE development line. This document lists applicable +security advisories that were issued since the last release, as well as significant +changes to the FreeBSD kernel and userland. Some brief remarks on upgrading are also +presented.
+This document contains the release notes for FreeBSD 9.0-RELEASE. It describes +recently added, changed, or deleted features of FreeBSD. It also provides some notes on +upgrading from previous versions of FreeBSD.
+ +This distribution of FreeBSD 9.0-RELEASE is a release distribution. It can be found at +http://www.FreeBSD.org/releases/ or any of its mirrors. More +information on obtaining this (or other) release distributions of FreeBSD can be found in +the “Obtaining FreeBSD” appendix to the FreeBSD +Handbook.
+ +All users are encouraged to consult the release errata before installing FreeBSD. The +errata document is updated with “late-breaking” information discovered late +in the release cycle or after the release. Typically, it contains information on known +bugs, security advisories, and corrections to documentation. An up-to-date copy of the +errata for FreeBSD 9.0-RELEASE can be found on the FreeBSD Web site.
+This section describes the most user-visible new or changed features in FreeBSD since +8.2-RELEASE.
+ +Typical release note items document recent security advisories issued after +8.2-RELEASE, new drivers or hardware support, new commands or options, major bug fixes, +or contributed software upgrades. They may also list changes to major ports/packages or +release engineering practices. Clearly the release notes cannot list every single change +made to FreeBSD between releases; this document focuses primarily on security advisories, +user-visible changes, and major architectural improvements.
+ +Problems described in the following security advisories have been fixed. For more +information, consult the individual advisories available from http://security.FreeBSD.org/.
+ +| Advisory | +Date | +Topic | +
|---|---|---|
| SA-11:01.mountd | +20 April 2011 | +
+ Network ACL mishandling in +mountd(8) + |
+
| SA-11:02.bind | +28 May 2011 | +
+ BIND remote DoS with large RRSIG RRsets and negative caching + |
+
| SA-11:04.compress | +28 September 2011 | +
+ Errors handling corrupt compress file in +compress(1) and + +gzip(1) + |
+
| SA-11:05.unix | +28 September 2011 | +
+ Buffer overflow in handling of UNIX socket addresses + |
+
| SA-11:06.bind | +23 December 2011 | +
+ Remote packet Denial of Service against +named(8) +servers + |
+
| SA-11:07.chroot | +23 December 2011 | +
+ Code execution via chrooted ftpd + |
+
| SA-11:08.telnetd | +23 December 2011 | +
+ telnetd code execution vulnerability + |
+
| SA-11:09.pam_ssh | +23 December 2011 | +
+ pam_ssh improperly grants access when user account has unencrypted SSH private +keys + |
+
| SA-11:10.pam | +23 December 2011 | +
+
|
+
FreeBSD kernel now supports Capsicum Capability Mode. Capsicum is a set of features +for sandboxing support, using a capability model in which the capabilities are file +descriptors. Two new kernel options CAPABILITIES and CAPABILITY_MODE have been added to GENERIC +kernel. For more information about Capsicum, see http://www.cl.cam.ac.uk/research/security/capsicum/.[r219129]
+ +[amd64, i386] The FreeBSD +dtrace(1) +framework now supports systrace for system calls of linux32 and freebsd32 on FreeBSD/amd64. Two +new systrace_linux32 and systrace_freebsd32 kernel modules provide support for tracing +compat system calls in addition to native system call tracing provided by the systrace module.[r219559, r219561]
+ +[amd64, i386, powerpc] FreeBSD ELF image activator now supports PT_GNU_STACK program header. This is disabled by default. New
+sysctl(8)
+variables kern.elf32.nxstack and kern.elf64.nxstack allow to enable PT_GNU_STACK for the specified ABIs (e.g. elf32 for 32-bit ABI).[r217152, r217396]
The +hhook(9) (Helper +Hook) and +khelp(9) (Kernel +Helpers) KPI have been implemented. These are a kind of superset of +pfil(9) +framework for more general use in the kernel. The +hhook(9) KPI +provides a way for kernel subsystems to export hook points that +khelp(9) modules +can hook to provide enhanced or new functionality to the kernel. The +khelp(9) KPI +provides a framework for managing +khelp(9) +modules, which indirectly use the +hhook(9) KPI to +register their hook functions with hook points of interest within the kernel. These allow +a structured way to dynamically extend the kernel at runtime in an ABI preserving +manner.[r216758, r216615]
+ +[amd64, i386, pc98] A
+loader(8)
+tunable hw.memtest.tests has been added. This controls
+whether performing a memory testing at boot time or not. The default value is 1 (performs a memory test).[r224516]
A new resource accounting API has been implemented. It can keep per-process, per-jail, +and per-loginclass resource accounting information. Note that this is not built nor +installed by default. To build and install them, specify options +RACCT in the kernel configuration file and rebuild the base system as described in +FreeBSD Handbook.[r220137]
+ +A new resource limiting API has been implemented. It works in conjunction with RACCT resource accounting implementation and takes user-configurable +actions based on the set of rules it maintains and the current resource usage. The +rctl(8) utility +has been added to manage the rules in userland. Note that this is not built nor installed +by default. To build and install them, specify options RCTL in +the kernel configuration file and rebuild the base system as described in FreeBSD Handbook.[r220163]
+ +The +sendmsg(2) and + +recvmsg(2) +system calls in FreeBSD Linux ABI compatibility have been improved.[r220031]
+ +The +open(2) and +fhopen(2) system +calls now support O_CLOEXEC flag, which allows to set FD_CLOEXEC flag for the newly created file descriptor. This is +standardized in IEEE Std 1003.1-2008 (POSIX, Single UNIX Specification Version 4).[r219999]
+ ++posix_fallocate(2) system call has been +implemented. This is a function in POSIX to ensure that a part of storage for regular +file data is allocated on the file system storage media.[r220791]
+ +Two new system calls setloginclass(2) and getloginclass(2) have been added. This makes it possible for the
+kernel to track login class the process is assigned to, which is required for RCTL resource limiting framework.[r219304]
[amd64] FreeBSD now supports executing FreeBSD 1/i386 a.out binaries on FreeBSDamd64. +Note that this is not built nor installed by default. To build and install them, specify +options COMPAT_43 in the kernel configuration file and rebuild +the base system as described in FreeBSD Handbook.[r220238]
+ +The following +sysctl(8) +variables have been added to show availability of various kernel features:[r218485, r219028, r219029]
+ +| +sysctl(8) +variable name | +Description | +
|---|---|
kern.features.ufs_acl |
+ACL (Access Control List) support in UFS | +
kern.features.ufs_gjournal |
+journaling support through +gjournal(8) for +UFS | +
kern.features.ufs_quota |
+UFS disk quotas support | +
kern.features.ufs_quota64 |
+64-bit UFS disk quotas support | +
kern.features.softupdates |
+FFS soft-updates support | +
kern.features.ffs_snapshot |
+FFS snapshot support | +
kern.features.nfsclient |
+NFS client (old implementation) | +
kern.features.nfscl |
+NFS client (new implementation) | +
kern.features.nfsserver |
+NFS server (old implementation) | +
kern.features.nfsd |
+NFS server (new implementation) | +
kern.features.kdtrace_hooks |
+Kernel DTrace hooks which are required to load DTrace kernel modules | +
kern.features.ktr |
+Kernel support for KTR kernel tracing facility | +
kern.features.ktrace |
+Kernel support for system call tracing | +
kern.features.hwpmc_hooks |
+Kernel support for HW PMC | +
kern.features.sysv_msg |
+System V message queues support | +
kern.features.sysv_sem |
+System V semaphores support | +
kern.features.p1003_1b_mqueue |
+POSIX P1003.1B message queues support | +
kern.features.p1003_1b_semaphores |
+POSIX P1003.1B semaphores support | +
kern.features.kposix_priority_scheduling |
+POSIX P1003.1B real-time extensions | +
kern.features.stack |
+Support for capturing kernel stack | +
kern.features.sysv_shm |
+System V shared memory segments support | +
kern.features.pps_sync |
+Support usage of external PPS signal by kernel PLL | +
kern.features.regression |
+Kernel support for interfaces necessary for regression testing | +
kern.features.invariant_support |
+Support for modules compiled with INVARIANTS option | +
kern.features.zero_copy_sockets |
+Zero copy sockets support | +
kern.features.libmchain |
+mchain library | +
kern.features.scbus |
+SCSI devices support | +
kern.features.mac |
+Mandatory Access Control Framework support | +
kern.features.audit |
+BSM audit support | +
kern.features.geom_gate |
+GEOM Gate module | +
kern.features.geom_uzip |
+GEOM uzip read-only compressed disks support | +
kern.features.geom_cache |
+GEOM cache module | +
kern.features.geom_mirror |
+GEOM mirroring support | +
kern.features.geom_stripe |
+GEOM striping support | +
kern.features.geom_concat |
+GEOM concatenation support | +
kern.features.geom_raid3 |
+GEOM RAID-3 functionality | +
kern.features.geom_fox |
+GEOM FOX redundant path mitigation support | +
kern.features.geom_multipath |
+GEOM multipath support | +
kern.features.g_virstor |
+GEOM virtual storage support | +
kern.features.geom_bde |
+GEOM-based Disk Encryption | +
kern.features.geom_eli |
+GEOM crypto module | +
kern.features.geom_journal |
+GEOM journaling support | +
kern.features.geom_shsec |
+GEOM shared secret device support | +
kern.features.geom_vol |
+GEOM support for volume names from UFS superblock | +
kern.features.geom_label |
+GEOM labeling support | +
kern.features.geom_sunlabel |
+GEOM Sun/Solaris partitioning support | +
kern.features.geom_bsd |
+GEOM BSD disklabels support | +
kern.features.geom_pc98 |
+GEOM NEC PC9800 partitioning support | +
kern.features.geom_linux_lvm |
+GEOM Linux LVM partitioning support | +
kern.features.geom_part_pc98 |
+GEOM partitioning class for PC-9800 disk partitions | +
kern.features.geom_part_vtoc8 |
+GEOM partitioning class for SMI VTOC8 disk labels | +
kern.features.geom_part_bsd |
+GEOM partitioning class for BSD disklabels | +
kern.features.geom_part_ebr |
+GEOM partitioning class for extended boot records support | +
kern.features.geom_part_ebr_compat |
+GEOM EBR partitioning class: backward-compatible partition names | +
kern.features.geom_part_gpt |
+GEOM partitioning class for GPT partitions support | +
kern.features.geom_part_apm |
+GEOM partitioning class for Apple-style partitions | +
kern.features.geom_part_mbr |
+GEOM partitioning class for MBR support | +
The default boot loader menu has been updated.[r222417]
+ +[ia64] The +loader(8) loader +now supports PBVM (Pre-Boot Virtual Memory). This allows to link the kernel at a fixed +virtual address without having to make any assumptions about the physical memory layout. +The PBVM also allows fine control of the address where the kernel and its modules to be +loaded.[r219541]
+[powerpc] FreeBSD/powerpc now supports Sony Playstation 3 using the OtherOS feature +available on firmwares 3.15 and earlier.[r217044]
+ +A new
+loader(8)
+tunable machdep.disable_tsc has been added. Setting this to
+a non-zero value disables use of TSC (Time Stamp Counter) by turning off boot-time CPU
+frequency calibration, DELAY(9) with TSC, and using TSC as a CPU ticker. Another new
+loader(8)
+tunable machdep.disable_tsc_calibration allows to skip TSC
+frequency calibration only. This is useful when one wants to use the nominal frequency of
+the chip in Intel processors, for example.[r219473, r220577]
[amd64, i386] The FreeBSD +usb(4) subsystem +now supports USB 3.0 by default.[r223098]
+ +The FreeBSD +usb(4) subsystem +now supports USB packet filter. This allows to capture packets which go through each USB +host controllers. The implementation is almost based on +bpf(4) code. The +userland program +usbdump(8) has +been added.[r215649]
+ +A bug in +alc(4) driver +which could make AR8152-based network interfaces stop working has been fixed.[r217649]
+ +A bxe(4) driver for Broadcom NetXtreme II 10GbE controller (BCM57710, BCM57711, +BCM57711E) has been added.[r219647]
+ +A +cxgb(4) driver +has been updated to version 7.11.0.[r220009]
+ +A +cxgbe(4) driver +for Chelsio T4 (Terminator 4) based 10Gb/1Gb adapters has been added.[r218794]
+ +[i386] The dc(4) driver now
+works correctly in the kernel with PAE option.[r218832]
The em(4) driver has been +updated to version 7.3.2.[r219753]
+ +The +igb(4) driver +has bee updated to version 2.2.5.[r223350]
+ +The +igb(4) driver +now supports Intel I350 PCIe Gigabit Ethernet controller.[r218530]
+ +The +ixgbe(4) driver +has been updated to version 2.3.8.[r217593]
+ +Firmware images in the +iwn(4) driver +for 1000, 5000, 6000, and 6500 series have been updated.[r220892]
+ +A bug in +msk(4) driver +has been fixed. It could prevent the RX checksum offloading from working.[r216860]
+ +A bug in +nfe(4) driver +which could prevent reinitialization after changing the MTU has been fixed.[r217794]
+ +A bug in +ral(4) and +run(4) drivers +which could prevent hostap mode from working has been fixed.[r217511]
+ +A rdcphy(4) driver for RDC Semiconductor R6040 10/100 PHY has been added.[r216828]
+ +The re(4) driver now +supports RTL8168E/8111E-VL PCIe Gigabit Ethernet controllers and RTL8401E PCIe Fast +Ethernet controller.[r217498, r218760]
+ +The re(4) driver now +supports TX interrupt moderation on RTL810xE PCIe Fast Ethernet controllers.[r217766]
+ +The re(4) driver now
+supports another mechanism for RX interrupt moderation because of performance problem. A
+
+sysctl(8)
+variable dev.re.N.int_rx_mod has been added to control amount of
+time to delay RX interrupt processing in units of microsecond. Setting it to 0 completely disables RX interrupt moderation. A
+loader(8)
+tunable hw.re.intr_filter controls whether the old mechanism
+utilizing MSI/MSI-X capability on the supported controllers is used or not. When setting
+it to a non-zero value, the re(4) driver uses the
+old mechanism. The default value is 0 and this tunable has no
+effect on controllers without MSI/MSI-X capability.[r217902]
The re(4) driver now +supports TSO (TCP Segmentation Offload) on RealTek RTL8168/8111 C or later controllers. +Note that this is disabled by default because broken frames can be sent under certain +conditions.[r217246, r217832]
+ +The re(4) driver now +supports enabling TX and/or RX checksum offloading independently from each other. Note +that TX IP checksum is disabled on some RTL8168C-based network interfaces because it can +generate an wrong IP checksum when the packet contains IP options.[r217381, r218289]
+ +A bug in the re(4) driver has been +fixed. It could cause a panic when receiving a jumbo frame on an RTL8169C, 8169D, or +8169E controller-based network interface.[r217296]
+ +The re(4) driver now +support RTL8105E PCIe Fast Ethernet controller.[r217911]
+ +The rlphy(4) driver now support Realtek RTL8201E 10/100 PHY found in RTL8105E +controller.[r217910]
+ +A bug in the +sis(4) driver +has been changed. It could prevent a proper reinitialization on DP83815, DP83816, and SiS +900/7016 controllers when configuration of multicast packet handling and/or promiscuous +mode is changed.[r217548]
+ +A bug in +vlan(4) pseudo +interface han been fixed. It could have a random interface identifier in an automatically +configured IPv6 link-local address, instead of one generated with the parent interface's +IEEE 802 48-bit MAC address and an algorithm described in RFC 4291.[r216650]
+ +A +vte(4) driver +for RDC R6040 Fast Ethernet controller, which is commonly found on Vortex86 System On a +Chip, has been added.[r216829]
+ +A +vxge(4) driver +for Neterion X3100 10GbE Server/Storage adapter has been added.[r221167]
+ +A bug in +wpi(4) driver +has been fixed. It could display the following error messages and result in the device +unusable:[r216824]
+ ++wpi0: could not map mbuf (error 12) +wpi0: wpi_rx_intr: bus_dmamap_load failed, error 12 ++
The +ipfw(8) now +supports IPv6 in the fwd action.[r225044]
+ +The +ipfw(8) now +supports call and return action. Upon +the call action, The current rule number is saved in the +internal stack and ruleset processing continues with the first rule numbered number or +higher. The return action takes rule number saved to internal +stack by the last call action and returns ruleset processing to +the first rule with number greater than number of corresponding call rule.[r223666]
+ +FreeBSD +ipsec(4) support +now uses a half of the hash size as the authenticator hash size in Hashed Message +Authentication Mode (HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512) as described in RFC +4868. This was 96-bit fixed length in prior releases because the implementation was based +on an old Internet draft draft-ietf-ipsec-ciph-sha-256-00. Note that this means +9.0-RELEASE and later are no longer interoperable with the older FreeBSD releases.[r218794]
+ +For Infiniband support, OFED (OpenFabrics Enterprise Distribution) version 1.5.3 has +been imported into the base system. Note that this is not built nor installed by default. +To build and install them, specify WITH_OFED=yes in /etc/src.conf and rebuild the base system as described in FreeBSD Handbook.[r219820]
+ +FreeBSD TCP/IP network stack now supports IPv4 prefixes with /31 as described in RFC +3021, “Using 31-Bit Prefixes on IPv4 Point-to-Point Links”.[r226572]
+ +A bug in FreeBSD TCP/IP network stack has been fixed. The source address selection +could not being performed when multicast options were present but without an interface +being specified.[r217169]
+ +A bug in IPV6_PKTINFO option used in +sendmsg(2) has +been fixed. The caused IPV6_USE_MIN_MTU state set by +setsockopt(2) +was ignored.[r225682]
+ +FreeBSD TCP/IP network stack now supports
+mod_cc(9)
+pluggable congestion control framework. This allows TCP congestion control algorithms to
+be implemented as dynamically loadable kernel modules. The following kernel modules are
+available as of 9.0-RELEASE:
+cc_chd(4) for
+CAIA-Hamilton-Delay algorithm,
+cc_cubic(4) for
+CUBIC algorithm,
+cc_hd(4) for
+Hamilton-Delay algorithm,
+cc_htcp(4) for
+H-TCP algorithm,
+cc_newreno(4)
+for NewReno algorithm, and
+cc_vegas(4) for
+Vegas algorithm. The default algorithm can be set by a new
+sysctl(8)
+variable net.inet.tcp.cc.algorithm. The value must be set to
+one of the names listed by the net.inet.tcp.cc.available,
+and newreno is set at boot time. For more detail, see
+mod_cc(4) and
+mod_cc(9) manual
+pages.[r216109, r216114, r216115, r218152, r218153, r218155]
An +h_ertt(4) +(Enhanced Round Trip Time) +khelp(9) module +has been added. This module allows per-connection, low noise estimate of the +instantaneous RTT in the TCP/IP network stack with a robust implementation even in the +face of delayed acknowledgments and/or TSO (TCP Segmentation Offload) being in use for a +connection.[r217806]
+ +A new +tcp(4) socket +option TCP_CONGESTION has been added. This allows to select or +query a congestion control algorithm that the TCP/IP network stack will use for +connections on the socket.[r218912]
+ +The +ng_ipfw(4) +netgraph(4) node +now supports IPv6.[r225586]
+ +The +ng_one2many(4) + +netgraph(4) node +now supports XMIT_FAILOVER transmit algorithm. This makes +packets deliver out the first active many hook.[r219127]
+ +The +ng_netflow(4) +netgraph(4) node +now supports NetFlow version 9. A new export9 hook has been +added for NetFlow v9 data. Note that the data export can be done simultaneously in both +version 5 and version 9.[r219183]
+The
+ada(4) driver
+now supports write cache control. A new
+sysctl(8)
+variable kern.cam.ada.write_cache determines whether write
+cache of the
+ada(4) devices
+is enabled or not. Setting to 1 enables and 0 disables, and -1 leaves it the device
+default.
+sysctl(8)
+variables kern.cam.ada.N.write_cache can override the configuration in a
+per-device basis (the default value is -1, which means to use
+the global setting). Note that the value can be changed at runtime, but it takes effect
+only after a device reset.[r220412]
The +arcmsr(4) driver +has been updated to version 1.20.00.22.[r224905]
+ +The +cam(4) subsystem +now supports descriptor format sense data in SPC-3 (SCSI Primary Commands 3) +specification.[r226067]
+ +The +geom_map(4) GEOM +class has been added. This allows to generate multiple geom providers based on a +hard-coded layout of a device with no explicit partition table such as embedded flash +storage. For more information, see +geom_map(4) +manual page.[r220559]
+ +The +gpart(8) GEOM +class now supports the following aliases for the MBR and EBR schemes: fat32, ebr, linux-data, linux-raid, and linux-swap.[r218014]
+ +The +gpart(8) GEOM +class now supports bios-boot GUID for the GPT scheme which is +used in GRUB 2 loader.[r218014]
+ ++graid(8) GEOM +class has been added. This is a replacement of +ataraid(4) +driver supporting various BIOS-based software RAID.[r219974]
+ +The
+sysctl(8)
+variable kern.geom.confxml now contains information about
+disk identification in an <ident> tag and disk model
+string in a <descr> tag.[r219056]
The md(4) memory-backed
+pseudo disk device driver now supports a
+sysctl(8)
+variable vm.md_malloc_wait to specify whether a
+malloc-backed disk to using M_WAITOK or M_NOWAIT for
+malloc(9) calls.
+The M_WAITOK can prevent memory allocation failure under
+high load. If it is set to 0, a malloc-backed disk uses M_NOWAIT for memory allocation. The default value is 0.[r216793]
A bug in the +mmc(4) driver +that could fail in device detection has been fixed.[r216941, r217509]
+ +The +mxge(4) driver +has been updated.[r223958]
+ +A +tws(4) driver +for 3ware 9750 SATA+SAS 6Gb/s RAID controller has been added.[r226115]
+The FreeBSD Fast File System now supports softupdates journaling. It introduces a
+intent log into a softupdates-enabled file system which eliminates the need for
+background
+fsck(8) even on
+unclean shutdown. This can be enabled in a per-filesystem basis by using a -j flag in the
+newfs(8) utility
+or a -j enable option in the
+tunefs(8)
+utility. Note that the 9.0-RELEASE installer automatically enables the softupdates
+journaling for newly-created UFS file systems.[r207141, r218726]
The FreeBSD Fast File System now supports TRIM command when
+freeing data blocks. A new flag -t in the
+newfs(8) and
+tunefs(8)
+utilities sets the TRIM-enable flag in a file system. The TRIM-enable flag makes the file
+system send a delete request to the underlying device for each freed block. The TRIM command is specified as Data Set Management Command in
+ATA8-ACS2 standard to carry the information related to deleted data blocks to device,
+especially for SSD (Solid-State Drive) for optimization.[r216796]
A new flag -E has been added to
+newfs(8) and
+fsck_ffs(8)
+utilities. This clears unallocated blocks, notifying the underlying device that they are
+not used and that their contents may be discarded. This is useful in
+fsck_ffs(8) for
+file systems which have been mounted on systems without TRIM
+support, or with TRIM support disabled, as well as filesystems
+which have been copied from one device to another.[r221233]
The FreeBSD NFS subsystem has been updated. The new implementation supports NFS
+version 4 in addition to 2 and 3. The kernel options for the NFS server and client are
+changed from NFSSERVER and NFSCLIENT to
+NFSD and NFSCL.
+sysctl(8)
+variables which start with vfs.nfssrv. have been renamed
+with vfs.nfsd.. The NFS server now supports vfs.nfsd.server_max_nfsvers and vfs.nfsd.server_min_nfsvers
+sysctl(8)
+variables to specify the maximum and the minimum version number which the server accepts.
+The default value is set to 3 and 2,
+respectively.[r221124]
To enable NFSv4, the following variables are needed on the server side in +rc.conf(5):
+ ++nfsv_server_enable="YES" +nfsv4_server_enable="YES" +nfsuserd_enable="YES" ++ +
and the following line is needed in /etc/exports:
+ ++V4: / ++ +
For more information about NFSv4 and its configuration, see +nfsv4(4) and +exports(5) +manual pages.
+ +The FreeBSD NFS subsystem now supports a nocto mount
+option. This disables close-to-open cache coherency check at open time. This option may
+improve performance for read-only mounts, but should only be used if the data on the
+server changes rarely. The
+mount_nfs(8)
+utility now also supports this flag keyword.[r221436]
A
+loader(8)
+tunable vfs.typenumhash has been added and set to 1 by default. This enables to use a hash calculation on file system
+identification number internally used in the kernel. This fixes “Stale NFS file
+handle” error on NFS clients when upgrading or rebuilding the kernel on the NFS
+server due to unexpected change of the values.[r225537]
The FreeBSD ZFS subsystem has been updated to the SPA (Storage Pool Allocator, also
+known as zpool) version 28. It now supports data deduplication, triple parity RAIDZ
+(raidz3), snapshot holds, log device removal, zfs diff, zpool split, zpool import -F, and read-only zpool import.[r219089]
Complex exponential functions +cexp(3) and +cexpf(3), and +cube root function +cbrtl(3) have +been added to libm.[r219359, r219571]
+ +The +bsdtar(1) and +cpio(1) utility +are now based on libarchive version 2.8.4.[r224152, r224153, r224154]
+ +The
+cpuset(1)
+utility now supports a -C flag to create a new cpuset and
+assign an existing process into that set, and an all keyword in
+-l cpu-list option to
+specify all CPUs in the system.[r217416]
The
+dhclient(8)
+utility now uses
+resolvconf(8) to
+manage the
+resolv.conf(5)
+file by default. A resolvconf_enable variable in /etc/dhclient-enter-hooks controls the behavior.[r219739]
A bug in the +fetch(1) utility +which could prevent STAT FTP command from working properly has +been fixed.[r217505]
+ +The
+gpart(8) utility
+now supports a -p flag to show
+subcommand. This allows to show provider's names of partitions instead of partition's
+indexes.[r219415]
The +hastd(8) utility +now drops root privileges of the worker processes to hast user.[r218049]
+ +The +hastd(8) utility +now supports checksum keyword to specify checksum algorithm in a +resource section. As of 9.0-RELEASE, none, sha256, and crc32 are supported.[r219351]
+ +The +hastd(8) utility +now supports compression keyword to specify compression +algorithm in a resource section. As of 9.0-RELEASE, none, hole and lzf +are supported.[r219354]
+ +The +hastd(8) utility +now supports source keyword to specify the local address to bind +to before connecting the remote +hastd(8) +daemon.[r219818]
+ +An implementation of iconv() API libraries and utilities
+which are standardized in Single UNIX Specification have been imported. These are based
+on NetBSD's Citrus implementation. Note that these are not built nor installed by
+default. To build and install them, specify WITH_ICONV=yes in
+/etc/src.conf and rebuild the base system described in FreeBSD Handbook.[r219019]
The +ifconfig(8) +utility now supports fdx, flow, hdx, and loop keywords as aliases of full-duplex, flowcontrol, half-duplex, and loopback, respectively.[r217013]
+ ++readline(3) API +set has been imported into libedit. This is based on NetBSD's +implementation and BSD licensed utilities now use it instead of GNU libreadline.[r220370]
+ +The +makefs(8) +utility now supports ISO 9660 format.[r224762]
+ +libmd and libcrypt now support +SHA-256 and SHA-512 algorithm.[r220496, r220497]
+ +The +netstat(1) +utility now does not expose internal scope address representation used in the FreeBSD +kernel, which is derived from KAME IPv6 stack, in the results of netstat -ani and netstat -nr.[r217642]
+ +The +newsyslog(8) +utility now supports xz(1) compression. An +X flag in the optional field has been added to specify the +compression.[r218127]
+ +The
+pam_group(8)
+module now supports ruser and luser options. The ruser make it accept
+or reject based on the supplicant's group membership and this is the default behavior.
+The luser checks the target user's group membership instead
+of the supplicant's one. If neither option was specified,
+pam_group(8)
+assumes ruser and issues a warning.[r219563]
A +poweroff(8) +utility has been added. This is equivalent to:[r216823]
+ ++# shutdown -p now ++ +
The +ppp(8) utility +now supports iface name name +and iface description description commands. These have the same +functionalities as name and description +subcommands in the +ifconfig(8) +utility.[r218397]
+ +The ps(1) utility now
+supports an -o class option to display login class
+information of each process, and -o usertime and -o systime options for accumulated system and user CPU time,
+respectively.[r219307, r219713]
The +rtadvd(8) daemon +now supports noifprefix keyword to disable gathering on-link +prefixes from interfaces when no addr keyword is specified. An +entry in rtadvd.conf with noifprefix +and no addr generates an RA message with no prefix information +option.[r222732]
+ +The +rtsold(8) and +rtadvd(8) daemon +now support RDNSS and DNSSL option described in RFC 6106, “IPv6 Router +Advertisement Options for DNS Configuration”. A +rtadvctl(8) +utility to control the +rtadvd(8) daemon +has been added.[r222732, r224006]
+ +The
+rtld(1) runtime
+linker now supports shared objects as filters in ELF shared libraries. Both standard and
+auxiliary filtering have been supported. The
+rtld(1) linker's
+processing of a filter defers loading a filtee until a filter symbol is referenced unless
+LD_LOADFLTR environment variable is defined or a -z loadfltr option was specified when the filter was created.[r216695]
A race condition in the
+sed(1) utility
+has been fixed. When an -i option is specified, it could
+cause a short time window with no file with the original file name.[r217133]
The sh(1) program now +supports kill as a built-in command. This allows specifying %job which is equivalent to the +corresponding process group. Note that this built-in command returns the exit status 2 instead of 1 if an fatal error occurs as +other built-in commands do.[r216629]
+ +A bug in the sh(1) program has +been fixed for POSIX conformance. It could return an wrong exit status when an exit command with no parameter is specified in the EXIT trap handler, which is triggered when the shell terminates. In +trap actions for other signals, exit command with no parameter +returns an exit status corresponding to the received signal.[r217176, r217472]
+ +A bug in the sh(1) program has +been fixed. When a foreground job exits on a signal, a message is printed to stdout about this. The buffer was not flushed after this which +could result in the message being written to the wrong file if the next command was a +built-in and had stdout redirected.[r217557]
+ +The sh(1) program now
+supports a -- flag in trap command
+to stop the option processing.[r217461]
%builtin keyword support in $PATH variable has been removed in the sh(1) program. All
+built-in commands are always found before looking up directories in $PATH.[r217206]
Arithmetic expression handling code in the sh(1) program has +been updated by importing code from dash. It now supports +conditional operator (?:) and a bug in evaluation of && +and || around an arithmetic expression has been fixed.[r218466]
+ +A bug in the +tftpd(8) daemon +has been fixed. It had an interoperability issue when transferring a large file.[r224536]
+ +The +utmp(5) user +accounting database has been replaced by +utmpx(3). User +accounting utilities will now use utmpx database files +exclusively. The +wtmpcvt(1) +utility can be used to convert wtmp files to the new format, +making it possible to read them using the updated utilities.[r202188]
+ +A +utxrm(8) utility +has been added. This allows one to remove an entry from the utmpx database by hand. This is useful when a login daemon crashes +or fails to remove the entry during shutdown.[r218847]
+ +The +zpool(8): +utility now supports zpool labelclear command. This allows to +wipe the label data from a drive that is not active in a pool.[r224171]
+ACPI CA has been updated to version 20110527.[r222544]
+ +The awk has been updated to the 7 August 2011 release.[r224731]
+ +ISC BIND has been updated to version 9.8.1-P1.[r228189]
+ +GNU binutils has been updated to 2.17.50 (as of 3 July +2007), which is the last available version under GPLv2.[r218822]
+ +The compiler-rt library, which provides low-level +target-specific interfaces such as functions in libgcc, has +been imported.[r222656]
+ +dialog has been updated to version 1.1-20110707.[r224014]
+ +The netcat utility has been updated to version 4.9.[r221793]
+ +The tnftp (formerly known as lukemftp) has been updated to tnftp-20100108.[r223328]
+ +GNU GCC and libstdc++ have been +updated to rev 127959 of gcc-4_2-branch (the last GPLv2-licensed +version).[r220150]
+ +gdtoa, a set of binary from/to decimal number conversion +routines used in FreeBSD libc library has been updated to a +snapshot as of 4 March, 2011.[r219557]
+ +The LESS program has been updated to version v444.[r222906]
+ +The LLVM compiler infrastructure and the clang, a C language family front-end, version 3.0 have been
+imported. Note that it is not used for building the FreeBSD base system. In FreeBSD build
+infrastructure, the
+clang(1),
+clang++(1), and
+
+clang-cpp(1)
+utilities can be used in CC, CXX, and CPP
+make(1)
+variables, respectively.[r208954]
The openresolv version 3.4.4 has been imported. The +resolvconf(8) +utility now handles +resolv.conf(5) +file.[r219734]
+ +The OpenSSH utility has been updated to 5.8p2, and +optimization for large bandwidth-delay product connection and none cipher support have been merged[r221484, r224638]
+ +The pf packet filter has been updated to version 4.5.[r223637]
+ +The sendmail has been updated to version 8.14.5.[r223067]
+ +The timezone database has been updated to the tzdata2011m release.[r226750]
+ ++unifdef(1) +utility has been updated to version 2.5.6.[r217698]
+ +The xz program has been updated from 5.0.0 to a snapshot as +of 11 July, 2011.[r223935]
+A new installer +bsdinstall(8) +has been added and integrated into installation ISO images. The +sysinstall(8) +utility is also available for settings after the installation.[r218799]
+ +The supported version of the KDE desktop environment (x11/kde4) has been updated from 4.5.5 to 4.7.3.
+[amd64, i386] Beginning with FreeBSD 6.2-RELEASE, binary upgrades between RELEASE +versions (and snapshots of the various security branches) are supported using the +freebsd-update(8) utility. The binary upgrade +procedure will update unmodified userland utilities, as well as a unmodified GENERIC +kernel distributed as a part of an official FreeBSD release. The +freebsd-update(8) utility requires that the host +being upgraded have Internet connectivity.
+ +Source-based upgrades (those based on recompiling the FreeBSD base system from source +code) from previous versions are supported, according to the instructions in /usr/src/UPDATING.
+ +For more specific information about upgrading instructions, see http://www.FreeBSD.org/releases/9.0R/installation.html.
+ +++Important: Upgrading FreeBSD should, of course, only be attempted after backing +up all data and configuration +files.
+
This section describes notable incompatibilities which you might want to know before +upgrading your system. Please read this +section and Errata document carefully before submitting a problem report and/or +posting a question to the FreeBSD mailing lists.
+ +The dialog library is used in FreeBSD new installer and +FreeBSD Ports Collection to display a dialog window and allow users to select various +options. Note that it is updated in 9.0-RELEASE and there is several differences in the +key operation which might confuse users who are familiar with releases prior to +9.0-RELEASE. For example, pushing enter key in a check list window is no longer able to +be used to check an item. The new version consistently supports space bar for selecting +an item and enter key for OK/Cancel selection.
+FreeBSD now checks the integrity of partition metadata when a partition table is found +on a disk though GEOM PART subsystem. This detection is +automatically performed when a disk device is ready. GEOM PART +class in the kernel verifies all generic partition parameters obtained from the disk +metadata, and if some inconsistency is detected, the partition table will be rejected +with the following diagnostic message:
+ ++GEOM_PART: Integrity check failed ++ +
This integrity check is enabled by default. On a system prior to 9.0-RELEASE, the +inconsistencies were silently ignored. Therefore, there is possibility that this prevents +a system from booting after upgrading it to 9.0-RELEASE. More specifically, the kernel +cannot mount the system partition at boot time in some cases.
+ +If this happens, a
+loader(8)
+tunable kern.geom.part.check_integrity can be used as a
+workaround. Enter the following lines in the
+loader(8) prompt
+at boot time:
+set kern.geom.part.check_integrity="0" +boot ++ +
These commands temporarily disable the integrity check. If it was the cause, the +FreeBSD kernel should detect the partitions after entering the commands as the prior +release did. This configuration can be added into /boot/loader.conf like the following:
+ ++kern.geom.part.check_integrity="0" ++ +
To check inconsistent metadata after booting on the system, use the +gpart(8) utility +on the system. A corrupted entry will be displayed like the following:
+ ++% gpart show +=> 63 1953525104 mirror/gm0 MBR (931G) [CORRUPT] + 63 1953525105 1 freebsd [active] (931G) ++ +
For more information, see +gpart(8) manual +page.
+In 9.0-RELEASE, FreeBSD ATA/SATA disk subsystem has been replaced with a new +cam(4)-based +implementation. The +cam(4) stands +for Common Access Method, which is an implementation of API set originally for SCSI-2 and +standardized as "SCSI-2 Common Access Method Transport and SCSI Interface Module". +FreeBSD has used +cam(4) subsystem +to handle SCSI devices since 3.X.
+ +Although the new +cam(4)-based +ATA/SATA subsystem provides various functionality which the old +ata(4) did not +have, it also has some incompatibility:
+ +An ATA/SATA disk is now recognized as a device node with a name ada0 instead of ad0. Currently, a symbolic
+link /dev/ad0 is automatically generated for /dev/ada0 to keep backward compatibility. This symbolic link
+generation can be controlled by a kern.cam.ada.legacy_aliases (enabled by default). You might want
+to update /etc/fstab and/or consider to use volume label (see
+
+glabel(8) for
+more detail) for specifying each file system to be mounted.
The +atacontrol(8) +utility cannot be used for +cam(4)-based +devices. The +camcontrol(8) +utility is a replacement.
+The +ataraid(4) +software RAID is supported by +graid(8) GEOM +class. It generates a device node with a name /dev/raid/r0 if you had /dev/ar0. Note that this is not enabled by default. To +enable it, enter the following line in the +loader(8) +prompt:
+ ++set geom_raid_load="YES" +boot ++ +
or add the following line to /boot/loader.conf:
+ ++geom_raid_load="YES" ++ +
and reboot the system. A symbolic link like /dev/ar0 will NOT be generated for /dev/raid/r0. Therefore, if +your system used /dev/ar0 as the root partition, mounting local +file systems will fail because it is renamed to /dev/raid/r0. +You need to update /etc/fstab manually in that case.
+The +burncd(8) +utility does not work with +cam(4)-based +devices. Use the cdrecord(1) utility in sysutils/cdrtools instead.
+Although variables in +rc.conf(5) are +basically compatible with earlier releases, ones related to network configuration are +changed because of reorganization of the rc(8) scripts.
+ +An address configuration now always needs an address family keyword. For example, the +following line
+ ++ifconfig_em0="192.168.2.1 netmask 255.255.255.0" ++ +
should be
+ ++ifconfig_em0="inet 192.168.2.1 netmask 255.255.255.0" ++ +
Although the old convention is still supported in the existing variables for backward +compatibility, some new variables do not support it.
+The ifconfig_IF_alias0 variable now requires an address family keyword
+to support non-IPv4 address families. For instance,
+ifconfig_em0_alias0="192.168.2.10 netmask 255.255.255.255" ++ +
should be
+ ++ifconfig_em0_alias0="inet 192.168.2.10 netmask 255.255.255.255" ++ +
Different address families can coexist like the following:
+ ++ifconfig_em0_alias0="inet 192.168.2.10 netmask 255.255.255.255" +ifconfig_em0_alias1="inet6 2001:db8:1::1 prefixlen 64" ++ +
Note that IPv6 alias configurations in ifconfig_IF_aliasN will
+be ignored when no ifconfig_IF_ipv6 variable is defined because it determines
+whether IPv6 functionality is enabled on that interface or not (this variable will be
+explained later).
All of alias and static routing configurations through +rc.conf(5) +variables will be deinstalled by invoking rc(8) scripts or the + +service(8) +command with stop keyword.
+ ++# service netif stop em0 ++ +
stops the interface em0.
+ ++# service routing stop ++ +
deinstalls all of static route configurations.
+ +The releases prior to 9.0-RELEASE did not support this functionality properly for +non-IPv4 protocols.
+IPv6 configuration handling has been changed in the following way. Before in-depth +explanations, here is a before-and-after example:
+ ++ifconfig_em0="192.168.2.1 netmask 255.255.255.0" +ifconfig_em0_alias0="192.168.2.2 netmask 255.255.255.255" + +ipv6_enable="YES" +ipv6_ifconfig_em0="2001:db8:1::1 prefixlen 64" +ipv6_ifconfig_em0_alias0="2001:db8:2::1 prefixlen 64" +# em1 uses SLAAC for IPv6 address configuration ++ +
should be in 9.0-RELEASE:
+ ++ifconfig_em0="inet 192.168.2.1 netmask 255.255.255.0" +ifconfig_em0_ipv6="inet6 2001:db8:1::1 prefixlen 64 accept_rtadv" +ifconfig_em0_alias0="inet 192.168.2.2 netmask 255.255.255.255" +ifconfig_em0_alias1="inet6 2001:db8:2::1 prefixlen 64" + +ifconfig_em1_ipv6="inet6 accept_rtadv" ++ +
More specific explanations of the changes are as follow:
+ +The ipv6_enable variable is deprecated. IPv6
+functionality on the system is enabled by default. No IPv6 communication will happen if
+you configure no IPv6 address.
9.0-RELEASE now supports intermediate configurations between a host and a router IPv6
+node. The ipv6_enable variable assumed that the system was a
+host node when ipv6_gateway_enable was set to NO (default), and a router node if not. A host node always accepted
+ICMPv6 Router Advertise message, and a router did not.
In 9.0-RELEASE, this model is still applied but in a per-interface basis, not a +system-wide basis. Specifically, an interface has an ACCEPT_RTADV flag, RA messages will be accepted on that interface +for SLAAC (StateLess Address AutoConfiguration) regardless of whether the packet +forwarding is enabled or not.
+ +In addition to them, a per-interface flag NO_RADR and a
+sysctl(8)
+variable net.inet6.ip6.rfc6204w3 have been added. This
+controls whether default router list information via RA messages on an RA-accepting
+interface should be ignore or not. In an IPv6 router model, it is not supposed accepting
+RA messages as information source of the default router list. Because of that FreeBSD
+9.0-RELEASE ignores the default router list part when IPv6 packet forwarding is enabled
+even if the interface has an ACCEPT_RTADV flag. However, this
+can make a difficult situation when the system has to work as a CPE (Customer Premises
+Equipment), which needs RA messages from the upstream network for network configuration
+and acts as a router for the LAN simultaneously. For more information about this kind of
+configurations, see RFC 6204.
To support this kind of configurations, the ipv6_cpe_wanif variable in
+rc.conf(5) can
+be used.
+ipv6_gateway_enable="YES" +ipv6_cpe_wanif="em0" ++ +
means the em0 interface accepts RA messages and the default +router information in them, and the other interfaces ignore the default router +information part even when setting ACCEPT_RTADV flag to +them.
+ +The ipv6_cpe_wanif internally sets the net.inet6.ip6.rfc6204w3 and the net.inet6.ip6.no_radr
+sysctl(8)
+variable to 1. Note that both are set to 0 by default. When the former is set to 1,
+FreeBSD accepts the default router list even when IPv6 packet forwarding is enabled. Note
+that a system administrator needs to set a NO_RADR flag on the
+other RA-accepting interfaces, if any, to prevent it from accepting unexpected default
+router information. The latter variable means the flag is automatically set to them.
If ipv6_enable="YES" is defined in 9.0-RELEASE, it means ipv6_activate_all_interfaces="YES" in /etc/rc.conf and inet6 accept_rtadv
+ifconfig(8)
+option in all network interfaces. Note that this is only for backward compatibility. The
+ipv6_enable should not be used in 9.0-RELEASE.
The ipv6_ifconfig_IF
+variable is renamed to ifconfig_IF_ipv6. This variable means whether IPv6
+functionality should be enabled on that interface or not. If there is no ifconfig_IF_ipv6, no IPv6
+functionality on the interface IF.
Note that the ifconfig_IF_ipv6 always needs the address family keyword
+inet6. If you need an automatic link-local address only, the
+following line is enough:
+ifconfig_em0_ipv6="inet6 auto_linklocal" ++ +
If you need full-blown IPv6 functionality on all interfaces like prior releases with
+ipv6_enable="YES", including ones with no ifconfig_IF_ipv6 line, you
+might want to use ipv6_activate_all_interfaces variable as
+explained later.
If ipv6_ifconfig_IF="..."
+is defined in 9.0-RELEASE, it means ifconfig_IF_ipv6="inet6 ...". Note that this is only for
+backward compatibility. The inet6 address family keyword is
+required for ifconfig_IF_ipv6, but was NOT required for ipv6_ifconfig_IF. The ipv6_ifconfig_IF should not be
+used in 9.0-RELEASE.
An interface with no corresponding ifconfig_IF_ipv6 variable is marked with an IFDISABLED flag by
+devd(8) daemon.
+This flag means IPv6 communication is disabled on that interface. This can also be found
+in output of
+ifconfig(8):
+% ifconfig em0 +em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 + options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM> + ether xx:xx:xx:xx:xx:xx + inet 192.168.2.1 netmask 0xffffff00 broadcast 192.168.2.255 + nd6 options=3<PERFORMNUD,IFDISABLED,ACCEPT_RTADV> + media: Ethernet autoselect (1000baseT <full-duplex>) + status: active ++ +
To enable IPv6 functionality, this flag should be removed first. There are several +ways to do so. Adding an IPv6 address automatically removes this flag. It is possible to +remove this flag explicitly by using the following command:
+ ++# ifconfig em0 inet6 -ifdisabled ++ +
Note that defining an ifconfig_IF_ipv6 is the most reasonable way to activate
+IPv6 functionality on that interface. This IFDISABLED flag is to
+prevent unintended IPv6 communications in an IPv4-only environment even when the
+interface has an IPv6 link-local address. If you need full-blown IPv6 functionality on
+all interfaces, you might want to use ipv6_activate_all_interfaces variable as explained later.
The
+sysctl(8)
+variable net.inet6.ip6.accept_rtadv has been changed. It was
+a system-wide configuration knob which means whether the system accepts ICMPv6 Router
+Advertisement messages or not. In 9.0-RELEASE, this knob is converted into a
+per-interface inet6 accept_rtadv
+ifconfig(8)
+option. Although the
+sysctl(8)
+variable is available still in 9.0-RELEASE, it now means whether the per-interface option
+is set by default or not. The default value is 0 (not accept the
+RA messages).
The
+sysctl(8)
+variable net.inet6.ip6.auto_linklocal has been changed. It
+was a system-wide configuration knob which means whether an IPv6 link-local address is
+generated on an network interface when it becomes up. In 9.0-RELEASE, this knob is
+converted into a per-interface inet6 auto_linklocal
+ifconfig(8)
+option. Although the
+sysctl(8)
+variable is available still in 9.0-RELEASE, it now means whether the per-interface option
+is set by default or not. The default value is 1 (generate a
+link-local automatically).
The functionality of ipv6_ifconfig_IF_alias0
+variable is integrated into ifconfig_IF_alias0.
+Note that address family keywords are always required:
+ifconfig_em0_alias0="inet 192.168.2.0 netmask 255.255.255.255" +ifconfig_em0_alias1="inet6 2011:db8:1::1 prefixlen 64 ++ +
Although ipv6_ifconfig_IF_aliasN is
+still usable in 9.0-RELEASE, it is only for backward compatibility.
A new ipv6_activate_all_interfaces variable has been
+added. If this variable is set to YES, IFDISABLED option will not be added even if ifconfig_IF_ipv6 variables are
+not defined. This can prevent IFDISABLED on dynamically-added
+interfaces such as
+ppp(4),
+tap(4), and
+ng_iface(4)
+where defining ifconfig_IF_ipv6 in advance is difficult.
The +resolvconf(8) +utility has been added and it now handles updating +resolv.conf(5) +file. Direct modifications to /etc/resolv.conf can be +overwritten by network configuration utilities such as +dhclient(8) and + +rtsold(8).
+In earlier releases various utilities were available to manage disk partition +information. They are deprecated in favor of the +gpart(8) +utility. Specifically, +fdisk(8), +disklabel(8) +bsdlabel(8), and + +sunlabel(8) +utilities are no longer supported actively though these are still available for backward +compatibility.
+This file, and other release-related documents, can be +downloaded from http://www.FreeBSD.org/releases/.
+ +For questions about FreeBSD, read the documentation before contacting <questions@FreeBSD.org>.
+ +All users of FreeBSD 9.0-STABLE should subscribe to the <stable@FreeBSD.org> mailing list.
+ +For questions about this documentation, e-mail <doc@FreeBSD.org>.
+ + +