
FreeBSD 11.1 released - gtirloni
https://www.freebsd.org/releases/11.1R/announce.html
======
tachion
While you're here, have you donated[0][1] yet? :) You may or may not be aware,
but FreeBSD runs your movies on Netflix, your games on PlayStation 4 and
Nitendo Switch, your files on FreeNAS and ZFS, your friends on WhatsApp and
OpenBSD runs everything else on OpenSSH. ;)

So, you may or may not know that, but you need FreeBSD and OpenBSD and they
also need you! Every cent counts and so does every contributor, that helps the
foundations keep their non-profit status.

[0]
[https://www.freebsdfoundation.org/donate/](https://www.freebsdfoundation.org/donate/)

[1]
[https://www.openbsd.org/donations.html](https://www.openbsd.org/donations.html)

~~~
harry8
Surely Netflix should be donating. Surely Sony should be donating. Surely
Nintendo, Facebrick(Whatsapp).

While you're here what did they donate?

~~~
drewg123
Netflix currently employs about 8 FreeBSD committers (possibly more, I'm
counting on my fingers before coffee, so I might be forgetting people). Most
of us contribute our changes back to the project. Some of these are major
things, like async sendfile. Our goal is to upstream everything we can.

We also do other things, like sponsor conferences, and work behind the scenes,
advocating for FreeBSD support from a wide variety of enterprise hardware
vendors.

~~~
43224gg252
But why FreeBSD over Linux? Honestly it all seems like a waste of time. Linux
is already the dominant free OS. Maybe it would be better to put resources
into improving Linux (like Microsoft and Google do) instead? You can advocate
for it all you want but the idea that FreeBSD is going to ever become as
relevant as something like Linux is extremely unrealistic.

Not to mention Linux has a much better license for end-users in that it makes
some effort to guarantee the code stays free, and that corporations can't
close and modify the code and redistribute it for profit.

I feel like "advocating for FreeBSD" really does more harm to the open source
ecosystem than good.

~~~
aphextron
>You can advocate for it all you want but the idea that FreeBSD is going to
ever become as relevant as something like Linux is extremely unrealistic.

Do you have any idea what you're talking about?

BSD literally invented the networking stack that was copied (poorly) by Linux,
and most other Unix variants including Darwin (macOS). It is strictly superior
for networked applications. Read here for more info
([https://news.ycombinator.com/item?id=8167126](https://news.ycombinator.com/item?id=8167126))

~~~
Galanwe
Would also add that, overall, BSDs are much more lean and well designed than
Linux. There are thousands of Linux developers submitting patches all the
time, in every direction. That's part of what makes Linux great, but it also
makes it a huge mess of code duplication and design bloat. Dbus is a mess,
/proc is a mess, netlink is a mess, systemd is a mess, hell eBPF is an insane
mess. Linux has a huge legacy of bad APIs, tools and design choices, that were
integrated in a rush. That makes Linux trendy, but definitely not what you
want when you're just interested in a stable, understandable kernel to run
your core infrastructure ou embedded equipments. Not to mention even tooling
and network daemons on BSDS are much easier to work with and configure IMHO.

I've been doing kernel development for Linux since a while now, and I'm always
amazed at how much time it takes me to understand a new subsystem I didn't use
before, because everything is SO damn over engineered it's a farm fest for
geek. Whereas when I hack OpenBSD or FreeBSD on my free time I feel like I can
be productive making changes in an unknown subsystem in just a few days of
reading code and playing with it.

~~~
nucleardog
They way I've seen it described is that BSD is designed, Linux is grown.

Every part of BSD is from BSD. The kernel, network stack, init system,
userland, sshd, etc are all made and released together. Ideas are driven by
teams and committees and then implemented.

Every part of a functioning Linux system is from a different vendor. "Linux"
makes the kernel and network stack, the init system comes from the FreeDesktop
project, the userland comes from GNU, sshd comes from BSD. Things are driven
in a variety of different ways, by different people, with different goals and
thoughts on how Linux should look. Eventually it all gets glued together and
we see what we've got.

------
rsync
Someone else in this thread, speaking of something else, wrote this line:

"I assume that using version 11.1 is the way to go? No point in using the 10.x
branch?"

... and _that_ is everything that is wrong with FreeBSD - and has been for
over ten years.

I wrote a long critique of this issue in 2012 that you can read in the mailing
list archives:

[https://lists.freebsd.org/pipermail/freebsd-
hackers/2012-Jan...](https://lists.freebsd.org/pipermail/freebsd-
hackers/2012-January/037294.html)

... and although many of the core team had agreeable sentiments in the very
long discussion that followed, nothing at all has changed.

The poster is correct - there is indeed no point in using the 10.x branch.
What he doesn't know is that there has been no point in using the 10.x branch
for over a year now[1] but since the 11 release was at "dot zero" you were
ill-advised to use that as well. This means that for over a year _there has
been no good answer to the question "which version of FreeBSD should I use"._

In summary:

FreeBSD is an operating system by, and for, FreeBSD developers. It is very
difficult to invest time and money into FreeBSD because the platform is
neither stable[2] nor long-term. Finally, FreeBSD, possibly unwittingly, loses
a lot of end-user development and reinvestment since end users are never
working on the same OS that the developers are.[3]

[1] As usual, all new drivers and non-critical bug-fixes go to 11, since that
is what "is current" and nobody bothers backporting any of it to 10. This was
true _even before 11.0-RELEASE came out_.

[2] I don't mean stable in terms of reliability - FreeBSD is rock solid and we
trust all of rsync.net to it - I am speaking of the stability of the OS
platform itself and what functions it is capable of.

[3] I'm not interested in your success stories running CURRENT in production.
The official stance of the FreeBSD project is that CURRENT "includes works in
progress, experimental changes, and transitional mechanisms". They go on:
"FreeBSD-CURRENT is not in any way “officially supported".

~~~
cperciva
_This means that for over a year there has been no good answer to the question
"which version of FreeBSD should I use"._

Not true at all. The answer is:

1\. If you have systems which are already running 10.x, you should run the
latest 10.x release.

2\. If you're deploying a new system now, you should deploy it with the latest
11.x release.

3\. If you're building a product which you will be selling next year, you
should build it on top of FreeBSD HEAD, so that it will be running a recent
release when it ends up being deployed.

Old STABLE branches get updates and new releases because there are deployed
systems which are using them. Think of 10.3 as "FreeBSD 10, service pack 3".

~~~
rsync
"If you're deploying a new system now, you should deploy it with the latest
11.x release."

Unless your organization, after wasting a year and tens of thousands of
dollars on 5.0, has implemented a SOP to never use the x.0 of FreeBSD.

I think that's a decent heuristic _in general_ \- for instance, I don't buy a
car until they've been rolling off the line for 9-12 months - but in the case
of FreeBSD it is a concrete rule based on experience - not a superstition.

So again, the cool kids all stopped working on 10.x[1] over a year ago, and
11.1 was not released.

In our case, 10.x was working fine for us and nothing was terribly broken
driver-wise (unlike 8.x when we desperately needed intel NIC fixes circa 8.2
that all went to 9 and never got backported).[2] So we kept deploying 10.3.

[1] Driver fixes all go to 11, non-critical bugs all "committed to stable",
etc.

[2] Well, except for some nice new bhyve features that all went to stable were
not available to us for the last 12-18 months (and will never go to 10).

~~~
cperciva
_Unless your organization, after wasting a year and tens of thousands of
dollars on 5.0, has implemented a SOP to never use the x.0 of FreeBSD._

Frankly, if that's the lesson you learned from FreeBSD 5.0, I don't know that
there's anything I can say to help you.

A more appropriate lesson to learn from FreeBSD 5.0 would have been "don't use
releases which are cut from HEAD and announced as being for 'early adopters'".
The FreeBSD 5.x stable branch started at FreeBSD 5.3.

~~~
emaste
I think the long-standing impression left by 5.0 (despite carrying explicit
warnings about being appropriate for early adopters) carries a good lesson for
us: this sort of lore is surprisingly sticky. It doesn't matter that 5.0 was
very much an anomaly that wasn't repeated, and that recent .0 releases were
very stable. I suspect end-users like John are going to avoid .0 releases for
as long as they use FreeBSD.

~~~
cperciva
You're probably right, but that doesn't mean that we shouldn't point out at
every possible opportunity that 5.0 was an anomaly and was clearly identified
at the time as being an anomaly.

Maybe we can't convince John to unlearn his wrong lessons, but I'd like to
avoid having him teach those wrong lessons to everybody else.

------
stock_toaster
This release also finally compiles NAT-T into the kernel by default. I can
finally run a strongswan/ikev2 server without needing to compile a kernel just
for nat traversal. woohoo!

~~~
Mister_Snuggles
I use IPSec for my VPN needs (accessing my stuff at home from remote places
mainly) and run FreeBSD. Getting it set up was annoying, to say the least.

I have no idea why they didn't include NAT-T by default in 11.0. I'd hazard a
guess that most VPN connections involve at least one end being behind NAT.

------
rleigh
First system (NAS) upgraded flawlessly with `freebsd-update` and I'll see how
it fares over the next week before upgrading the rest at home and work.

Many thanks to all the FreeBSD crew for all their hard work.

------
PhantomGremlin
If I'm comfortable using command line tools, should I just use FreeBSD and ZFS
directly to build a NAS, or should I go with FreeNAS?

I assume that using version 11.1 is the way to go? No point in using the 10.x
branch?

~~~
0xbear
You don't have to use FreeBSD if ZFS is your only draw, though. Ubuntu
supports ZFS out of the box.

~~~
rleigh
ZFS on Linux is quite inferior; there's a lot of missing functionality and
some not so nice bugs. You also can't run ZFS on root without manual
installation (I've done this).

ZFS on FreeBSD has been flawless for me. ZFS on Ubuntu is functional but
limited, and I've experienced some odd glitches.

~~~
0xbear
Other than difficulty with ZFS on root, I think you're just making stuff up. I
run a rather heavily used set of RAIDZ2 arrays and everything works fine. No
"odd glitches" or anything.

~~~
rleigh
On the contrary, it's quite true. I'm a little disturbed by how readily people
ascribe nefarious intent to assertions regarding things they have not
experienced themselves. You might not have experienced problems, but that does
not logically imply that it is free of problems.

A few months back, I booted my Ubuntu 16.10 workstation. No ZFS datasets were
mounted at boot. Regular "zfs mount" and "mount" failed. Could not get the
datasets to mount at all, even though the pool was active and the datasets
were visible. Solution: changing the mountpoint worked for some reason. Still
no idea what triggered this or why the fix worked. Either way, it broke the
system's normal functioning through no intervention of my own.

I've also had the zfs and zpool commands get stuck in "D" state indefinitely
because something internal had blocked everything. Mounted filesystems
continued to work, but no admin commands would work. Triggered by running some
trivial admin function. After a few days I had to hard reset the system to
regain control. This looks like a locking bug.

I've also had poor behaviour when a disc glitched and I got an oops rather
than ZFS coping with the short outage. IIRC I got the same "D" state issue as
above.

I never encountered any such problems with FreeBSD, and I've run it on both
platforms for years. ZFS on Linux is functional, and I use it daily, but the
FreeBSD implementation is better.

~~~
michaelmrose
Maybe ubuntu is just as usual buggy junk? Anything other than lts can usually
be assumed to be problematic.

I think its worth noting that 16.04 is is 16 months out of date on zfs
releases and even 16.10 is 10 months out of date.

In a version of software in development the most current stable release
potentially has a lot of bug fixes that ubuntu users are missing out on.

------
SwellJoe
Anybody know what the deal with blacklistd is? I googled and finally found the
man page, but it's not immediately apparent why one might choose using it over
using something like fail2ban (which works for any service and can block all
ports, not just ssh)?

~~~
petre
It listens on a socket for failed login notifications from other daemons. I'd
say this approach is better than what fail2ban does (scans logs with regexps),
but it has to be supported upstream so the daemons actually notify blacklistd.

------
vermaden
As for powertop on Linux, on FreeBSD you have powermon (from Ports):

# kldload cpuctl # powermon

    
    
                      Intel(R) Core(TM) i7-2640M CPU @ 2.80GHz
                          (Arch: Sandy Bridge, Limit: 44W)
    
    
    
       4.98W [=======>                                                           ]
    
    
    
     Package:           Uncore:             x86 Cores:          GPU:
     Current: 4.98W     Current: 3.34W      Current: 1.44W      Current: 0.21W
     Total: 14.37J      Total: 9.79J        Total: 3.62J        Total: 0.96J
    
    
    

Also for power management, powerdxx (from Ports) is better then powerd:

/etc/rc.conf powerdxx_enable=YES powerdxx_flags="-n hiadaptive -a hiadaptive
-b hiadaptive -m 1600 -M 3000"

