A recent article on Developerworks discussed some reasons for using FreeBSD. I was quite surprised that none of the things I liked or disliked about FreeBSD were mentioned in the article. Here's my take on FreeBSD.

One really neat thing about FreeBSD is that it's got a background fsck. When you boot, if an fsck is required it will just print out a line saying that it's starting a background fsck and will continue on booting. This is particularly beneficial because the standard file-systems aren't journaling, so an unclean reboot would normally result in a lengthy fsck.

Also, the shaping (as I've mentioned before here) is first rate. Particularly for giving individual shaping to a bunch of systems behind the FreeBSD system, you can literally set up 256kbps shaping for a class-A network (24 million hosts) with just two commands.

OpenBSD takes another step forward by allowing NAT firewalls to be clustered such that multiple machines share information about open connections, so that if one system fails the other can take over the job of a NAT firewall seamlessly.

Those are some of the advantages I found about FreeBSD. It wasn't all rosy though. I ran two FreeBSD machines for testing, each on slightly different hardware, both of which were reporting DMA errors and crashing or hanging once to twice a week when handling around 5mbps of network traffic. These same computers have had absolutely no problems running Linux handling the same loads, so I suspect a driver issue more than a hardware issue.

Also, I really don't like the ports system. I know a lot of people love it, but the simple task of finding out if there are any updates required and getting them applied is not as simple as I'd like. I also like that under Linux I get a /usr/local that I can put truly local software in, where in FreeBSD most of the ports software gets installed there. So, it's not really possible to put local software in a "standard" place that's easy to separate from the system software. Also, /usr/local isn't in many of the paths, resulting in crons failing and the like because Python doesn't exist in the PATH.

Also, FreeBSD tries to be clever in some pretty annoying ways. If you try to bring up an IP address on an interface, and there is already an ARP entry for that IP on another machine, it will refuse to bring it up. If it notices ARP traffic from another machine for an IP on an interface, it will drop that IP alias. Normally this would be a good thing, preventing conflicts. However, if you are trying to set up a pair of redundant routers, and are involved in a fail-over, there is likely to be an ARP entry for the other system in the local table. Reliably setting up a handful of IPs in a fail-over situation required quite a bit of work, because IPs would just disappear sometimes.

Software under FreeBSD is also less well tested than under Linux. For example, we had to submit a number of patches to the heartbeat software to get it working reliably under Linux.

Finally, the stock kernel requires a fair bit of tuning, and that tuning requires rebuilding the kernel. Where in Linux you can install a distro and immediately push large amounts of traffic through it as a router or firewall, with FreeBSD you have to tweak the HZ setting and enable interrupt mitigation before it is able to handle even fairly modest amounts of traffic. If you need new drivers, you can't just "modprobe" them, you have to build a new kernel. The kernel build process is easy, don't get me wrong, but I ended up having to build a new kernel 4 or 5 times to get the appropriate settings for doing NATing, filtering and shaping, the right drivers and performance tuning.

FreeBSD is a nice OS and all, and definitely has some advantages, but it's not free of disadvantages. It's nice to have the alternative, that's for sure.
(Post Reply)