The comparison from Solène Rapenne: OpenBSD vs NixOS
7 min readThe comparison from Solène Rapenne: OpenBSD vs NixOS
The comparison from Solène Rapenne: OpenBSD vs NixOS.
Developer Solène Rapenne is an OpenBSD maintainer who also enjoys working with Linux, especially the NixOS distribution – which he sees as a system that sets itself apart from other Linux distributions.
Solène has two SSDs on her computer, one for each system, so that you can switch from one to the other depending on the task you’re doing or the system you want to use.
Solène’s main operating system is OpenBSD, where he stores all his data. However, due to the lack of an interoperable, easy-to-use filesystem between NixOS and OpenBSD, it is difficult to share data between the two without using network storage that provides a common protocol.
Recently he published a comparison of OpenBSD and NixOS. The dimensions of comparison include : performance, hardware support, software ecology, network stack, maintenance, documentation and project contributions, etc.
Introduction
OpenBSD, a fork of NetBSD, has been around for 25 years, it’s full of history, and it’s a stable system. OpenBSD is also where OpenSSH or tmux is developed.
It is a BSD system with its own kernel and drivers – not related to Linux, but supports most of the well-known open source programs that can run on Linux, usually in the form of packages (e.g. GIMP, Libreoffice, Firefox, Chromium etc…).
The entire OpenBSD system (kernel, drivers, userspace, and packages) is managed by a team of about 150 people (not including those who send updates and don’t have commit access).
Official OpenBSD website
NixOS will soon be a 20-year-old Linux distribution based on the nix package manager.
It provides a new approach to system administration, based on reproducible builds and declarative configuration, where users can basically define in configuration files how your computer should be configured (packages, services, names, users, etc.) and “build “The system itself to be configured, if the user shares this configuration file on another computer, should be able to reproduce the exact same system.
In NixOS, packages are not installed in a standard file hierarchy, each package file is stored in a dedicated directory, and user profiles consist of symbolic links and a number of environment variables to allow programs to find libraries or dependencies.
NixOS official website
Performance
OpenBSD lacks hardware acceleration for encoding/decoding video, so it will be slower when processing video. In addition to video processing, OpenBSD is also slow to use the interactive desktop and I/O. Looking at the performance comparison alone, the advantages of NixOS are closely related to its use of the Linux kernel. After all, the Linux kernel has a large number of full-time developers and open source contributors to optimize its performance.
Although OpenBSD is slower than Linux, it is sufficient for most tasks that need to be done.
Hardware support
In terms of hardware support, OpenBSD is not as rich as the devices supported by NixOS and the Linux kernel.
On NixOS, users can use the Thunderbolt interface and can use an external NVIDIA graphics card, but OpenBSD does not support this interface, and there is no NVIDIA graphics card driver (the author thinks this is mainly because NVIDIA does not provide documentation).
However, OpenBSD requires almost no configuration to use. It will work as long as the hardware supports it.
In addition, OpenBSD can also run on a variety of computers with old architectures, such as i386, old Apple Power PC, RISC, ARM, while NixOS only focuses on modern hardware, such as Amd64 and Arm64.
Software ecology
Both OpenBSD and NixOS provide a lot of packages, but NixOS has more options in comparison. Of course this is not to say that OpenBSD is bad, since most of OpenBSD’s packages work fine, and usually the latest version is available.
The author also stated that he has found several times that a package works fine in OpenBSD, but not in NixOS.
He also believes that OpenBSD packages are of slightly higher quality than NixOS, that the former has fewer problems (NixOS packages are sometimes buggy, possibly related to their unusual file structure), and are sometimes patched to provide better defaults Configuration (such as disabling network access that is turned on by default in some GUI applications).
Both OpenBSD and NixOS release new versions every six months, but OpenBSD only provides security fixes for its latest version, and NixOS provides users with more update packages.
The author believes that updating packages is easy on both OpenBSD and NixOS, but it is relatively easier for users to find the version currently in use on OpenBSD.
He said it might be because he didn’t know enough about the nix shell, but the truth is, it’s hard to tell if he’s actually using an updated program.
Network stack
In the author’s opinion, OpenBSD excels in the networking stack. Its firewall Packet Filter is easy to use, simple to configure and efficient. OpenBSD provides mechanisms like routing tables/domains for assigning one network interface to an entire separate network, allowing programs/users to be exposed to specific interfaces reliably, but he hasn’t found out how to implement these on Linux Features. Also, OpenBSD comes with all the necessary daemons to manage the network in its base system (dhcp, slaacd, rpki, email, http, NAT, ftp, tftp…)
Compared to Linux, OpenBSD’s performance in handling network throughput may be sub-par, but it is not a problem for the average user or server, depending on the network card used and its driver support.
The author says he doesn’t like tossing around with networking on Linux because it’s so complicated, and when he unplugs the rj45 cable on his laptop, he doesn’t know how to aggregate the wifi and ethernet interfaces to transparently switch from one to the other interface. But these operations are easy to implement on OpenBSD (the author doesn’t like losing all TCP connections when moving the laptop).
System maintenance
OpenBSD releases a new version every six months, and upgrading the system is easy and most extreme cases are documented in the upgrade guide.
The author says that when he needs to update his OpenBSD system, he doesn’t worry about problems.
As for NixOS, it’s also easy for him to update, as well as keeping the system clean, he never had any issues with the upgrade and can also roll back to the previous version if something goes wrong.
So, although both systems have different approaches, both work well.
Documentation
The authors argue that, while the NixOS documentation is huge, it often fails to provide useful information.
The NixOS documentation has a man page called “configuration.nix” that provides all system parameter options, but it is generated by NixOS code and generally lacks explanation beyond describing the API.
There are also some guides and manuals on the NixOS website, but they are either redundant or don’t really describe how to solve the actual problem.
As for OpenBSD, its website has simple “FAQs” for some use cases, and then all systems and their internals have detailed explanations in well-written man pages.
Users may find it unfriendly or complicated at first, but once you get a taste of the OpenBSD man pages, it’s easy to get disappointed when looking at other documentation.
If the user has to set up the OpenBSD system for some task that depends on basic system components (not packages), the user can do it offline using only man pages.
The author mentions that OpenBSD is not a system whose documentation can be found on various forums or github gists, as he often feels on NixOS.
Contribution
NixOS employs a modern contribution system that relies on GitHub and bots to automate many checks on contributions, helping contributors to quickly check their work without “wasting” time reading every commit.
In OpenBSD, discussions between developers about modifying code are done on mailing lists, only among humans.
So this approach is not scalable enough, but human-to-human contact will give a better explanation than a robot.
Of course, the premise is that the work is interesting, and there are peers who are willing to invest time and energy for it, so there will also be situations where you will never get feedback.
Conclusion
The author’s assessment is that he cannot point to one system being better than another, nor that one system is absolutely better at a task.
His love for OpenBSD comes from its small community – made up of people who enjoy doing different jobs. He knows how OpenBSD works and can easily debug when things go wrong.
Because the system has been kept relatively simple, it works fine when the hardware is supported.
He also likes NixOS because it’s an adventurous system that offers a new experience that the author believes is the future of computing (transactional updates, repeatability), but it also makes it difficult to understand and debug variables very complicated.
Finally, this article compares OpenBSD and the Linux distribution NixOS from different aspects.
The comparison from Solène Rapenne: OpenBSD vs NixOS
