os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Update and modernize the features.xml page

Browse source 
Translators take note: this is a full rewrite.  Starting with old
content will likely not be helpful.

Submitted by:	Chris Petrik <c.petrik.sosa@gmail.com>
Submitted by:	Isaac (.ike) Levy <ike@blackskyresearch.net>
Reviewed by:	-doc
Approved by:	bcr (mentor)
This commit is contained in:
Eitan Adler 2013-01-29 23:24:39 +00:00
parent bcd7d29a1e
commit efa3c95c30
Notes: svn2git 2020-12-08 03:00:23 +00:00 
svn path=/head/; revision=40807
1 changed files with 97 additions and 199 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

296
en_US.ISO8859-1/htdocs/features.xml
View file

@ -5,7 +5,7 @@
]>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<head>
<title>&title;</title>
<cvs:keyword xmlns:cvs="http://www.FreeBSD.org/XML/CVS">$FreeBSD$</cvs:keyword>
@ -13,222 +13,120 @@
<body class="navinclude.about">
<h1>FreeBSD offers many advanced features.</h1>
<h1>&os; offers many unique features.</h1>
<p>No matter what the application, you want your system's resources
performing at their full potential. FreeBSD's focus on
performance, networking, and storage combine with easy system
administration and excellent documentation to allow you to do just
that.</p>
<p>No matter what the application, you want your system's
resources performing at their full potential. &os;'s focus
on performance, networking, and storage, combined with easy
system administration and excellent documentation to allow
you to do what you want.</p>
<h2>A complete operating system based on 4.4BSD.</h2>
<p>FreeBSD's distinguished roots derive from the <b>BSD</b>
software releases from the Computer Systems Research Group at the
University of California, Berkeley. Over ten years of work have been
put into enhancing BSD, adding industry-leading SMP, multithreading,
and network performance, as well as new management tools, file
systems, and security features. As a result, FreeBSD may be found
across the Internet, in the operating system of core router products,
running root name servers, hosting major web sites, and as the
foundation for widely used desktop operating systems. This is only
possible because of the diverse and world-wide membership of the
volunteer FreeBSD Project.</p>
<p>&os;'s distinguished roots derive from the <b>BSD</b>
software releases from the Computer Systems Research Group at
the University of California, Berkeley. Over fifteen years of
work have been put into enhancing &os;, adding
industry-leading scalability, network performance, management
tools, file systems, and security features. As a result,
&os; may be found across the Internet, in the operating system
of core router products, running root name servers, hosting
major web sites, and as the foundation for widely used desktop
operating systems. This is only possible because of the
diverse and world-wide membership of the
volunteer &os; Project.</p>
<h2>FreeBSD provides advanced operating system features, making it ideal
across a range of systems, from embedded environments to high-end
multiprocessor servers.</h2>
<p><b>FreeBSD 7.0</b>, released February 2008, brings many new features
and performance enhancements. With a special focus on storage
and multiprocessing performance, FreeBSD 7.0 shipped with support
for Sun's <b>ZFS file system</b> and <b>highly scalable
multiprocessing performance</b>. Benchmarks have shown that FreeBSD
provides twice the MySQL and PostgreSQL performance as current Linux
systems on 8-core servers.</p>
<p><b>&os;&nbsp;9.0</b>, brings many new features
and performance enhancements with a special focus on desktop
support and security features.</p>
<ul>
<li><b>SMPng</b>: After seven years of development on advanced SMP
support, FreeBSD 7.0 realizes the goals of a fine-grained kernel
allowing linear scalability to over 8 CPU cores for many workloads.
FreeBSD 7.0 sees an almost complete elimination of the Giant Lock,
removing it from the CAM storage layer and NFS client, and moving
towards more fine-grained locking in the network subsystem.
Significant work has also been performed to optimize kernel
scheduling and locking primitives, and the optional ULE scheduler
allows thread CPU affinity and per-CPU run queues to reduce
overhead and increase cache-friendliness. The libthr threading
package, providing 1:1 threading, is now the default. Benchmarks
reveal a dramatic performance advantage over other &unix; operating
systems on identical multicore hardware, and reflect a long
investment in SMP technology for the FreeBSD kernel.</li>
<li><b>Capsicum Capability Mode</b>:
Capsicum is a set of features for sandboxing support, using
a capability model in which the capabilities are file
descriptors. Two new kernel options CAPABILITIES and
CAPABILITY_MODE have been added to the GENERIC kernel.</li>
<li><b>ZFS filesystem</b>: Sun's ZFS is a state-of-the-art file
system offering simple administration, transactional semantics,
end-to-end data integrity, and immense scalability. From
self-healing to built-in compression, RAID, snapshots, and volume
management, ZFS will allow FreeBSD system administrators to easily
manage large storage arrays.</li>
<li><b>Hhook</b>: (Helper Hook) and khelp(9) (Kernel Helpers)
KPIs have been implemented. These are a kind of superset of
pfil(9) framework for more general use in the kernel. The
hhook(9) KPI provides a way for kernel subsystems to export
hook points that khelp(9) modules can hook to provide
enhanced or new functionality to the kernel. The khelp(9)
KPI provides a framework for managing khelp(9) modules,
which indirectly use the hhook(9) KPI to register their hook
functions with hook points of interest within the kernel.
These allow a structured way to dynamically extend the
kernel at runtime in an ABI preserving manner.</li>
<li><b>Accounting API:</b> has been implemented. It can keep
per-process, per-jail, and per-loginclass resource
accounting information. Note that this is not built nor
installed by default. To build and install them, specify
options RACCT in the kernel configuration file and rebuild
the base system as described in the FreeBSD Handbook</li>
<li><b>10Gbps network optimization</b>: With optimized device drivers
from all major 10gbps network vendors, FreeBSD 7.0 has seen
extensive optimization of the network stack for high performance
workloads, including auto-scaling socket buffers, TCP Segment
Offload (TSO), Large Receive Offload (LRO), direct network stack
dispatch, and load balancing of TCP/IP workloads over multiple CPUs
on supporting 10gbps cards or when multiple network interfaces are
in use simultaneously. Full vendor support is available from
Chelsio, Intel, Myricom, and Neterion.</li>
<li><b>Resource-limiting API:</b> has been implemented.
It works in conjunction with the RACCT resource accounting
implementation and takes user-configurable actions based on
the set of rules it maintains and the current resource
usage. The rctl(8) utility has been added to manage the
rules in userland. Note that this is not built nor
installed by default.</li>
<li><b>SCTP</b>: FreeBSD 7.0 is the reference implementation for the
new IETF Stream Control Transmission Protocol (SCTP) protocol,
intended to support VoIP, telecommunications, and other
applications with strong reliability and variable quality
transmission through features such as multi-path delivery,
fail-over, and multi-streaming.</li>
<li><b>Usb:</b> subsystem now supports USB packet filter.
This allows to capture packets which go through each USB
host controller. The implementation is almost based on
bpf(4) code. The userland program usbdump(8) has been
added.</li>
<li><b>Wireless</b>: FreeBSD 7.0 ships with significantly enhanced
wireless support, including high-power Atheros-based cards, new
drivers for Ralink, Intel, and ZyDAS cards, WPA, background
scanning and roaming, and 802.11n.</li>
<li><b>Infiniband support:</b>, OFED (OpenFabrics Enterprise
Distribution) version 1.5.3 has been imported into the
base system.</li>
<li><b>New hardware architectures</b>: FreeBSD 7.0 includes
significantly improved support for the embedded ARM architecture,
as well as preliminary support for the Sun Ultrasparc T1
platform.</li>
<li><b>TCP/IP network:</b> stack now supports the mod_cc(9)
pluggable congestion control framework. This allows TCP
congestion control algorithms to be implemented as
dynamically loadable kernel modules. The following kernel
modules are available cc_chd(4) for the CAIA-Hamilton-Delay
algorithm, cc_cubic(4) for the CUBIC algorithm, cc_hd(4)
for the Hamilton-Delay algorithm, cc_htcp(4) for the H-TCP
algorithm, cc_newreno(4) for the NewReno algorithm, and
cc_vegas(4) for the Vegas algorithm. The default algorithm
can be set by a new sysctl(8) variable
net. inet. tcp. cc. algorithm.</li>
<li><b>SU+J:</b> &os; Fast File System now supports soft
updates with journaling. It introduces an intent log into a
softupdates-enabled file system which eliminates the need for
background fsck(8) even on unclean shutdowns.</li>
</ul>
<p>FreeBSD has a long history of advanced operating system feature
development; you can read about some of these features below:</p>
<p><b>&os;&nbsp;8.x</b> brings many new
features and performance enhancements. With special focus on
a new USB stack, &os;-8.x shipped with experimental support
for NFSv4. As well as a new TTY layer. Which improves
scalability and resources handling in SMP enabled systems.</p>
<ul>
<li><b>A merged virtual memory and filesystem buffer cache</b>
continuously tunes the amount of memory used for programs and the
disk cache. As a result, programs receive both excellent memory
management and high performance disk access, and the system
administrator is freed from the task of tuning cache sizes.</li>
<li><b>Netisr framework:</b> has been reimplemented for
parallel threading support. This is a kernel network
dispatch interface which allows device drivers (and other
packet sources) to direct packets to protocols for directly
dispatched or deferred processing. The new implementation
supports up to one netisr thread per CPU, and several
benchmarks on SMP machines show substantial performance
improvement over the previous version.</li>
<li><b>Compatibility modules</b> enable programs for other operating
systems to run on FreeBSD, including programs for Linux, SCO UNIX,
and System V Release 4.</li>
<li><b>Linux emulation:</b> layer has been updated to version
2. 6. 16 and the default Linux infrastructure port is now
emulators/linux_base-f10 (Fedora 10)</li>
<li><b>Soft Updates</b> allows improved filesystem
performance without sacrificing safety and reliability.
It analyzes meta-data filesystem operations to avoid having
to perform all of those operations synchronously.
Instead, it maintains internal state about pending meta-data
operations and uses this information to cache meta-data,
rewrite meta-data operations to combine subsequent
operations on the same files, and reorder meta-data
operations so that they may be processed more efficiently.
Features such as background filesystem checking and
file system snapshots are built on the consistency
and performance foundations of soft updates.</li>
<li><b>File system snapshots</b>, permitting administrators to take
atomic file system snapshots for backup purposes using the free
space in the file system, as well as facilitating <b>background
fsck</b>, which allows the system to reach multiuser mode without
waiting on file system cleanup operations following power outages.
</li>
<li>Support for <b>IP Security (IPsec)</b> allows improved security in
networks, and support for the next-generation Internet Protocol,
IPv6. The FreeBSD IPsec implementation includes support for a
broad range of <b>accelerated crypto hardware</b>.</li>
<li><b>Out of the box support for IPv6</b> via the KAME IPv6 stack
allows FreeBSD to be seamlessly integrated into next generation
networking environments. FreeBSD even ships with many applications
extended to support IPv6!</li>
<li><b>Multi-threaded SMP architecture</b> capable of executing the
kernel in parallel on multiple processors, and with <b>kernel
preemption</b>, allowing high priority kernel tasks to preempt
other kernel activity, reducing latency. This includes a
<b>multi-threaded network stack</b> and a <b>multi-threaded
virtual memory subsystem</b>. Beginning with FreeBSD 6.x, support
for a fully parallel VFS allows the UFS file system to run on multiple
processors simultaneously, permitting load sharing of
CPU-intensive I/O optimization.</li>
<li><b>M:N application threading via pthreads</b> permitting threads
to execute on multiple CPUs in a scalable manner, mapping many user
threads onto a small number of <b>Kernel Schedulable Entities</b>.
By adopting the <b>Scheduler Activation</b> model, the threading
approach can be adapted to the specific requirements of a broad
range of applications.</li>
<li><b>Netgraph pluggable network stack</b> allows developers to
dynamically and easily extend the network stack through clean
layered network abstractions. Netgraph nodes can implement a broad
range of new network services, including encapsulation, tunneling,
encryption, and performance adaptation. As a result, rapid
prototyping and production deployment of enhanced network services
can be performed far more easily and with fewer bugs.</li>
<li><b>TrustedBSD MAC Framework extensible kernel security</b>,
which allows developers to customize the operating system security
model for specific environments, from creating hardening policies
to deploying mandatory labeled confidentiality of integrity
policies. Sample security policies include <b>Multi-Level
Security (MLS)</b>, and <b>Biba Integrity Protection</b>. Third
party modules include <b>SEBSD</b>, a FLASK-based implementation
of <b>Type Enforcement</b>.</li>
<li><b>TrustedBSD Audit</b> is a security event logging service,
providing fine-grained, secure, reliable logging of system events
via the audit service. Administrators can configure the nature and
granularity of logging by user, tracking file accesses, commands
executed, network activity, system logins, and a range of other
system behavior. Audit pipes allow IDS tools to attach to the
kernel audit service and subscribe to events they require for
security monitoring. FreeBSD supports the industry-standard BSM
audit trail file format and API, allowing existing BSM tools to
run with little or no modification. This file format is used on
Solaris and Mac OS X, allowing instant interoperability and unified
analysis.</li>
<li><b>GEOM pluggable storage layer</b>, which permits new storage
services to be quickly developed and cleanly integrated into the
FreeBSD storage subsystem. GEOM provides a consistent and
coherent model for discovering and layering storage services,
making it possible to layer services such as RAID and volume
management easily.</li>
<li>FreeBSD's <b>GEOM-Based Disk Encryption (GBDE)</b>, provides
strong cryptographic protection using the GEOM Framework, and can
protect file systems, swap devices, and other use of storage
media.</li>
<li><b>Kernel Queues</b> allow programs to respond more efficiently
to a variety of asynchronous events including file and socket IO,
improving application and system performance.</li>
<li><b>Accept Filters</b> allow connection-intensive applications,
such as web servers, to cleanly push part of their functionality into
the operating system kernel, improving performance.</li>
<li><b>Network Virtualization:</b> Container named vimage has
been implemented, extending the FreeBSD kernel to maintain
multiple independent instances of networking state.
vimage facilities can be used independently to create fully
virtualized network topologies, and jail(8) can directly
take advantage of a fully virtualized network stack.</li>
</ul>
<h2>FreeBSD provides many security features
to protect networks and servers.</h2>
<p>The FreeBSD developers are as concerned about security as they are
about performance and stability. FreeBSD includes kernel support for
<b>stateful IP firewalling</b>, as well as other services, such as
<b>IP proxy gateways</b>, <b>access control lists</b>, <b>mandatory
access control</b>, <b>jail-based virtual hosting</b>, and
<b>cryptographically protected storage</b>. These features can be
used to support highly secure hosting of mutually untrusting
customers or consumers, the strong partitioning of network segments,
and the construction of secure pipelines for information scrubbing
and information flow control.</p>
<p>FreeBSD also includes support for encryption software, secure
shells, Kerberos authentication, "virtual servers" created using
jails, chroot-ing services to restrict application access to the
file system, Secure RPC facilities, and access lists for services
that support TCP wrappers.</p>
</body>
</html>