| |
| ▲ | spauldo 7 hours ago | parent | next [-] | | FreeBSD is a heavier, more capable system, suitable for large servers. It's got its own virtualization platform (bhyve), an LXC-ish container system (jails), native ZFS, dtrace, Linux emulation, and a bunch more. It makes for a decent workstation and has pretty decent hardware support. NetBSD is small and simple. It's a lot like an old-school UNIX. It makes a decent platform for small services. I run bind and dhcpd on a NetBSD machine. The source code is very pleasant to read. It uses the pkgsrc software repository. It's my preferred platform for writing POSIX code. OpenBSD still carries much of the general feel of NetBSD and can fill a similar niche on a network, but the security focus stands out in their documentation, subprojects (OpenSSH, LibreSSL, OpenNTPD, etc.), APIs (see pledge(8)), and policies. It makes for a great firewall. I'd say it also requires the most know-how. All of them have excellent documentation (especially compared to Linux distros) and the base system is developed alongside the kernel, giving you a very consistent experience compared to Linux distros where everything is developed in isolation. If you write C, it's worth keeping a BSD system around just for the manpages and to make sure you're not letting Linuxisms creep into your codebase. | | |
| ▲ | tete 2 hours ago | parent | next [-] | | > Linux emulation Just to clarify. It's not emulation in the sense it's slower or something. They call it compatibility layer, which is better, but also nobody knows what it means. This is simplifying a bit, but it's essentially "Linux is just a kernel" so the interface is just Linux syscalls, so the FreeBSD kernel when executing a Linux binary simply answers like Linux (so it has those system calls). How this is used in practice is that on your file system you have Ubuntu/RedHat/... "installed" (so the files and the file hierarchy are lying there) and you either directly or in a FreeBSD jail execute things in there or the binary you have. I don't know how well it works in the present but in the past that means you could simply download the Unreal Tournament 2004 multiplayer demo or Enemy Territory or other games and just play them as if you were running Linux, 3D acceleration and all, without VM without real emulating, just the kernel providing what a Linux kernel would provide. Also "heavy" is very very relative and subjective. You can totally have a tiny FreeBSD and a huge OpenBSD and one could argue OpenBSD is "heavy" because it comes with three window managers, an HTTP server, a full blown SMTPD server, ACME client and a ton of stuff that eg a server install of Debian or Ubuntu doesn't come with. But also if you run eg. ZFS things are heavy of course. FreeBSD has however had a time when it tried to strip a lot of stuff from the default install and make stuff either optional or make things available through ports/packages only. And also there are surprises to be had with such overviews: Eg. your Lenovo laptop likely will give you a more "out of the box" experience on OpenBSD compared to FreeBSD with things like simple wifi setup, sound often doing the right thing (work, come out the right place, etc.) compared to FreeBSD. Also with stuff like HTTPD with ACME being available in a simple way after install I'd say OpenBSD is easier than FreeBSD. FreeBSD to me feels a bit more like "it can be everything you want it to be". Ports and packages can be complicated if you just start out, compared to OpenBSDs "just use packages" stance. On OpenBSD things in my experience are more of a "it works or doesn't" and when it works often out of the box and/or with docs, while on FreeBSD it's more like it throws some tools into your direction you can build stuff (poudriere, jails, a build system with many options). So it's really cool if you want flexibility but a bit more like you have to figure out if it's possible and how. But that might simply be because of the use cases I used it for. That said all of them are real general purpose systems, unlike eg. some Linux distributions. So it's not like "OpenBSD is for routers" even though it often seems like it. There are time when the GPU support is better on OpenBSD than FreeBSD's. But also FreeBSD has official NVIDIA drivers, so it's all not that clear cut. | |
| ▲ | mxuribe 6 hours ago | parent | prev [-] | | Thank you, this helped alot! |
| |
| ▲ | ch_123 8 hours ago | parent | prev | next [-] | | The "lightweight" nature of OpenBSD is a matter of perspective - if you are happy with OpenBSD's feature set, then it's a plus. On the other hand, FreeBSD has a lot of additional features, including ZFS, which may be of interest. The last I checked, FreeBSD was more performant in various benchmarks, particularly regarding multi-core performance. | | |
| ▲ | dijit 7 hours ago | parent [-] | | FreeBSD has a bit more of a lax attitude historically to security[0] and seems to prefer being reasonably performant and "easy to use" (this is subjective, but they care about supporting packages outside of base very much, and bundle non-FreeBSD produced packages as part of their base). OpenBSD on the other hand is perfectly happy to leave oodles of performance on the table for security. They were the first OS to completely drop Hyperthreading support for example, years before spectre/meltdown. So with these things in mind, FreeBSD is a lot more performant. [0]: https://vez.mrsk.me/freebsd-defaults |
| |
| ▲ | nelsonic 8 hours ago | parent | prev | next [-] | | FreeBSD has the same roots as OpenBSD but the former has a “compatibility” focus whereas the latter has the security focus.
Having a background in security, the choice was obvious for me. But each person/org should decide based on their needs.
Haven’t had any issues running it on all major hardware (Dell, HP, Lenovo, Apple, etc) the UI isn’t as pretty as macOS on Desktop, but it runs Firefox & Chrome, etc. so you can do everything you need.
If you have an older Lenovo or Mac lying around collecting dust, dive in! | | |
| ▲ | riedel 8 hours ago | parent | next [-] | | Actually that is mostly current HW compat. NetBSD would be I guess the one for legacy HW compat. | | |
| ▲ | cestith 4 hours ago | parent [-] | | OpenBSD does support some older hardware already not supported by, say, most Linux distributions. As an example MacPPC has’t had support from most Linux distributors since IBM Power went little-endian, but OpenBSD runs fine on it. NetBSD is, however, the gold standard for an OS that runs on just about anything. Their (maybe unofficial) slogan has been “Of course it runs NetBSD!”. Their logo has a flag in it because they “plant their flag” on so many platforms. https://wiki.netbsd.org/ports/ |
| |
| ▲ | mxuribe 8 hours ago | parent | prev | next [-] | | Yeah, thanks that helps! Its the old convenience vs security balancing act :-) | | |
| ▲ | nelsonic 8 hours ago | parent [-] | | 100%. I put off learning/using OpenBSD for a decade until a breach at a client (we weren’t responsible for DevOps/SysAdmin) made me pick it up because I don’t have time to be a full-time Linux Sysadmin anymore. Just want the servers to run without having to think about them. Wish I’d done it sooner.
Lost at lot of time on Linux, Docker, K8s, etc. that I could have skipped completely with OpenBSD.
Our servers are an order of magnitude simpler now, just single services per VM and I sleep better. ;-) | | |
| ▲ | mxuribe 6 hours ago | parent [-] | | > ...I don’t have time to be a full-time Linux Sysadmin anymore. Just want the servers to run without having to think about them... Very salient comment there! And, while not the only reason for me, but what you noted is sort of one reason that's triggering the itch in me to go back to playing with the BSDs. Don't get me wrong, I still do love fiddling around with some areas of linux once in a while....but then, there are other uses/areas where i just want a server to do its thing, and for my maintenance to be a little less (at least less than some linux distros require). So maybe i'm not the only one? :-) | | |
| ▲ | nelsonic 4 hours ago | parent [-] | | Yeah, time is finite and fleeting and the older I get the faster it seems to go! As a teen I had infinite time to compile Linux and debug stuff. Now I just want to spend time with family/outdoors and not be stuck in a windowless room negotiating with a black box. ;-P | | |
|
|
| |
| ▲ | wang_li 8 hours ago | parent | prev [-] | | There was FreeBSD and NetBSD. NetBSD supporting many platforms while FreeBSD supported just x86. There was some contention between NetBSD developers and Theo and crew left to create OpenBSD. They all more or less have common ancestry being derivatives of 386BSD. | | |
| ▲ | mxuribe 8 hours ago | parent [-] | | Yeah, i knew there was some aspects of decendancy across the different BSDs. And, I mentioned NetBSD for embedded stuff...but really, i *think* its that NetBsd is simply installed on tons of different hardware....so not only embedded....i kinda remembered that about NetBSD. But, its the other BSDs - in particular FreeBSD vs OpenBSD - that i always forget the differences...but got it now. Thanks! | | |
| ▲ | Brian_K_White 7 hours ago | parent [-] | | freebsd = utility openbsd = security netbsd = portability freebsd: performance, features, drivers, software compat -
closest to linux in utility & usability though unlike linux in execution openbsd: safety for exposed services netbsd: portable across many cpu & hardware platforms - big-endian powerpc sun, hitachi sh3 jornada, etc, easiest to port to a new arch | | |
| ▲ | Melatonic 4 hours ago | parent | next [-] | | Can FreeBSD be stripped down to be more like OpenBSD security wise while still keeping the performance benefits ? | | |
| ▲ | Brian_K_White an hour ago | parent [-] | | It can be customized just like linux where you can compile a custom kernel omitting unneeded features and then also ship a small userspace around it, and the core userspace tools are generally a little less feature rich than linux's already. But it's not a matter of surface area that makes openbsd solid, it's the priorities while writing that affects how every little thing has been written over time. You can write 10 different versions of a function that all work and are all nominally perfectly free of security gaps. Yet they will all still be 10 different levels of robust. Some versions will fail as soon as some assumption is violated, and some make fewer assumptions and remain safe even when varying amounts and forms of "that can't happen" happens. It's not just cosmic ray bit flips either, or a hacker trying to do power glitch attacks or rowhammer etc, stuff that makes the hardware violate it's promises. But stuff like a different developer updating something 15 years later who is not the original and does not realize every single facet of how it works and just how the current implimentation covers all possible edge cases, and so doesn't realize how their change opened up an edge case that was covered before. With fragile code, the new code simply has the new security gap until someone discovers it the hard way. With robust code, it's more likely to still be safe. The edge case maybe makes it fail to function, but not in a way that anyone can use productively. Not that freebsd is exactly swiss cheese. These are all relative. I would and do rely on freebsd any day. |
| |
| ▲ | mxuribe 6 hours ago | parent | prev [-] | | Oh this is a wonderful and succinct summary; thanks! |
|
|
|
| |
| ▲ | SanjayMehta 8 hours ago | parent | prev [-] | | OpenBSD is security focused while FreeBSD will remind you of older X-Windows workstations. | | |
| ▲ | mxuribe 8 hours ago | parent [-] | | Thanks! And, wow, do i miss the old X-window workstations...well, i should clarify that i LOVED those (I think they were Sparc?) workstations that ran Solaris or SunOS back in the day! Man, that takes me back some years...but i really loved those machines! :-) | | |
| ▲ | mghackerlady 7 hours ago | parent [-] | | OpenBSD supports sparc very well and is compatible with old sunos stuff (iirc). Unfortunately no 68k anymore (okay, technically there's a niche flavour of 68k that still is supported because of a very dedicated man in Japan) | | |
| ▲ | brynet 6 hours ago | parent [-] | | > OpenBSD supports sparc very well and is compatible with old sunos stuff (iirc) No 32-bit sparc anymore (only UltraSPARC, aka sparc64). No SunOS compatibility (despite Theo de Raadt inventing it for NetBSD, before being copied by other BSDs). https://marc.info/?l=openbsd-tech&m=161435521906992&w=2 > Technically there's a niche flavour of 68k that still is supported because of a very dedicated man in Japan luna88k, while related, is not 68k. https://www.openbsd.org/luna88k.html | | |
| ▲ | mghackerlady 5 hours ago | parent [-] | | I must've read about the sunos thing somewhere and imagined it still existed. >luna88k, while related, is not 68k I misremembered it as being similar to the relationship between the 6502 and the 65C816 |
|
|
|
|
|
