FreeBSD The Power to Serve

About FreeBSD's Technological Advances

FreeBSD offers many unique features.

No matter what the application, an operating system should take advantage of every resource available. FreeBSD’s focus on performance, networking, and storage combines with ease of system administration and comprehensive documentation to realize the full potential of any computer.

A complete operating system based on 4.4BSD.

FreeBSD’s distinguished roots derive from the BSD software releases from the Computer Systems Research Group at the University of California, Berkeley. Over twenty years of work have been put into enhancing FreeBSD, adding industry-leading scalability, network performance, management tools, file systems, and security features. As a result, FreeBSD may be found across the Internet, in the operating system of core router products, running root name servers, hosting major web sites, and as the foundation for widely used desktop operating systems. This is only possible because of the diverse and worldwide membership of the volunteer FreeBSD Project.

FreeBSD 10.X introduces many new features and replaces many legacy tools with updated versions.

  • bhyve: A new BSD licensed, legacy-free hypervisor has been imported to the FreeBSD base system. It is currently able to run all supported versions of FreeBSD, and with the help of the grub-bhyve port, OpenBSD and Linux.

  • KMS And New drm2 Video Drivers: The new drm2 driver provides support for AMD GPUs up to the Radeon HD 6000 series and provides partial support for the Radeon HD 7000 family. FreeBSD now also supports Kernel Mode Setting for AMD and Intel GPUs.

  • Capsicum Enabled By Default: Capsicum has been enabled in the kernel by default, allowing sandboxing of several programs that work within the "capabilities mode", such as:

    • tcpdump

    • dhclient

    • hast

    • rwhod

    • kdump

  • New Binary Packaging System: FreeBSD now uses pkg, a vastly improved package management system that supports multiple repositories, signed packages, and safe upgrades. The improved system is combined with more frequent official package builds for all supported platforms and a new stable branch of the ports tree for better long term support.

  • Unmapped I/O: The newly implemented concept of unmapped VMIO buffers eliminates the need to perform costly TLB shootdowns for buffer creation and reuse, reducing system CPU time by up to 25-30% on large SMP machines under heavy I/O load.

FreeBSD 9.X brought many new features and performance enhancements with a special focus on desktop support and security.

  • OpenZFS: FreeBSD 9.2 includes OpenZFS v5000 (Feature Flags), including the feature flags:

    • async_destroy

    • empty_bpobj

    • lz4_compress

which allow ZFS destroy operations to happen in the background, make snapshots consume less disk space, and offers a better compression algorithm for compressed datasets.

  • Capsicum Capability Mode: Capsicum is a set of features for sandboxing support, using a capability model in which the capabilities are file descriptors. Two new kernel options CAPABILITIES and CAPABILITY_MODE have been added to the GENERIC kernel.

  • Hhook: (Helper Hook) and khelp(9) (Kernel Helpers) KPIs have been implemented. These are a superset of the pfil(9) framework for more general use in the kernel. The hhook(9) KPI provides a way for kernel subsystems to export hook points that khelp(9) modules can hook to provide enhanced or new functionality to the kernel. The khelp(9) KPI provides a framework for managing khelp(9) modules, which indirectly use the hhook(9) KPI to register their hook functions with hook points of interest within the kernel. Together, they allow a structured way to dynamically extend the kernel at runtime in an ABI-preserving manner.

  • Accounting API has been implemented. It can keep per-process, per-jail, and per-login class resource accounting information. Note that this is neither built nor installed by default. To build and install this, specify the option RACCT in the kernel configuration file and rebuild the base system as described in the FreeBSD Handbook.

  • Resource-limiting API has been implemented. It works in conjunction with the RACCT resource accounting implementation and takes user-configurable actions based on the set of rules it maintains and the current resource usage. The rctl(8) utility has been added to manage the rules in userland. Note that this is neither built nor installed by default.

  • USB subsystem now supports USB packet filter. This allows capturing packets which go through each USB host. The architecture of the packet filter is similar to that of bpf. The userland program usbdump(8) has been added.

Infiniband support: OFED (OpenFabrics Enterprise Distribution) version 1.5.3 has been imported into the base system.

  • TCP/IP network stack now supports the mod_cc(9) pluggable congestion control framework. This allows TCP congestion control algorithms to be implemented as dynamically loadable kernel modules. Many kernel modules are available: cc_chd(4) for the CAIA-Hamilton-Delay algorithm, cc_cubic(4) for the CUBIC algorithm, cc_hd(4) for the Hamilton-Delay algorithm, cc_htcp(4) for the H-TCP algorithm, cc_newreno(4) for the NewReno algorithm, and cc_vegas(4) for the Vegas algorithm. The default algorithm can be set by a new sysctl(8) variable

  • SU+J: FreeBSD’s Fast File System now supports soft updates with journaling. It introduces an intent log into a softupdates-enabled file system which eliminates the need for background fsck(8) even on unclean shutdowns.

FreeBSD includes a number of other great features:

  • Firewalls: The base system includes IPFW and IPFilter, as well as a modified version of the popular pf with improved SMP performance. IPFW also includes the dummynet feature, allowing network administrators to simulate adverse network conditions, including latency, jitter, packet loss and limited bandwidth.

  • Jails are a light-weight alternative to virtualization. Allowing processes to be restricted to a namespace with access only to the file systems and network addresses assigned to that namespace. Jails are also Hierarchical, allowing jails-within-jails.

  • Linux emulation provides a system call translation layer that allows unmodified Linux binaries to be run on FreeBSD systems.

  • DTrace provides a comprehensive framework for tracing and troubleshooting kernel and application performance issues while under live load.

  • The Ports Collection is a set of more than 23,000 third party applications that can be easily installed and run on FreeBSD. The ports architecture also allows for easy customization of the compile time options of many of the applications.

  • Network Virtualization: A container ("vimage") has been implemented, extending the FreeBSD kernel to maintain multiple independent instances of networking state. Vimage facilities can be used independently to create fully virtualized network topologies, and jail(8) can directly take advantage of a fully virtualized network stack.