2007年12月4日 星期二

Differentiating Among BSD Distros

Organizations that want to use a public Unix variant have two solutions from which to chose: Linux and BSD. The much talked about Linux camp contains a variety of distributions that include different utilities and tool sets. The same is true of the less frequently covered BSD camp. This article compares and contrasts the four main BSD variants and offers recommendations for both server- and desktop-based solutions.

BSD History

There are four main BSD variants. Three of these (FreeBSD, OpenBSD, and NetBSD) are totally free; the fourth (Mac OS X) is technically the core part of an operating system that most wouldn't even consider a BSD variant. To understand the differences between the various versions, let's briefly recap the history of BSD to understand how the different versions have developed.

Today's BSD variants are open source versions of the original AT&T Unix operating system. In fact, they all come from the Unix developed at the University of California Berkeley, and BSD is actually short for Berkeley Software Distribution. A significant part of the original BSD code was based on the AT&T Unix code, which wasn't free. Through efforts on the part of a few key members of the original BSD development team, such as William F. Jolitz, the final parts of the code were developed under an open source license and produced 386BSD.

In 1993, 386BSD was forked into two of the main versions we know today: NetBSD and FreeBSD. They were formed with different aims and goals. Not surprisingly, each has its own history. OpenBSD, the third variant, arrived in 1996 and was developed specifically to address some of the security concerns in the other variants.

The BSD incorporated into Mac OS X is known as Darwin. It is available as a completely separate component. Darwin itself is derived from the BSD layer of the NextStep operating system, developed by NeXT, the company set up by Steve Jobs after he left Apple in the 1980s. Technically, Mac OS X is based on the FreeBSD core, with OS X 10.3 based on FreeBSD 5.x. It is, however, extremely customized beyond the base BSD code. The key benefit with Mac OS X is the Aqua GUI that allows OS X to operate like the original Mac OS operating system but still have all the benefits and flexibility of an efficient BSD kernel.

Common Features

Like other Unix variants, the four BSD distros provide similar basic functionality. All contain the following core components:

  • Kernel — Pre-emptive, multitasking with job control
  • Security — The basic log-in and authorization system
  • Shell Interface — The Bourne, C, Korn, and other third-party shells
  • Networking — Adherence to the TCP|UDP/IP standard and support for all the base protocols (e.g., finger, telnet, NFS, and FTP)
  • Third-Party Networking — Support for Apache, Mac file sharing (through NetAt), and Windows file sharing (through Samba)
  • Base Utilities — Rich, built-in utility list, including awk, cut, paste, sed, and ed

In addition, because it is a Unix-like operating system, most of the other tools, utilities, and systems, such as Perl, Python, Apache, MySQL, PostGreSQL, Java, C/C++, work with BSD. However, because it is a less popular Unix alternative than Linux, fewer prepackaged applications are available. Some BSD variants do come with a Linux compatibility package, though, that enables them to execute Linux applications (from the same platform) directly.

BSD systems have a reputation for better reliability than some alternatives, largely because they are developed with smaller, more focused development teams. They also boast a more mature code base, as a significant proportion of the BSD ethos come from the very earliest forms of Unix.

So with all these similarities, how does one differentiate the various versions and choose which to deploy?

FreeBSD

FreeBSD came to be one of the most popular BSD revisions after its early release through Walnut Creek CD-ROM, an early pioneer in distributing free and open source software on CD before the explosion of the Internet. Its primary platform is the x86 PC, including the current AMD and Intel 64-bit variants, though it also has a presence on Sun's SPARC platform.

The main focus for FreeBSD is performance, particularly of the TCP/IP stack with a number of companies, including Yahoo, using FreeBSD as an Internet server platform. FreeBSD holds the unofficial record for transferring data, having achieved more than 2 Terabytes of data from one server running the OS. It follows from this statistic that FreeBSD is also one of the most stable OSes available.

The developers of FreeBSD put a lot of effort into making the system as easy to use as possible. Thus, FreeBSD has one of the easiest installs of all the Unix platforms. Once the system has been installed, you can easily download, compile, and install additional packages through the built-in ports system, a third-party solution that automates the process. The Ports Collection downloads the necessary files, checks the files for integrity, builds the application, and then installs the application. This simplifies one of the most time-consuming aspects of deploying applications to different computers.

FreeBSD at a Glance

Home Page http://www.freebsd.org/
Platforms i386, Alpha, IA-64, AMD64, and UltraSPARC
Original Release December 1993
Focus High performance computing, ease of use, and stability

NetBSD

NetBSD was released a few months before FreeBSD. Unlike FreeBSD, which concentrated on the performance and best-quality support for its main target platform, NetBSD was developed to support as wide a platform base as possible. It would be difficult to list all available versions of NetBSD, but it runs on more than 50 platforms, from mainstream ones, such as x86 and SPARC, to niche products like Sega's Dreamcast and a number of hobbyist, handheld, and embedded devices.

This portability gives NetBSD an edge. Although it gives the OS an air of disparity, the reality is different. The variety of platforms supported means the code is efficient and secure, with a wide range of experience that improves the OS as a whole.

The range of support also means NetBSD runs on much more powerful hardware than is supported by other distributions. Higher-end dedicated Unix workstations from Sun, Hewlett-Packard, and the old Digital/Compaq Alpha platform can be used with NetBSD to provide all of the stability and performance of the BSD platform while giving a new lease of life to older available hardware.

The portability is also a major attraction as a deployment and re-development choice for those building their own computers, or using one of the many embedded hardware solutions. This keeps NetBSD as a popular choice in universities and science labs.

NetBSD at a Glance

Home Page http://www.netbsd.org/
Platforms Just about all
Original Release December 1993
FocusPortability and stability


OpenBSD

OpenBSD was developed by Theo de Raadt after a disagreement over the future of the NetBSD code. OpenBSD development began by focusing on producing an incredibly secure OS, and it's an approach that continues to this day.

Unlike other BSD variants, and most Unix flavors, OpenBSD is installed with everything but the absolutely essential services disabled. Users used to having NFS, Telnet, finger, FTP and other features running out of the box on a Linux installation will find they have to specifically enable, rather than disable, these services on OpenBSD. OpenBSD was designed this way to eliminate the possibility of these 'accidentally' being open and therefore causing a potential security breach.

OpenBSD also includes a range of built-in cryptography standards, such as RSA, Blowfish, DES, and full support for the IPSec TCP/IP security system. Cryptographic support is further enhanced with support of a number of hardware accelerators, including many of the third-party PCI cards and support for newer systems, such as the Random Number Generator and Advanced Encryption Standard built into the latest VIA C3-series CPUs. OpenBSD is well suited for use in a network router, firewall, and secure Internet service solution because of its high level of built-in security and encryption.

OpenBSD's overall security is further enhanced by a strict method of code testing and auditing. The code has been examined, virtually line by line, to find potential faults in the system. Thus, gaps in the OS, both real and potential, are plugged before they can be used and exploited.

The result — an OS that for years has not had a remote-root exploit of the type often found on other operating systems.

OpenBSD at a Glance

Home Page http://www.openbsd.org/
Platforms i386, Alpha, AMD64, sparc, sparc64, hp300, hppa, mac68k, macppc, mvme68k, mvme88k, and vax
Original ReleaseNovember 1995
FocusSecurity and code purity

Mac OS X

Darwin, the kernel on which Mac OS X is based, is itself based on the FreeBSD code with a custom Mac kernel in place of the standard BSD kernel. Darwin's main focus is to provide the base on which the rest of the Mac OS X environment runs. Although Darwin is not designed as an alternative to other BSD offerings, it does have a place in the BSD space.

Most users logging in remotely to an OS X machine would hardly notice a difference in the environment if they didn't look around too closely. The same utilities and environment are available as within a genuine FreeBSD environment.

The Darwin project is completely open source, Apple makes the system and source code available online, and changes to the Darwin code are rolled back into the FreeBSD source tree. Darwin is supported on both the PowerPC and x86 platforms, which often surprises people.

Where Darwin differs from the three other distros is that it forms the base of the Mac OS X operating system. A proprietary suite of tools and a user environment (Aqua) built on top of the Darwin core provide a user interface not vastly different from the Mac OS 9 and earlier interfaces for which Apple is famous. It is through Aqua that the majority of custom and commercial applications, including Adobe InDesign, Illustrator, and Microsoft Office are made available.

Despite the additional applications and interface options supported by Aqua and Mac OS X as a whole, underneath, the FreeBSD core is always available. You can open a shell interface through the Terminal application; there is support for X Windows System based applications; and you still have access to Perl, Python, MySQL, Apache, and any other Unix-compatible tools.

The Darwin core is an open source project, with Apple and members of the Darwin community enhancing the Darwin code and extending the operation and functionality of the system. Ultimately, any changes made in Darwin make their way into other parts of the BSD family. Apple is also helping to support the BSD community as a whole, so improvements to the BSD platform flow freely between the Apple and community camps.

Darwin/OS X at a Glance

Home Pagehttp://developer.apple.com/darwin/
Platformsx86 (Darwin only) and Mac (Darwin+OS X)
Original ReleaseMarch 1999
FocusEase of use


Choosing a Desktop Solution

Which flavor of BSD you chose should depend largely on what hardware the desktop uses. On an Intel- or AMD-based PC, FreeBSD is a stable and widely supported choice. For older hardware, or hardware that is not exactly mainstream, NetBSD might be a better solution. NetBSD is even more suitable for developing and deploying an application on one of the many embedded solutions, as you can probably use NetBSD on both platforms.

If you need a Unix environment but also want access to commercial applications like Microsoft Office, or products from Adobe, Alias, and others, Mac OS X delivers the best of both worlds. The FreeBSD-like kernel provides a complete set of standard Unix utilities and libraries that enable you to use the BSD and OS X elements simultaneously.

For the record, OS X is my platform of choice. I develop Web applications using Perl, MySQL, and others while writing articles and books using Microsoft Word, all on a Power book G4 running OS X.

Choosing a Server Solution

OpenBSD is the obvious choice on the server because of its very high security principles. With such a safe environment it's easy to deploy an OpenBSD-based server without worrying too much that the system or network will be compromised. OpenBSD, in particular, is ideal for use as a public-side server on the network and for providing firewall and proxy services between the Internet and an internal network.

For a pure Web server, FreeBSD is also a good choice purely because of its stability on key hardware platforms like x86. The quality of the disk drivers and networking stack means exceptionally high levels of availability. It's also possible to make FreeBSD more secure by specifically disabling the services you don't need to support.

If you prefer to work within the general security of the BSD platform, but with a friendlier configuration and management environment, consider Mac OS X Server. It provides all the benefits of the FreeBSD platform, with a friendlier front end. OS X Server provides more extensive support for Apache; file sharing through NFS, AppleTalk, and Samba; a built-in firewall and VPN; directory services through OpenLDAP; and audio/video streaming through QuickTime. This functionality comes pre-configured and ready to use.

All of this comes at a price. Unlike other offerings, OS X Server is a commercial product. Although Darwin is free, the configuration and management tools built into OS X Server make it so nice to use compared to the other BSD options.

All in all, when evaluating a Unix-based OS other than Linux, all of the BSD variants are equally matched.

沒有留言: