FreeBSD The Power to Serve

Die technischen Fortschritte von FreeBSD

FreeBSD bietet viele hochentwickelte Funktionen.

Unabhängig von der Anwendung möchten Sie Ihr System optimal ausnutzen. Da FreeBSD den Fokus auf optimale Leistung, Netzwerk- und Speicherfunktionalitäten zusammen mit einer einfachen Systemverwaltung und einer exzellenten Dokumentation legt, sind Sie genau dazu in der Lage.

Ein komplettes Betriebssystem, basierend auf 4.4BSD.

FreeBSD hat seine Ursprünge in der BSD-Software, welche von der Computer Systems Research Group an der Universität von Californien, Berkeley, veröffentlicht wurde. Seit damals wurden mehr als 20 Jahre Arbeit in die Weiterentwicklung von FreeBSD investiert und unter anderem Skalierbarkeit, neue Netzwerkfunktionen, Managementtools, Dateisysteme und Sicherheitsfunktionen in FreeBSD integriert. Deshalb wird FreeBSD heute in allen Bereichen des Internets, beispielsweise als Betriebssystem von Core-Routern und Root-Nameservern, als Webserver für umfangreiche Webseiten sowie als Basis für weitverbreitete Desktop-Betriebssysteme eingesetzt. Diese weite Verbreitung wurde nur durch die weltweit verteilten und engagierten Mitarbeiter des FreeBSD Projects möglich.

FreeBSD 10.X brachte zahlreiche neue Funktionen und ersetzte viele vorhandene Tools durch aktualisierte Versionen.

  • bhyve: A new BSD licensed, legacy-free hypervisor has been imported to the FreeBSD base system. It is currently able to run all supported versions of FreeBSD, and with the help of the grub-bhyve port, OpenBSD and Linux.

  • KMS And New drm2 Video Drivers: The new drm2 driver provides support for AMD GPUs up to the Radeon HD 6000 series and provides partial support for the Radeon HD 7000 family. FreeBSD now also supports Kernel Mode Setting for AMD and Intel GPUs.

  • Capsicum Enabled By Default: Capsicum has been enabled in the kernel by default, allowing sandboxing of several programs that work within the "capabilities mode", such as:

    • tcpdump

    • dhclient

    • hast

    • rwhod

    • kdump

  • New Binary Packaging System: FreeBSD now uses pkg, a vastly improved package management system that supports multiple repositories, signed packages, and safe upgrades. The improved system is combined with more frequent official package builds for all supported platforms and a new stable branch of the ports tree for better long term support.

  • Unmapped I/O: The newly implemented concept of unmapped VMIO buffers eliminates the need to perform costly TLB shootdowns for buffer creation and reuse, reducing system CPU time by up to 25-30% on large SMP machines under heavy I/O load.

FreeBSD 9.X brachte zahlreiche neue Funktionen sowie Performanceverbesserungen, wobei der Fokus besonders auf die Bereiche Unterstützung von Desktopanwendungen sowie Sicherheit gelegt wurde.

  • OpenZFS: FreeBSD 9.2 includes OpenZFS v5000 (Feature Flags), including the feature flags:

    • async_destroy

    • empty_bpobj

    • lz4_compress

      which allow ZFS destroy operations to happen in the background, make snapshots consume less disk space, and offers a better compression algorithm for compressed datasets.

  • Capsicum Capability Mode: Capsicum is a set of features for sandboxing support, using a capability model in which the capabilities are file descriptors. Two new kernel options CAPABILITIES and CAPABILITY_MODE have been added to the GENERIC kernel.

  • Hhook: (Helper Hook) and khelp(9) (Kernel Helpers) KPIs have been implemented. These are a superset of the pfil(9) framework for more general use in the kernel. The hhook(9) KPI provides a way for kernel subsystems to export hook points that khelp(9) modules can hook to provide enhanced or new functionality to the kernel. The khelp(9) KPI provides a framework for managing khelp(9) modules, which indirectly use the hhook(9) KPI to register their hook functions with hook points of interest within the kernel. Together, they allow a structured way to dynamically extend the kernel at runtime in an ABI-preserving manner.

  • Accounting API has been implemented. It can keep per-process, per-jail, and per-login class resource accounting information. Note that this is neither built nor installed by default. To build and install this, specify the option RACCT in the kernel configuration file and rebuild the base system as described in the FreeBSD Handbook.

  • Resource-limiting API has been implemented. It works in conjunction with the RACCT resource accounting implementation and takes user-configurable actions based on the set of rules it maintains and the current resource usage. The rctl(8) utility has been added to manage the rules in userland. Note that this is neither built nor installed by default.

  • USB subsystem now supports USB packet filter. This allows capturing packets which go through each USB host. The architecture of the packet filter is similar to that of bpf. The userland program usbdump(8) has been added.

  • Infiniband support: OFED (OpenFabrics Enterprise Distribution) version 1.5.3 has been imported into the base system.

  • TCP/IP network stack now supports the mod_cc(9) pluggable congestion control framework. This allows TCP congestion control algorithms to be implemented as dynamically loadable kernel modules. Many kernel modules are available: cc_chd(4) for the CAIA-Hamilton-Delay algorithm, cc_cubic(4) for the CUBIC algorithm, cc_hd(4) for the Hamilton-Delay algorithm, cc_htcp(4) for the H-TCP algorithm, cc_newreno(4) for the NewReno algorithm, and cc_vegas(4) for the Vegas algorithm. The default algorithm can be set by a new sysctl(8) variable

  • SU+J: FreeBSD’s Fast File System now supports soft updates with journaling. It introduces an intent log into a softupdates-enabled file system which eliminates the need for background fsck(8) even on unclean shutdowns.

FreeBSD enthält zahlreiche weitere großartige Funktionen:

  • Firewalls: The base system includes IPFW and IPFilter, as well as a modified version of the popular pf with improved SMP performance. IPFW also includes the dummynet feature, allowing network administrators to simulate adverse network conditions, including latency, jitter, packet loss and limited bandwidth.

  • Jails are a light-weight alternative to virtualization. Allowing processes to be restricted to a namespace with access only to the file systems and network addresses assigned to that namespace. Jails are also Hierarchical, allowing jails-within-jails.

  • Linux emulation provides a system call translation layer that allows unmodified Linux binaries to be run on FreeBSD systems.

  • DTrace provides a comprehensive framework for tracing and troubleshooting kernel and application performance issues while under live load.

  • The Ports Collection is a set of more than 23,000 third party applications that can be easily installed and run on FreeBSD. The ports architecture also allows for easy customization of the compile time options of many of the applications.

  • Network Virtualization: A container ("vimage") has been implemented, extending the FreeBSD kernel to maintain multiple independent instances of networking state. Vimage facilities can be used independently to create fully virtualized network topologies, and jail(8) can directly take advantage of a fully virtualized network stack.

Last modified on: 26. Januar 2021 by Sergio Carlavilla Delgado