Chapter 11 Configuration and Tuning section of the FreeBSD handbooks provides some good basic advise on tuning FreeBSD.

When running FreeBSD as a host for multiple jails, or as a terminal server the usage is not what you would normally see on a single server or desktop. In both situations, it would be a situation of multiple servers or hundreds of users sharing a single kernel and possibly file sytem. Most of these you can tune at run time (/etc/sysctl.conf) others at boot time (/boot/loader.conf). The following are three, that you probably want to change.

• security.bsd.see_other_uids=0

This one is a good one for multiuser systems, it prevents them from seeing other people's processes. This is also good, for terminal servers also, because users only see their processes.

• kern.ipc.somaxconn

Limits the size of the listen queue for accepting new TCP connections. Got bit by this one, as we added another 2 virtual servers each running multiple services, we had issues connecting to ssh.

Set this as advised to 1024 or 2048 for servers with a lot of network connections.

• kern.maxfiles

Indicates the maximum number of file descriptors on your system. Definitely needs to be increased for a terminal server, as each desktop user would have dozens of applications running and lots of files open.

Similar situation also for servers.

I usually set this at at 25000.

Haven't encountered yet the need to tune other OS parameters, most performance enhancements for me so far has been in userspace. As an example the recent move to Squid front end and removal of Apache rewrites has reduced average cpu use from around 10-25% to neglible levels <3% on our main server. It's very likely we will hit network bandwidth limits before CPU.