Let’s start off by looking at, what we believe is, the biggest difference in the two.
First off, Linux itself is a kernel, not an OS!   Distributions (Red Hat, Debian, Suse and others) provide the installer and bundle lots of other open source software.  There are easily well over 300 different Linux distributions. While this gives you a lot of choices, the existence of so many distributions also makes it difficult to use different distros since they are all a little bit different. Distributions don’t just differ in ease-of install and available programs; they also differ in directory layout, configuration practices, default software bundles, and most importantly the tools and prorcedures for software updates and patches.

FreeBSD is a complete operating system (kernel and userland) with a well-respected heritage grounded in the roots of Unix development. Since both the kernel and the provided utilities are under the control of the same release engineering team, there is less likelihood of library incompatibilities. Security vulnerabilities can also be addressed quickly by the security team. When new utilities or kernel features are added, the user simply needs to read one file, the Release Notes, which is publicly available on the main page of the FreeBSD website.

Now, lets look at performance.
With constant development of both Linux and FreeBSD, performance has come a long way with both.  In many applications, a FreeBSD server will use less RAM than a Linux server running the same applications and load.  FreeBSD’s network performance is also bar none, as one would expect since BSD networking code has been used by many other vendors including Juniper to make the foundation of their network operating system JUNOS.  Companies such as Yahoo!, Qwest, and many others utilize FreeBSD simple because of it’s ability to handle heavy network traffic with high performance and rock solid reliability.

One of the most important issues for an OS today is Security.
FreeBSD supports access control lists (ACLs) and mandatory access control (MAC) modules. The latter is of course accessible only to systems administrators and managers, but it enables small businesses to run networks with fine-grained security measures that apply to subsets of the system exposed to the outside world. UFS V2 has excellent ACL support via extended attributes; you must configure UFS V1 separately if ACLs are a requirement. Both FreeBSD and Linux have very robust packet filtering firewall systems, with FreeBSD’s version including intrusion detection tools.

FreeBSD Ports Collection.
The FreeBSD ports system uses Makefiles laid out in a directory hierarchy so software can be built, installed and uninstalled with the make command. When installing an application, very little (if any) user intervention is required after issuing a beginning command such as make install or make install clean in the ports directory of the desired application. In most cases the software is automatically downloaded from the Internet, patched and configured if necessary, then compiled, installed and registered in the package database. If the new port has needed dependencies on other applications or libraries, these are installed beforehand automatically.  This gives many benefits in being able to easily install software and also customize it as needed.

Most ports are already configured with default options which have been deemed generally appropriate for most users. However, these configuration options can sometimes be changed with the make config command before installation or through an ncurses interface allowing the user to graphically select the desired options.

Each port (or software package) is maintained by an individual person called a port maintainer who is responsible for staying current with the latest software developments. Anyone is welcome to become a port maintainer by contributing their favorite piece of software to the collection, currently there are over 20,000 ports.

In summary, many users find that the FreeBSD operating system is the best Unix OS for a server environment since it is one centrally managed project with consistency through all aspects of the kernel and userland.

Read how to test and update your system in this knowledgebase article.

All new VPS deployments we make as of December 3 will have the necessary updates to mitigate this vulnerability.

Currently offering 10% off the first month on all new sign ups until the end of October. When signing up use the promo code “Halloween” to get the discount.

Release Announcement

• The ULE scheduler is now the default in GENERIC kernels for amd64 and i386 architectures. The ULE scheduler significantly improves performance on multicore systems for many workloads.
• Support for using DTrace inside the kernel has been imported from OpenSolaris. DTrace is a comprehensive dynamic tracing framework.
• A new and much-improved NFS Lock Manager (NLM) client.
• Boot loader changes allow, among other things, booting from USB devices and booting from GPT-labeled devices.
• The cpuset(2) system call and cpuset(1) command have been added, providing an API for thread to CPU binding and CPU resource grouping and assignment.
• KDE updated to 3.5.10, GNOME updated to 2.22.3.
• DVD-sized media for the amd64 and i386 architectures

It consists of a set of kernel and user-land extensions targeting the evaluation criteria from Common Criteria for Information Technology Security Evaluation and the Orange Book (a Department of Defense Document that sets standards for community security). Trusted operating systems have requirements above and beyond those of normal operating systems, including that of extensive documentation.

Many features of TrustedBSD that have matured over the past eight years have already made their way into the operating system, as well as those of others (for example, the TrustedBSD MAC framework was used in Apple OS X). Some of the key features being worked on are: access control lists, mandatory access controls, security event auditing, extended file system attributes, the NSA’s FLASK/TE implementation from SELinux to FreeBSD, as well as the development of OpenBSD.

These features should improve the overall security and usability of FreeBSD. Improvements to system privilege will reduce the risk associated with common system management functions. Access control will overall be more discretionary and fine-grained. Also in the works is event auditing support–a system to monitor security events and notify administrators in the case of irregularities.

The project is still under development. For access to documentation as well as some code, visit www.trustedbsd.com.

FreeBSD is a free operating system descended from UNIX. Though it is not exactly like UNIX, it does have compliant internals and system API’s. FreeBSD is different than Linux in that all device drivers, userland utilities, the kernel, etc., are all contained in the same source code tracking tree, whereas with Linux they are all developed separately and packaged in various different ways. So what makes FreeBSD particularly good for a VPS?

(1) Software Flexibility. A standard installation of FreeBSD includes standard UNIX utilities and commands as well as the FreeBSD ports collection, which gives access to over 17,000 free software packages that have already been customized for the FreeBSD environment. FreeBSD users will have everything at their fingertips to run web, email, and database server environments. FreeBSD also has excellent third-party software support, so you will be able to pick the applications that suit your needs.

(2 Industry Standard. Over 30% of the Internet is powered by FreeBSD, including huge websites like Yahoo.com and Hotmail.com.

(3) Performance and Reliability. FreeBSD is a “rock solid” platform. You may recall from our previous article about the recent Firefox upgrade that one of Mozilla’s download mirrors was powered by FreeBSD with fantastic results.

(4) Looking Towards the Future. Because of the increasing success and widespread use of FreeBSD, many web hosts and software providers are scaling down their use of other operating systems and focusing on FreeBSD. It is likely that not far down the line there will be considerably more support and applications available than for other operating systems, especially in the world of VPS’s.

(5) Jails. With FreeBSD, you have the option of having a Jail VPS, which results in higher overall performance due to minimal overhead. With the jail feature, VPS’s can be created on the fly and are ideal for new users since they can be configured without complex firewall rules.

FreeBSD has long been considered the unknown giant among operating systems, but is becoming less and less unknown. As VPS’s become more popular and FreeBSD becomes the standard among VPS’s, you can expect to see it heading even farther out of obscurity.

One notable improvement features the memory allocator “jemalloc,” developed by FreeBSD guru Jason Evans. Firefox version 2 was known as something of a memory hog, and the update improves upon this greatly with upgrades such as a new rendering engine, but Evans’ contribution proved particularly significant. According to Firefox developer Stuart Parmenter, their tests of the browser on Windows Vista showed a 22% drop in memory usage once they turned on “jemalloc.”

Another FreeBSD technology utilized in the Firefox upgrade was the “bsdiff” binary patch system, which allows for reduced software update sizes and faster downloads for end users. In addition, the delivery of the Firefox software relied on FreeBSD as well–Internet Systems Consortium operates one of Mozilla’s download mirrors, powered by FreeBSD 7. During Mozilla’s record-breaking 24 hours of downloading, the server withstood rates of a gigabit per second. ISC referred to FreeBSD as “a rock solid platform.”

Of course, FreeBSD has a long history of being used inside other open-source projects, and this is just one example of the improvements that it can make. And just think: “jemalloc” is already a part of FreeBSD 7. If it can improve the performance of a web browser so drastically, then imagine the potential effect on an entire operating system.