Ok, I'll bite: What do you think is wrong with FreeBSD's network stack?

SomeOtherGuy · on Jan 17, 2012

I don't know what you are biting or why, but your question makes no sense. I didn't say anything was wrong with FreeBSD, I simply pointed out that networking is one of OpenBSD's primary focuses, and as such it offers much more. OpenBSD's firewalling and routing support is miles ahead of FreeBSDs. FreeBSD isn't the best at everything, just as no other OS is.

OpenBSD wrote the best BGP daemon around, the best firewall around, both of which integrate nicely together and with routing domains to allow perfectly fine-grained control of complex routing scenarios, created CARP for address redundancy ala VRRP but sans patent mines, had the very first IPSec implementation, etc, etc, etc. OpenBSD is used almost exclusively for routers, firewalls, VPN gateways, etc. You shouldn't take it as a personal insult that it excels in those roles.

cperciva · on Jan 17, 2012

"I'll bite" == "I'll take the bait".

I agree that OpenBSD has written some nice code, but it's hardly "miles ahead" of FreeBSD considering that FreeBSD includes pf and carp in the base system and openbgpd in the ports tree. The great thing about the BSD license is that when one project does some great work, everybody else catches up quickly. :-)

And I don't take it as a "personal insult" -- I'm just amused by your comment given that FreeBSD's network stack has vastly superior performance and support for far more 10GbE interfaces.

SomeOtherGuy · on Jan 18, 2012

>"I'll bite" == "I'll take the bait".

Which indicates that your mentality is "anyone who says anything is better than freebsd for any purpose must be trolling". That sort of rabid fanboyism doesn't make for productive conversation.

FreeBSD includes a very old, partial port of PF. Even CARP which is very simple is missing functionality in FreeBSD. And as I already mentioned, bgpd is fully integrated with PF and routing domains in openbsd, it isn't in free (which doesn't have routing domains).

>I'm just amused by your comment given that FreeBSD's network stack has vastly superior performance and support for far more 10GbE interfaces.

Did you have some data to support that claim? I've seen no such benchmarks, and the only 10gbe driver freebsd has that net/open haven't pulled in that you can actually purchase hardware for is broadcom, which is broken and can't even do 1gb in reality. All 4 BSDs pull in hardware drivers from each other all the time. The great thing about the BSD license is that when one project does some great work, everybody else catches up quickly. :-)