Date: Mon, 04 Feb 2008 22:15:28 +0100 From: Andre Oppermann <andre@freebsd.org> To: ithilgore <ithilgore.fbsd@gmail.com> Cc: freebsd-net@freebsd.org, Alfred Perlstein <alfred@freebsd.org> Subject: Re: FreeBSD network stack Vs others Message-ID: <47A78070.1080504@freebsd.org> In-Reply-To: <47A8057B.2080801@gmail.com> References: <32c178710802040633w671f8512mc3f8991dc996d3a3@mail.gmail.com> <20080204191502.GO99258@elvis.mu.org> <47A8057B.2080801@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
ithilgore wrote: > Alfred Perlstein wrote: >> * ithilgore -- <ithilgore.fbsd@gmail.com> [080204 06:59] wrote: >> >>> I 'd like to learn what are the basic differences ( pros and cons ) >>> between >>> the >>> FreeBSD network stack and the other OSs' ( especially linux ) >>> >>> I know that linux has had everything rewritten from scratch as far as >>> the >>> implementation of tcp-ip and the sockets are concerned and would like to >>> know if this has made it actually more robust or state-of-the-art than >>> FreeBSD's or the opposite. >>> >>> Some actual technical details and references would be appreciated. >>> >> >> Linux's stack hasn't been rewritten from the BSD one, it was written >> from scratch. >> >> Linux's tcp/ip stack has been rewritten many times over the years >> with the promise of large performance gains. >> >> The fact of the matter is that the performance on the "bleeding >> edge" of both systems, FreeBSD and Linux, is about the same. >> >> From a BSD proponent's perspective, I would take the pragmatic >> viewpoint that everytime Linux reinvents its stack to get performance >> or some other feature FreeBSD isn't far behind with a relatively >> minor change to its stack to accomplish the same feat. >> >> -Alfred >> > > This means less work for the same gain, if it is as you say. FreeBSD's TCP/IP stack is a descendant of the original reference TCP/IP implementation from the University of California at Berkeley. The Internet was pretty much invented and developed on the BSD operating system source code. The reference standard book named "TCP/IP Illustrated Vol. 2" describes the BSD (and FreeBSD's) TCP/IP stack in great detail. This book is used to teach TCP/IP implementations to almost all Computer Science students all over the world. Of course FreeBSD has further refined the implementation and added support for RFCs features that came after the original code base. > As far as special cases are concerned, has FreeBSD taken extra care for > them ? Yes. We have SYN flood attack protection (called syncache) and many more advanced features. > Like for example error checking on more things or > additional care for a special bad condition not to happen. > What about the security hardening ? Would the FreeBSD network stack > succumb less easily to attacks (supposing one doesn't use any additional > protection mechanism ) ? No, the stack is *very* robust. You can't crash it. Though you have to differentiate between attacks that try to cause the operating system to break (which you can't on FreeBSD); and attacks that overload the (any) system by opening so many connections that it can't deal with them anymore. Here we have pretty much all parts covered too. Syncache, compressed time_ wait states, etc. No to say something great can't improved further. I'm currently doing that with long term view. However the FreeBSD approach is evolutionary instead of revolutionary as it happens so often on Linux. This gives us a very stable and very proven long living code base. -- Andre
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?47A78070.1080504>