{"id":145,"date":"1999-11-21T16:48:20","date_gmt":"1999-11-22T00:48:20","guid":{"rendered":"http:\/\/www.jeffcarl.com\/?p=145"},"modified":"2020-07-08T19:04:33","modified_gmt":"2020-07-09T02:04:33","slug":"freenix-flavors-three-demons-and-a-penguin","status":"publish","type":"post","link":"https:\/\/www.jeffcarl.com\/index.php\/1999\/11\/21\/freenix-flavors-three-demons-and-a-penguin\/","title":{"rendered":"Freenix Flavors (Three Demons and a Penguin)"},"content":{"rendered":"\n

By Jeffrey Carl<\/strong><\/p>\n\n\n\n

\"Boardwatch
Boardwatch Magazine, November 1999<\/figcaption><\/figure><\/div>\n\n\n\n

Boardwatch Magazine was the place to go for Internet Service Provider industry news, opinions and gossip for much of the 1990s. It was founded by the iconoclastic and opinionated Jack Rickard in the commercial Internet’s early days, and by the time I joined it had a niche following but an influential among ISPs, particularly for its annual ranking of Tier 1 ISPs and through the ISPcon tradeshow. Writing and speaking for Boardwatch was one of my fondest memories of the first dot-com age.<\/em><\/p>\n\n\n\n

Hi there, and welcome back to the industry\u2019s 216th<\/sup> most influential Unix column. Over the next few months, we\u2019ll be taking an in-depth look at each of the various Freenixes and why your ISP may want to consider them. But right now, it\u2019s time to get familiar with the four big players. How can you tell the Freenixes apart, and which of them is right for your ISP?<\/p>\n\n\n\n

BSD Unix, having grown out of work on the original AT&T Unix code at UC-Berkeley, has been around for about 20 years. Only in the early-to-mid 1990s (after a series of nasty lawsuits) was the BSD project\u2019s code freed up for use in free Unixes. The BSD development model centered around a \u201ccore group\u201d that handled work on the code, and the free BSD Unix movement quickly splintered into three main groups, each with a different focus.<\/p>\n\n\n\n

The BSD groups tended to disdain the pseudo-Leninist rantings of Richard Stallman\u2019s  GNU\/TAISR (GNU\u2019s Not Unix\/This Acronym Isn\u2019t Self-Referential) camp, and used the \u201cBSD\u201d software license, which held sort of a middle ground between commercial software and free software. The BSDs attracted a following of (relatively) old-school sysadmins and hackers \u2013 the sort of people who generally disdain pine<\/strong> and elm<\/strong> as \u201ctoo user friendly.\u201d Partially as a result, development for these OSes tended towards optimizing them for server use, and neglecting support for consumer-oriented devices (like IDE drives, fancy video cards, etc.).<\/p>\n\n\n\n

Meanwhile, a Finnish computer science student, Linus Torvalds \u2026 blah blah blah. I\u2019ll skip this part, since if you haven\u2019t heard the story of Linux already, you probably should put down Boardwatch<\/em> and go pick up a copy of the Yahoo! Internet Life<\/em> special edition on how to turn off your computer safely. Anyway, Linux\u2019s development model encouraged code warriors and wackos alike to develop for the OS under the GNU Public License (GPL), and attracted the loving attention of the GNU project itself. Before long, Linux had emerged with a big stack of available software, and a large corps of devoted developers. Its more decentralized model not only encouraged people to write drivers for consumer (rather than server) oriented devices, but also bred a following of experienced admins as well as young geeks-in-training. Therein lay the difference. <\/p>\n\n\n\n

These young Linux zealots were, by and large, the force that popularized Linux. They had a fanatical love for their OS that was unmatched except for Macintosh users (who, during the mid \u201890s, had largely retreated to living in caves and praying for someone to port a game to their OS besides Solitaire). Linux became cool<\/em> . Zealous advocates led to press coverage, which led to more developers, which led to better code and greater device support, which led to more new and more fanatical users \u2026 leading to the Linux love-fest currently underway. <\/p>\n\n\n\n

So, where were the BSDs? Generally, they quietly went about their way, still running their servers and occasionally poking their heads in on Linux-advocacy-oriented (but useful to all *nix users) news site Slashdot.org, offering \u201c(Score 1: Insightful)\u201d comments and not rocking the boat. FreeBSD reacted to the surge in Linux development with remarkable grace, building in a Linux binary compatibility module and sidestepping a potential war over developers. But lately, some BSD users have started agitating for more attention to the BSDs \u2026 and BSD partisans have become bolder about advocating their *nix of choice.<\/p>\n\n\n\n

For the three or four of you who are still reading, let\u2019s take a dive into each of the various Freenixes:<\/p>\n\n\n\n

Linux: The World\u2019s Most Popular Unix<\/h2>\n\n\n\n

Focus<\/strong>: Unix everywhere, for everyone, as both a server OS and a desktop OS.<\/p>\n\n\n\n

Platform\/CPUs<\/strong>: You name it. I\u2019m surprised they don\u2019t have an Atari 2600 port yet. <\/p>\n\n\n\n

What\u2019s Good for ISPs<\/strong>: If you\u2019re relatively new to Unix, if you\u2019re after ease of use, or if you\u2019re looking for an Internet server platform that can run on almost any hardware and offers a wide range of cool applications, Linux is your choice.<\/p>\n\n\n\n

Of all *nixes, Linux is the most oriented towards ease of use and administration. Linux has the widest user base, and the most active development community \u2013 meaning that a lot of new device drivers and third-party applications will be out for Linux first (and maybe only for Linux). Linux\u2019s heavy consumer usage has also led to its being the<\/em> *nix for cool new free graphical shells (like KDE or GNOME\/Enlightenment) and administration utilities. Fruits of this wide developer base (both commercial and free) include excellent solutions for dialup authentication, webserving (including third-party ASP support, Real and QuickTime streaming, Cold Fusion, etc.), mail servers, commercial database packages, firewalls, AppleTalk or SMB networking, security tools and others. Linux is gradually joining Solaris as \u201cthe\u201d Unix for commercial developers.<\/p>\n\n\n\n

Linux has the most support options, as well. In addition to the usual free online user community support, many Linux distributions offer installation and technical support (for example, if you pay $90 for convenient Red Hat install CDs, they\u2019ll give you 30 days of installation support and 90 days of technical support). There is an abundance of books about installing, running and administering Linux. Of all Freenixes, Linux is also the most \u201cready for prime time\u201d in terms of corporate deployment: a number of companies from Red Hat to LinuxCare offer enterprise-ready tech support packages. Plus, with its press coverage, and vendors from Intel to IBM standing behind Linux, it\u2019s closest to being the Freenix that is easiest to explain to your \u201ccloobie\u201d boss.<\/p>\n\n\n\n

But Linux isn\u2019t just for new users. Linux is second only to (yech) Windows NT in terms of tuning for high-end multiprocessor systems. It\u2019s a safe bet that there will be a solid Linux for Intel\u2019s IA-64 architecture before 64-bit NT is even in public beta. And Linux\u2019s wide developer base makes it likely to catch up rapidly in those performance areas where it\u2019s currently behind.<\/p>\n\n\n\n

What\u2019s Bad for ISPs<\/strong>: Linux may be spreading itself thin.<\/p>\n\n\n\n

The more devices you try to support with an OS, the fatter (and more bug-prone) your code becomes and the more your stability is likely to suffer. Of course, the open-source, open-development nature of Linux is designed<\/em> to fix these bugs quickly; but it\u2019s still an issue. It\u2019s relatively easy with Linux to pare down your kernel (the \u201ccore\u201d OS software that interfaces between the hardware and applications) to support only the devices and services you need. But a default installation is likely to contain more than you need \u2013 and the inexperienced users Linux is most popular with are the least likely to be able to properly configure their OS. And the time spent by developers on writing a driver so that Linux can use 5 1\/4\u201d floppy drives is time that theoretically<\/em> might have gone towards tuning it better for more common uses.<\/p>\n\n\n\n

Also, the wide variety of Linux distributions can sometimes make software installation confusing. All Linux distributions are based on one of the \u201cLinus-approved\u201d stable kernels; but the specific kernel (and version of the code libraries to support applications) they include sometimes vary widely. Some distributions (most notably Red Hat) are more anxious to move to upgraded (and potentially less stable) versions of these libraries than others. Some Linux software is beginning to appear which is dependent upon (or at least tuned to) a specific distribution, fragmenting the Linux community.<\/p>\n\n\n\n

The much-vaunted user-friendliness of Linux is also a relative term. Compared to MacOS or even Windows, Linux still has miles to go in terms of developing a fairly \u201cidiot-proof\u201d interface. Of course, this is a fault of all Unixes \u2013 any OS essentially written by programmers, for programmers is going to have a big gap between its developers\u2019 idea of \u201cuser-friendly\u201d and its actual users (who programmers refer to as \u201cmorons\u201d).<\/p>\n\n\n\n

Lastly, Linux simply lacks the time that the BSDs have had to improve the maturity of its code base. There are still plenty of things missing in Linux (like the much-lamented lack of a true multi-threaded TCP\/IP stack) that the BSDs implemented long ago. As a result, if your main interest is network performance on a single-processor machine (and you aren\u2019t dependent on any of the Linux-specific software), Linux is simply not going to be your first choice.<\/p>\n\n\n\n

FreeBSD: BSD Performance for x86<\/h2>\n\n\n\n

Focus<\/strong>: The ultimate Internet server for x86 hardware \u2013 with Linux emulation for consumer\/hobbyist users.<\/p>\n\n\n\n

Platform\/CPUs<\/strong>: The Intel x86 architecture, first and foremost. A port for Alpha is also available. Theoretically, Darwin (the open-source part of Mac OS X Server) is largely tied to FreeBSD for its code base, and might be considered to be a PowerPC port of the OS, running on top of the Mach Microkernel. Or maybe I\u2019m just nitpicking.<\/p>\n\n\n\n

What\u2019s Good for ISPs<\/strong>: FreeBSD is the server performance-leading BSD Unix for the x86 architecture. (Note for BSDI users<\/em>: BSD\/OS is well-tuned for this purpose, but it\u2019s expensive, and I\u2019m a cheap person, so we won\u2019t discuss BSD\/OS here.)<\/p>\n\n\n\n

If what you really<\/em> care about is fast networking performance running Apache, Sendmail or other common apps on cheap x86 hardware, FreeBSD is your OS. End of story. The *BSD model (with a small team of experienced developers rather than a horde of free-for-all developers like Linux) tends to generate more bug-free code right out of the gate (although I wouldn\u2019t necessarily run anything more mission-critical than Xtetris on FreeBSD-current). <\/p>\n\n\n\n

FreeBSD’s TCP\/IP stack is the reference code base on which so many other network stacks have been based. FreeBSD has a fairly impressive set of users, including Yahoo, Xoom, ftp.cdrom.com, some parts of Hotmail (Hey, kids! Can you say \u2018failed NT conversion?\u2019 Good.\u201d) the IMDB and others. On top of all this, FreeBSD includes a very good Linux binary compatibility module, and they\u2019ve been very good about supporting \u201cLinux-first\u201d development with it instead of igniting a Freenix developer-choice war. FreeBSD also includes compatibility modules for SCO, NetBSD, and BSD\/OS.<\/p>\n\n\n\n

FreeBSD\u2019s ports collection is a fantastic way of finding new software and upgrading old versions. Also, if you\u2019re willing to get your hands dirty (read: no GUI) and make the source updates for FreeBSD, their upgrade process is very<\/em> slick and relatively painless.<\/p>\n\n\n\n

What\u2019s Bad for ISPs<\/strong>: All of the BSDs share some common problems. First is that they\u2019ve fallen out of commercial favor, and they lack the third-party application support of \u201chip\u201d Unixes like Linux or Solaris. The FreeBSD Linux compatibility layer is great, but isn\u2019t a \u201cfirst-choice\u201d solution (e.g., if you depend on mission-critical software for which there is a Linux port but not one for FreeBSD, you may think twice). Add to this the problem that the *BSD development model leads to higher-quality code but slower development. <\/p>\n\n\n\n

None of the BSD Unixes are an optimal choice (at least compared with Linux) for new Unix users; it\u2019s best reserved for people who are either willing to take on its steep learning curve, or have learned Unix already. Also, finding good printed documentation on *BSD systems is like finding a network engineer with a hot blonde girlfriend.<\/p>\n\n\n\n

FreeBSD (like most other *BSDs) currently suffers from an identity crisis: is it the work of part-time developers or an OS to compete with commercial *nixes? FreeBSD\u2019s developers occasionally seem to be caught between saying \u201cit\u2019s enterprise-ready software you can depend on\u201d and saying \u201clook, we\u2019ll fix that when we have time, what do you expect for free?\u201d It\u2019s excellent software, but sometimes little things (like full POSIX threads support) may get broken and not be fixed for weeks or months. FreeBSD (like the other BSDs) also isn\u2019t as tuned for multiprocessor machines and high-end hardware as Linux is. Lastly, if you\u2019re the corporate type looking for commercial support, your options with any free BSD are far<\/em> more limited than with Linux.<\/p>\n\n\n\n

NetBSD: BSD for the Masses<\/h2>\n\n\n\n

Focus<\/strong>: Bringing a solid BSD to as many platforms as possible<\/p>\n\n\n\n

Platform\/CPUs<\/strong>: x86, Alpha, Motorola m68k, PowerPC, SPARC, MIPS, ns32k, arm32, VAX (with varying degrees of stability and support)<\/p>\n\n\n\n

What\u2019s Good for ISPs<\/strong>: NetBSD shares the attractiveness of Linux in that you can probably pick up any old (or new) computer and get it to run. NetBSD has the advantage (and disadvantage) of sharing the other BSDs\u2019 code maturity and development philosophy, but with the ability to run well on a wide range of platforms.<\/p>\n\n\n\n

If you\u2019re already familiar with BSD Unix and you want to use it on non-x86 hardware (or you want to standardize on one OS across multiple platforms), NetBSD is your first choice (and, depending on your target platform, maybe your only choice). If you are looking for *BSD\u2019s proven performance with networking, and you want to use it on any platform, NetBSD is the way to go. <\/p>\n\n\n\n

What\u2019s Bad for ISPs<\/strong>: NetBSD\u2019s strength is also its weakness. It sits in sort of a middle position among BSDs, being widely available but not optimized for any one task. In a way, it\u2019s sort of a \u201cjack of all trades, master of none.\u201d It\u2019s unclear, for example, whether you\u2019d get better network performance on a PowerPC machine with NetBSD or with LinuxPPC, which has spent a great deal of time optimizing its OS for that CPU architecture. Therefore, it likely won\u2019t be your first choice of OS for platforms which other Freenixes tune themselves to.<\/p>\n\n\n\n

Also, the various NetBSD platforms are each supported to a greater or lesser degree (depending on the activeness of their development team), and you may be left at your development team\u2019s mercy while waiting for a critical upgrade. NetBSD shares the common faults of the other BSDs as well, and its mission has left it as sort of the \u201cforgotten\u201d BSD among the others which are more optimized for a given task.<\/p>\n\n\n\n

OpenBSD: The Bugtraq Junkies\u2019 Choice<\/h2>\n\n\n\n

Focus<\/strong>: Unix for security junkies.<\/p>\n\n\n\n

Platform\/CPUs<\/strong>: x86, Alpha, Motorola m68k, MIPS, some PowerPC designs, SPARC (plus some other platforms which aren\u2019t \u201cofficially\u201d supported but for which a port exists)<\/p>\n\n\n\n

What\u2019s Good for ISPs<\/strong>: OpenBSD is about security: it also considers security and software quality to be one and the same. Plus, they\u2019re based out of Canada, and can therefore bypass some of the US\u2019s bizarre federal cryptography\/security laws.<\/p>\n\n\n\n

In the OpenBSD team\u2019s view, here’s how it works. Buggy software can lead to security vulnerabilities \u2013 buffer overruns, sloppy system calls, poor management of root (administrator) privileges and so on. The OpenBSD developers started an audit (two years and still going) of the source code and found thousands of bugs. Some were security-related, or might have been exploited in combination with other bugs; but most were not. Their end goal is not only a more secure OS, but also one that’s \u201cmore reliable and trustworthy.\u201d Of course, since the *BSD codebase is largely similar, other BSDs are able to benefit from the security fixes made by OpenBSD.<\/p>\n\n\n\n

Another important aspect of security is the “secure by default” configuration as shipped on the OpenBSD CD-ROM releases and weekly snapshots. OpenBSD’s default installation doesn\u2019t enable potentially risky protocols without the consent of the administrator. This is very important for experienced admins on a busy schedule who don\u2019t want to play detective with netstat<\/strong> and ps -auxw<\/strong> to secure a new server; on the other hand, if you don\u2019t know how to enable fingerd<\/strong> and you want it, then you\u2019re pretty much stuck.<\/p>\n\n\n\n

OpenBSD’s integrated cryptography can help an ISP that\u2019s looking to differentiate itself through its security. First, the built-in implementation of the emerging IP Security (IPsec<\/strong>) standards allow you to offer virtual private networks (VPNs) to corporate clients. OpenBSD’s IPsec interoperates with implementation from major vendors. Second, ISPs can securely access remote POPs, even for root logins. Third, OpenBSD supports (among other cryptographic tools) SSL (Secure Sockets Layer) for secure https<\/em> Web servers almost \u201cout of the box.\u201d To enable it, sysadmins just need to download one shared library file to get around the RSA patent restrictions.<\/p>\n\n\n\n

What\u2019s Bad for ISPs<\/strong>: While OpenBSD can incorporate the code improvements made by the other BSDs, it has a smaller full-time development team than any of the other Freenixes (the average McDonald\u2019s has more people working on Chicken McNuggets than OpenBSD has on full-time development), and thus upgrades may come slower. Security comes at the expense of rapid development, and hardware or software may not be supported for months (if at all) after Linux or FreeBSD can. <\/p>\n\n\n\n

OpenBSD of course shares the common faults of the *BSD family. Also, for experienced sysadmins who are confident that they can handle their own OS security (or simply don\u2019t care), OpenBSD lacks both the x86 performance optimization of FreeBSD and some of the platform availability of NetBSD or the other benefits of Linux. Simply put, if you care more about performance or third-party application support than security, OpenBSD is probably not for you.<\/p>\n\n\n\n

Conclusions<\/h3>\n\n\n\n

So \u2026 where does this leave this ISP looking for a free Unix? Probably, it leaves them with a headache, since it\u2019s becoming more and more difficult to find an unbiased and rational comparison of the OSes involved. To sum up: Linux is relatively immature, but it has the most active developer community, it runs on almost any hardware, it\u2019s the most user-friendly Unix for novices, and it has the best third-party application support. FreeBSD concentrates on optimizing BSD Unix for the x86 platform, and it shows in its networking performance. NetBSD concentrates on bringing stable BSD to a wide variety of platforms. If your primary concern is security, OpenBSD is the Freenix for you.<\/p>\n\n\n\n

What do you<\/em> think? Send questions, comments and lavish praise to jcarl@servint.com<\/a>. Hate mail should be addressed to John Dvorak.<\/p>\n","protected":false},"excerpt":{"rendered":"

By Jeffrey Carl Boardwatch Magazine was the place to go for Internet Service Provider industry news, opinions and gossip for much of the 1990s. It was founded by the iconoclastic and opinionated Jack Rickard in the commercial Internet’s early days, and by the time I joined it had a niche following but an influential among … Continue reading Freenix Flavors (Three Demons and a Penguin)<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":22,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8,66,64],"tags":[],"class_list":["post-145","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-boardwatch-writing","category-tech","category-the-best-of-jeffcarl-com"],"jetpack_featured_media_url":"https:\/\/www.jeffcarl.com\/wp-content\/uploads\/2020\/04\/bwatch.gif","_links":{"self":[{"href":"https:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/posts\/145","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/comments?post=145"}],"version-history":[{"count":2,"href":"https:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/posts\/145\/revisions"}],"predecessor-version":[{"id":474,"href":"https:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/posts\/145\/revisions\/474"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/media\/22"}],"wp:attachment":[{"href":"https:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/media?parent=145"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/categories?post=145"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/tags?post=145"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}