The objective of this article is to introduce the NetBSD operating system to people who are new to BSDs. The NetBSD project began as a result of frustration within the 386BSD developer community with the pace and direction of the operating system’s development.
The four founders of the NetBSD project, Chris Demetriou, Theo de Raadt, Adam Glass, and Charles Hannum, felt that a more open development model would benefit the project: one centered on portable, clean and correct code. They aimed to produce a unified, multi-platform, production-quality, BSD-based operating system. The name “NetBSD” was suggested by de Raadt, based on the importance and growth of networks, such as the Internet at that time, the distributed and collaborative nature of its development.
pkgsrc (package source) is a package management system for NetBSD. It was forked from the FreeBSD ports collection in 1997 as the primary package management system for NetBSD. Since then, it has evolved independently: in 1999, support for Solaris was added, later followed by support for other operating systems. DragonFlyBSD, from release 1.4 to 3.4, used pkgsrc as its official packaging system, now it uses its own native “dports”. MINIX 3 and the Dracolinux distribution both include pkgsrc in their main releases. Over 23 operating systems use pkgsrc as their package management system. “Portage” of Gentoo Linux & “Arch Build System” of Arch linux are examples of other package management systems akin to pkgsrc.
As the project’s motto (“Of course it runs NetBSD” ) suggests, NetBSD has been ported to a large number of 32- and 64-bit architectures. These range from VAX minicomputers
to Pocket PC PDAs,
As of now, NetBSD supports 57 hardware platforms including IA-32, Alpha, PowerPC,SPARC, Raspberry pi 2, SPARC64 and Zaurus. The kernel and userland for all these platforms are built from a central unified source-code tree managed by CVS.
Being one of the most portable OSs in the world (with Debian), many of the supported hardware platforms are suited for embedded applications. Among the more popular processor families for embedded systems are MIPS, PowerPC, ARM, Xscale and Super-H
NetBSD has supported SMP since the NetBSD 2.0 release in 2004. A scalable M2 thread scheduler was implemented, though the old 4.4BSD scheduler still remains the default but was modified to scale with SMP. Threaded software interrupts were implemented to improve synchronization. The virtual memory system, memory allocator and trap handling were made MP safe. The file system framework, including the VFS and major file systems were modified to be MP safe. Since April 2008, the only subsystems running with a giant lock are the network protocols and most device drivers.
NetBSD source tree is periodically analyzed by two separate code scanners to maintain and improve code quality: Coverity – a commercial code scanner, and Brainy – a private code scanner developed by a NetBSD developer.
Several security features are available in NetBSD, including IPsec – for both IPv4 and IPv6, a file integrity system (Veriexec), a kernel authorization framework (kauth(9)), exploit mitigation features (PaX), disk encryption (CGD), and a variety of other internal kernel bug detection features such as KMEM_REDZONE and KMEM_SIZE.
The NetBSD pkgsrc Security Team and package maintainers keep a list of known security vulner- abilities in packages which are (or have been) included in pkgsrc. The list is available from the NetBSD FTP site at:
Through audit-packages, this list can be downloaded automatically, and a security audit of all packages installed on a system can take place.
NetBSD comes with its own firewall NPF. NPF was primarily written by Mindaugas Rasiukevicius. NPF first appeared in the NetBSD 6.0 release in 2012. NPF is designed for high performance on SMP systems and for easy extensibility. It supports various forms of Network Address Translation (NAT), stateful packet inspection, tree and hash tables for IP sets, bytecode (BPF or n-code) for custom filter rules and other features. NPF has extension framework for supporting custom modules. Features such as packet logging, traffic normalization, random blocking are provided as NPF extensions.
The Xen virtual-machine monitor has been supported in NetBSD since release 3.0. Any number of “guest OSes” (DomU) virtualized computers, with or without specific Xen/DomU support, can be run in parallel with the appropriate hardware resources. NetBSD 6 as a Dom0 has been bench- marked comparably to Linux, with better performance than Linux in some tests.
User-space virtualization such as VirtualBox and QEMU are also supported on NetBSD.
NetBSD 5.0 introduced the rump kernel, an architecture to run drivers in user-space by emulating kernel-space calls. This anykernel architecture allows adding support of NetBSD drivers to other kernel architectures, ranging from exokernels to monolithic kernels
NetBSD includes many enterprise features, like iSCSI, a journaling filesystem, logical volume management and the ZFS filesystem. The WAPBL journaling filesystem, an extension of the BSD FFS filesystem, was contributed by Wasabi Systems in 2008. It also includes CHFS Flash memory filesystem, the first open source Flash-specific file system written for NetBSD. A variety of “foreign” disk filesystem formats are also supported in NetBSD, including FAT, NTFS, Linux ext2fs, Mac OS X UFS, RISC OS FileCore/ADFS, AmigaOS Fast File System, IRIX EFS and many more through FUSE.
All of the NetBSD kernel and most of the core userland source code is released under the terms of the BSD License (two, three, and four-clause variants). This essentially allows everyone to use, modify, redistribute or sell it as they wish, as long as they do not remove the copyright notice and license text (the four-clause variants also include terms relating to publicity material). Thus, the development of products based on NetBSD is possible without having to make modifications to the source code public. In contrast, the GPL, which does not apply to NetBSD, stipulates that changes to source code of a product must be released to the product recipient when products derived from those changes are released.
As for packages, the installed software licenses may be controlled by modifying the list of allowed licenses in the pkgsrc configuration file.
NASA Lewis Research Center – Satellite Networks and Architectures Branch use NetBSD almost exclusively in their investigation of TCP for use in satellite networks.
KAME project – A research group for implementing IPv6, IPsec and other recent TCP/IP related technologies into BSD UNIX kernels, under BSD license.
NEC Europe Ltd. established the Network Laboratories in Heidelberg, Germany in 1997, as NEC’s third research facility in Europe. The Heidelberg labs focus on software-oriented research and development for the next generation Internet.
SAMS-II Project – Space Acceleration Measurement System II. NASA will be measuring the mi- crogravity environment on the International Space Station using a distributed system, consisting of NetBSD.
Who uses NetBSD?
Arcapos point-of-sale terminals are known for their excellent user friendliness and extreme robustness. The (commercial) arcapos applications (point-of-sale, infokiosks) are 100 percent made in Switzerland. NetBSD is not only used as the operating system of choice for arcapos, but also has been extended by the arcapos team to be the best open-source platform available for point-of-sale and related applications.
CentreCOM WR54-ID by Allied Telesys, Co is a wavelan router based on NetBSD.
The Champaign-Urbana Community Wireless Network releases an open source wireless system based on NetBSD.
fdgw is a one floppy version of NetBSD/i386. It can run on old machines without HDD. You can use it as a small router, natbox or ADSL router. It is a minimal operating system.
g4u is a NetBSD-based boot floppy/CD-ROM that allows easy cloning of PC hard disks to deploy a common setup on a number of PCs using FTP.
Precedence Technologies (a UK-based company) offers thin-client software (ThinIT) and ac- companying hardware based on NetBSD. ThinIT provides access to Microsoft RDP, Citrix ICA, web-browsing, DVD playback, video streaming, ssh and VNC hardware all in a centrally-managed way with a tiny footprint. NetManager is a general-purpose modular firewall, email, web, VPN and proxy server based on NetBSD with easy-to-use web-based management. It also offers web-based central management of ThinIT.
The Operating System made by QNX Software Systems Ltd. uses several components of the NetBSD System.
Dynarc makes a series of routers for optical IP networks. The base for their software is NetBSD (mostly kernel).
endgadget’s palm-sized NEC UNIVERGE WNX Server measures only 3.79 x 2.57 x 2 inches (96.4 x 65.4 x 50.7mm), and can easily be considered palm-sized. It runs NetBSD, features video in/out, audio in/out, 100Base-TX ethernet, two CF card slots, and offers a battery life of three hours. NEC intends the server to be used as a sort of mobile gateway for connecting your phone to video cameras in an office, for example.
BMF CORPORATION produces EZF-1500E, a development kit for embedded finger print sys- tems. The kit includes an ARM9 based board and a development environment based on NetBSD 1.6. Also, source code of the finger print sensor driver, a finger print matching engine library and sample programs, and circuit diagrams are available.
Dell Networking OS 9 is powered by NetBSD. The NetBSD kernel provides a stable operating system and performs efficient resource management via the HAL architecture, allowing it to deliver superior levels of concurrency, memory allocation and process scheduling. All other applications run as independent and modular processes in their own protected memory space.
There are many more to all the lists but are not included due to possible space constraint.
If you would like to try this Operating System you can start reading the documentation from
Support for the Operating System can be requested from netbsd-users and pkgsrc-users. Directions to join the mailing lists are provided in the pages
http://www.netbsd.org/mailinglists/ http://www.netbsd.org/mailinglists/#descriptions-of-mailing-lists For mailing list archives you may go to http://marc.info/
About the Author:
Siju Oommen George, CISO&CE,
BroadTech IT Solutions
LinkedIn group: AllSec Group https://www.linkedin.com/groups/8244677 Webpage: BroadTech http://www.broadtech-innovations.com/
Source of the article: BSD Mag Vol. 09 No. 11 (79)