FreeBSD offers many unique features.
No matter what the application, an operating system should take advantage of every resource available. FreeBSD’s focus on performance, networking, and storage combines with ease of administration and comprehensive documentation to realize the full potential of a computer.
A complete operating system based on 4.4BSD
FreeBSD’s roots are the BSD software releases from the Computer Systems Research Group at the University of California, Berkeley. Decades of development have led to advanced scalability, network performance, management tools, file systems support, security and other features. FreeBSD is found across the Internet in core router products, running root name servers, hosting major web sites, and as a foundation for widely used desktop operating systems.
More than a file system, ZFS is fundamentally different from traditional file systems. Combining the traditionally separate roles of software RAID, volume manager and file system provides ZFS with unique advantages.
ZFS has three main design goals:
ZFS boot environments
A ZFS boot environment is a bootable clone/snapshot of specially preselected parts of a system.
Use cases include:
Bulletproof upgrades/changes to the system
Create safe fallback ZFS Boot Environment before upgrade or changes to the system
Update a new (inactive) environment without altering the active environment
Perform upgrade and test the results inside jail
Copy/move ZFS boot Environment into another machine
Major reconfiguration (Bareos/Postfix/…)
Mass populate large number of servers with one configured BE
Bare metal backup solution.
Jails originated with FreeBSD 4.X.
They build upon chroot(8), which changes the root directory. This creates a safe environment, separate from the rest of the system. Processes created in a jailed environment can not access files or resources outside of it.
Jails improve upon chroot in several ways. In a traditional chroot environment, processes are limited to a part of the file system. The rest of the system resources, system users, running processes, and the networking subsystem are shared by the chrooted processes and the processes of the host system. Jails further restrict access to the file system, the set of users, and the networking subsystem. Finer-grained access controls are available.
More than 30,000 applications and libraries are ported to FreeBSD. The architecture allows easy customization of compile time options of many of the ports.
Linux binary compatibility
Linux binary compatibility, commonly referred to as Linuxulator, allows FreeBSD to run many unmodified Linux binaries. It does not involve virtual machines or emulation; instead, it provides the binaries with kernel interfaces identical to those provided by a real Linux kernel. Linuxulator is comparable to 32-bit FreeBSD binaries running on a 64-bit FreeBSD kernel.
DTrace, also known as Dynamic Tracing, was developed by Sun Microsystems™ to locate performance bottlenecks in production and pre-production systems. In addition, DTrace can help to investigate and debug unexpected behaviors in the kernel and in userland.
DTrace has an impressive array of features. It’s scriptable. Developers can use the DTrace D Language to create utilities for custom profiling.
The FreeBSD implementation provides full support for kernel DTrace and experimental support for userland DTrace. Userland DTrace allows users to perform function boundary tracing for userland programs using the pid provider, and to insert static probes into userland programs for later tracing.
Capsicum allows sandboxing of several programs that work within the "capabilities mode", such as:
VNET virtualizes the network stack. The basic idea is to change
global resources most notably variables into per network stack
resources and have functions, sysctls, eventhandlers, etc. access
and handle them in the context of the correct instance. Each
(virtual) network stack is attached to a prison, with vnet0 being
the un-restricted default network stack of the base system.
VIMAGE facilities can be used independently to create
fully virtualized network topologies, and
jail(8) can directly benefit from a fully virtualized network
Last modified on: July 23, 2022 by Sergio Carlavilla Delgado