A brief look at FreeBSD

Posted by todsacerdoti 17 hours ago

A brief look at FreeBSD(yorickpeterse.com)

130 points | 70 commentspage 2

runjake 9 hours ago|

It looks like current versions of FreeBSD support Linux containers and podman. Can anyone speak to the experience and performance there?

sunshine-o 9 hours ago|

Depending on what you are doing and what you wanna run you don't really need it. For most use cases, just `pkg install -j` (-j is for jail) what you want. Or just put the Linux binary (prefereably the musl/alpine one) in a thin jail it usually works.

I haven't tried podman in FreeBSD yet because from what I understand you can only run it as root right now, so it kind of defeat the purpose.

josteink 9 hours ago||

I fondly remember working with FreeBSD in my younger days when I would tinker more.

Back in those days I could make any Windows installation unrecoverable. I could severely botch a Linux system. But FreeBSD would always keep chugging, no matter what crazy idea I wanted to try.

It may not be the fastest. It may not be the flashiest. But in my mind, it has this whole "reliability" thing written all over it like no other OS has.

For instance, when I was a student (and thus poor), I had a PC made of (free) scavenged parts. It wouldn't boot Windows. Linux would crash during boot. But FreeBSD just chugged along like there were no issues at all.

I later discovered there were some physical issues with the UDMA mode on the IDE controller, and that's probably what tripped of the other OSes, but FreeBSD would just work. Albeit slowly, but it actually ran fine. For years.

So while I no longer rely on FreeBSD myself, I look back on it with fondness. That's also why I decided to help port .NET to FreeBSD when the first cross-platform version of .NET Core was launched (for Windows, Linux and Mac only). I thought every decent OS deserved to have a working .NET version ;)

ssl-3 8 hours ago|

A little less than 25 years ago, my then-new day job wanted me to build them a new mail server, using Linux.

I'd put together one or two public-facing mail servers before, but it'd been a few years and the landscape had changed (postfix was the new hotness, sendmail was old news, etc). And I had a FreeBSD machine at home that I'd previously built from garbage that I was using for NAT and a few other things.

So, wanting to appear all slick and stuff at the new job, I built a prototype at home on that FreeBSD box using a freebie dyndns subdomain (which was still practical at that time).

It all worked great. For a couple of years I even used it to host my own email at home. It was less trouble to maintain than the Linux-based thing I'd built at work even though they both started with the same software configs.

But that FreeBSD box was only ever a little forgettable trash-built machine, so there were no backups at all when the hard drive crashed completely (there were grooves worn into the platters) while I was out of town.

Which might normally be the end of the story, but: FreeBSD kept rolling just fine. Whatever data was in RAM (which apparently included at least sshd and bash) remained in RAM and stayed usable, and it kept routing packets like nothing had ever happened at all.

I marveled at this for a few weeks as this very broken machine kept flawlessly doing its NAT duties and providing solid Internet access for my LAN until I scrounged up enough pennies to buy my first "home router": A Linksys WRT54GS. (That little hackable Linux box was a very fun introduction to the rabbit hole of using hardware in unintended ways, but that's a story for a different comment section.)

sunshine-o 9 hours ago||

I have been daily driving FreeBSD for a while now (as a newcomer, coming from Linux) and surprisingly the experience for me was different from what you usually hear.

Pros:

- It is actually in a way easier than Linux. The installation is less complex and more reliable than a Fedora if you are not afraid of the TUI. More important it will soon include a desktop installation script.

- All the software you will ever need is in pkg or ports unless you are a degen

- You will pick up jails for container use cases in 10 minutes and will never want to go back

- VM with vm-bhyve is simpler than libvirt and no XML to deal with.

- Same with networking, you will pick it up quickly and no more confusion between NetworkManager, systemd-networkd, ifup, etc.

- The linux-compat feature will get you very far and there are a lot of Linux apps packaged already

- Hardware support is ok if you check first on https://bsd-hardware.info/

- The wifi thing is no problem with https://github.com/pgj/freebsd-wifibox

Cons:

- You won't be able to mount/read your LUKS drives from your Linux era.

- Sometime very critical packages like Chromium disappear because they won't build (for example no chromium in pkg on the current FreeBSD 15 BETA)

- Bhyve do not support SPICE so you are stuck with the perf of VNC.

- Bhyve do not have vsock so no blazing fast waypipe

- You basically loose a lot of security feature of web browsers, most of the sandboxing of Firefox and Chrome. This is really bad.

- I haven't really dived into it but it seems there is no Bluetooth LE

- It is fast but doesn't feel as fast as an Alpine

If you are thinking about it and this is ok for you, I would say go for it.

0x1ch 8 hours ago|

A lot of your points are valid, however... some are taking some liberties. Are you actually running into usecases where FreeBSD is easier or faster to install than current release Fedora Server?

> The wifi thing is no problem with...

You're seriously proposing end users run Linux VMs with PCIe Passthrough to get modern networking cards to work?

A lot of wishful thinking in this thread about FreeBSD on workstations.

sunshine-o 7 hours ago||

> A lot of your points are valid, however... some are taking some liberties. Are you actually running into usecases where FreeBSD is easier or faster to install than current release Fedora Server?

It is just that the Fedora installer is more complex... and also will fail often at partitioning or during install. I've done it hundreds of time and it failed dozens on time.

I would still recommend Fedora to Linux users but the FreeBSD installer much more simple and straightforward.

> You're seriously proposing end users run Linux VMs with PCIe Passthrough to get modern networking cards to work?

It is an Alpine running on the hypervisor you won't even notice it. It consumes less than web browser tab...

Plus it has benefits from a security point of view.

I would rather FreeBSD devs focus on other things than porting all wifi drivers.

0x1ch 6 hours ago||

I think the most complex part of a desktop linux install is the partitioning, but sane defaults are handed to you on most installers, so I'm curious about the failures and what induced them.

As for the whole wifi thing... Yeah man, FreeBSD isn't ready for vast majority of people, even linux veterans. I know getting the manpower to write those drivers isn't always possible, but we're talking years of this being ignored. Which has led to solutions like yours.

Something trivial to us, is not for others. It's pretty insane to even think that is a supported solution to that problem.

sunshine-o 5 hours ago||

It's just `pkg install wifibox` ... The only dependencies are bhyve and socat.

It is actually a very simple and elegant solution to an horrible problem.

Lammy 4 hours ago||

And it won't even be necessary for many people since a lot of work has gone into FreeBSD's Wi-Fi support recently: https://freebsdfoundation.org/blog/improving-and-debugging-f...

Personally even as a FreeBSD fanperson I wouldn't want to rely on wifibox no matter how elegant it is to use. It would forever irritate the “omg ugly hack” part of my brain lol

I installed FreeBSD 14.3 on my Framework Laptop 12 and the stock Intel AX211 Wi-Fi card Just Worked™ out of the box in FreeBSD 14.3 after a `fwget` to download the proprietary firmware blobs (removed from base between 14.2 and 14.3, FYI) while USB-tethered to my Android with a simple `dhclient ue0`:

- https://i.imgur.com/vulqdvc.jpeg

- https://i.imgur.com/S6OcWMA.jpeg

georgehaake 11 hours ago||

Nicely done. Curious which VM host you used on the Mac?

YorickPeterse 10 hours ago||

I'm using UTM (https://mac.getutm.app/), mostly because it seemed like the easiest thing to set up.

pss314 6 hours ago||

FreeBSD has published a youtube video along with a blog post to run FreeBSD VM on Apple Silicon.

- https://www.youtube.com/watch?v=CWuZLJkUBfw

- https://freebsdfoundation.org/blog/three-ways-to-try-freebsd...

unacorner 8 hours ago||

It took FreeBSD almost 20 years to implement ASLR:

https://svnweb.freebsd.org/base?view=revision&revision=34396...

Is security not a priority for their developers?

laxd 8 hours ago||

My impression is that ASLR just hasn't been well regarded and prioritized. See for example this tweet by cperciva: https://x.com/cperciva/status/1528971801983823872

avadodin 7 hours ago||

ASLR implemented at the mmap level in 32 bits(which was 100% of FreeBSD usage in 2005) is less than 20bits of randomness try 1M times and you've broken it add to that limitations in early implementations where large swaths of the address space were reserved for kernel and shared libraries and you're in a scenario where many of your exploits maybe fail to run the first couple of times and that's ignoring side channels or kernels such as Linux degrading back due to difficulty adapting some other feature to use ASLR.

Lammy 9 hours ago|

> For example, ZFS seems interesting but Btrfs is probably close enough for most people.

They are not directly comparable since ZFS is also the volume manager for your ZFS filesystems, enabling features like `zfs send` of snapshots or entire filesystems for easy backups.

> Let's start with the first and probably most important step: setting up the network. […] I don't fully remember how I actually set up the network as it's been a while, but it involved adding the following to `/etc/rc.conf`

This would be a great time to show off FreeBSD's documentation. A great “Step 1” would be https://man.freebsd.org/cgi/man.cgi?networking(7)

And then later on when people reasonably wonder what the heck else is going on in `rc.conf`: https://man.freebsd.org/cgi/man.cgi?query=rc.conf

All of the modern `rc.conf` examples will also be using `sysrc` instead of telling you to edit the file directly, at first as a first line of defense against fatfingering the file formatting, and later when you get more advanced as a way to transparently descend into Jails' `rc.conf`s without having to think about it: https://man.freebsd.org/cgi/man.cgi?query=sysrc

One thing FreeBSD's installer does not do a good job with that's very relevant for laptop usage is any automatic setup of hardware-specific kernel modules. You will want to enable either `coretemp` or `amdtemp` (depending on your particular Framework model) which will automatically populate all the sensor data, easily queried via `sysctl`:

- https://man.freebsd.org/cgi/man.cgi?coretemp

- https://man.freebsd.org/cgi/man.cgi?amdtemp

  [Lammy@Emi] sysctl dev.cpu.{0..7}.temperature
  dev.cpu.0.temperature: 40.0C
  dev.cpu.1.temperature: 43.0C
  dev.cpu.2.temperature: 41.0C
  dev.cpu.3.temperature: 42.0C
  dev.cpu.4.temperature: 40.0C
  dev.cpu.5.temperature: 40.0C
  dev.cpu.6.temperature: 42.0C
  dev.cpu.7.temperature: 43.0C

e: and see my comment here about the quickstart firewall class options that let you avoid writing any of your own rules until you really want to! A laptop would do well with `firewall_type=client`: https://news.ycombinator.com/item?id=45794391

YorickPeterse 8 hours ago||

> They are not directly comparable since ZFS is also the volume manager for your ZFS filesystems, enabling features like `zfs send` of snapshots or entire filesystems for easy backups.

Btrfs supports both snapshots and sending/receiving them between different hosts. You can also create additional Btrfs subvolumes.

This is mostly what I meant with the differences between zfs and btrfs not being that significant for most: they largely seem to give you the same end result, instead taking a different path to get there. I do know that zfs is better in terms of reliability (or at least people love to bring that up), but it's something I don't have any experience with myself and thus can't comment on.

ssl-3 8 hours ago||

> https://man.freebsd.org/cgi/man.cgi?networking(7)

That document is a stunning illustration of beautiful simplicity.

buildbot 7 hours ago||

Meanwhile on linux, do I use netplan or NetworkManager or Systemd, maybe /etc/network/interfaces?

On the other hand, the lack of broad HW support means that my FreeBSD server burned 2x more power at low to mid usage levels than the same HW running Proxmox.