- LLVM/Clang (it's a matter of taste, but it's also the feature :-) )
- FreeBSD Jails and Mac (These are extremely strong security features if implemented correctly. Especially jails are really undervalued/misunderstood IMHO.)
- State-of-art network stack (faster than any other BSD or Linux. Supports technologies like NetMap)
- ZFS support (important for both desktops/servers)
- PF version runs on multiple cpus (OpenBSD's version is more advanced though)
- DTrace (although not mature enough IMHO)
- Better hardware support (e.g. wifi cards)
- BHyve (virtualisation)
- Capsicum (security)
Other little things like:
- Unmapped VMIO buffers
- Variable symlinks (used under jails)
Now generally speaking, choosing an operating system due to bigotry and what-not is stupid. Most of the times, engineers go with what they need: If you need a secure bastion, OpenBSD gives you more although FreeBSD can be turned virtually impenetrable as can Linux. OpenBSD comes with more bells and whistles on this particular area though.
So all in all, it boils to what you need. The major reason why people choose FreeBSD over OpenBSD is because the 'security level' of the OS is more than acceptable while retaining a much better hardware support.
Don't forget that only FreeBSD has the nVidia binary drivers, too. (Neither have nouveau anymore.) So if you have such a card, OpenBSD defaults to the "nv" driver, which somehow manages to be about 20x slower than the VESA driver, before MTRR write-combine tweaking (side tangent: OpenBSD also lacks an MTRR tweaking tool, like memcontrol.) Moving a window literally locks up your desktop for 30-90 seconds as you see it slowly redrawing its way along. How they managed that one I will never know, but they did.
I'm all for open source all the way, especially on a secure system, but OpenBSD+nVidia is basically unusable on the desktop. And that's a huge class of systems. You can't buy Intel PCIe cards; and AMD drivers are always a buggy mess.
> PF version runs on multiple cpus (OpenBSD's version is more advanced though)
I really hate the trade-off of FreeBSD SMP support, or OpenBSD queuing support. (yes, you can compile a FreeBSD kernel with ALTQ, but it's said to be buggy with SMP.)
I will admit to not having tried it. This is what I read when I was researching why it wasn't enabled by default.
Any thoughts on why they leave it off out of the box, then? I know it's not crazy hard to build a kernel (used to have to do it to get sound support in the 4.x series), but I'd rather not build kernels if I don't have to =)
I'm glad they work for you. If you want to stop by my place and see the fun rendering bugs I get, like corrupted gibberish when menus first spawn, random artifacts being left on the screen, valid OpenGL shaders (that work on Windows/AMD) not running correctly, etc ... I'd be happy to show them to you.
I've tried this with both FreeBSD 10.1 and OpenBSD 5.6. Maybe I just have an unlucky video card. If you weren't being such a dick about it, I might ask which exact card you were using to give that a shot, but don't bother inconveniencing yourself I guess.
Second this. The AMD open source Linux drivers are better than the Nvidia ones. It's the proprietary where Nvidia wins. You don't really need those unless you want to run games, though.
If I call Bob a shit, that is personal abuse. I am saying he is garbage, and that is wrong.
If I say Bob is full of shit, that is saying he is wrong. If I am correct in my assessment of is incorrectness, that is right. If I am incorrect in my assessment, then I am full of shit.
If I say Bob took a shit, that is a factual observation. It can be right or wrong, depending on if Bob was actually the one who stunk up the bathroom.
In this case Bob was either lying or misguidedly saying stupid shit, which is why he was told he was spreading shit. Bob was wrong.
It was not an attack on Bob, it was a rebuke of Bob's incorrect statement. When you say stupid shit like that, you're spreading shit.
> - FreeBSD Jails and Mac (These are extremely strong security features if implemented correctly. Especially jails are really undervalued/misunderstood IMHO.)
Aren't these are only necessary if you let people you don't trust into your system?
> - PF version runs on multiple cpus (OpenBSD's version is more advanced though)
Personally I dislike running PF on FreeBSD as it requires me to resort to old docs and use old syntaxes.
Jails also have resource limits, so you can have a group of processes that are related, but not started from the same executable, be held to a certain amount of CPU, memory, etc usage. They're also useful in testing/debug situations; coupled with ZFS' copy on write features, they let you quickly create identical environments which can be real helpful in trouble isolation.
Jails provide some protection to the base OS even if the network exposed service running in the jail is compromised. It for much more than local exploits.
Also, and this is perhaps weird to non-users, but true, FreeBSD has a well supported base AMI in AWS EC2. It's an edge case, but it's a big reason I rely on FreeBSD over OpenBSD.
you're right on quite a few things, but bhyve is no where near production quality -- alpha at best. and openbsd has a wider and stronger support of wifi cards.
For me, not being able to run a current kernel-accelerated qemu is a real problem. Is there anything preventing this work from being done, or is it just a matter of bhyve having the momentum so nobody's bothering?
- LLVM/Clang (it's a matter of taste, but it's also the feature :-) )
- FreeBSD Jails and Mac (These are extremely strong security features if implemented correctly. Especially jails are really undervalued/misunderstood IMHO.)
- State-of-art network stack (faster than any other BSD or Linux. Supports technologies like NetMap)
- ZFS support (important for both desktops/servers)
- PF version runs on multiple cpus (OpenBSD's version is more advanced though)
- DTrace (although not mature enough IMHO)
- Better hardware support (e.g. wifi cards)
- BHyve (virtualisation)
- Capsicum (security)
Other little things like:
- Unmapped VMIO buffers - Variable symlinks (used under jails)
Now generally speaking, choosing an operating system due to bigotry and what-not is stupid. Most of the times, engineers go with what they need: If you need a secure bastion, OpenBSD gives you more although FreeBSD can be turned virtually impenetrable as can Linux. OpenBSD comes with more bells and whistles on this particular area though.
So all in all, it boils to what you need. The major reason why people choose FreeBSD over OpenBSD is because the 'security level' of the OS is more than acceptable while retaining a much better hardware support.