city in Canada, guessing on _ca? :)

In Ottawa (was getting dis- & reconnecting too much also today, so gave up)

Possibly off topic, in case any one uses|used "No-IP" & thus TrustCor : washingtonpost.com/technology/2022/…et-addresses-government-connections

Title: Browser-Based Edition | FreeBSD Foundation

If I want to boot a bhyve Windows guest using MBR and not UEFI, what's the right bootrom to use?

trench, Thanks.

meena, I am ready to sign your petition of ssh being enabled in a VM

_xor, the default bhyve one

Cute, FreeBSD Journal, for I was not expecting an article to be presented as a PDF file

... in "browser-based-edition"

Previously when I ran `pkg upgrade [package name]` and the package was not installed, it would give me a message that said the package was not installed, nothing to do. Now pkg prompts me to install the package just like I invoked the command with `pkg install ___`. Is this the intended behaviour?

If I'm reading the manpage correctly, it says it should skip packages if not installed, right?

I can confirm

(... the offer to install a package when trying to upgrade one that has not been installed)

parv, thanks for the confirmation.

Manual page of "pkg-upgrade(8)" -- Moreover, pkg upgrade will not install new packages, except as required to fulfil dependencies of the packages listed on the command line -- is severely out of date from the behaviour (on stable/13)

Right, that's what I read too. This new behaviour is messing with my invocation of `pkg upgrade` from Ansible. I only want it to target systems that have the packages installed.

hackershack, Thanks for bringing that to attention. Else I likely would|might have pressed "Enter" without reading the message closely

I'll open a bug report. Thanks for the second set of eyes.

I am running 12.3 on powerpc and having trouble doing a buildworld of 13.1, I suspect because the compiler is still GCC but Clang is expected, does anyone know how to deal with that?

but why listing packages there instead of using just pkg upgrade without listing packages? that should upgrade all packages that are installed on the system

Hi, can I compile more than one port at a time or should I have one compile after the other?

the easy way is to use poudriere to build a package repo as it takes care which ports can be build in parallel and other stuff

Anyone use CBSD? I'm following the guide for a bhyve guest, and as soon as I get to "cbsd login my_guest" it returns error message "no such CBSDMake file: /root/CBSDfile"

I do see that there is a "CBSDfile" located at /usr/local/cbsd/share/examples/cbsdfile/CBSDfile, but not mentioned in the docs at all

ravella: I do

the command is not login, but blogin for bhyve and jlogin for jails

oh dear, I probably need new glasses, the docs do indeed say "blogin" but I read it as "login"

login for, as you discovered, CBSDfile, which is something like Vagrantfile or docker-compose.yaml, if you're familiar with those technologies (if not, just ignore I said that)

thanks meka!

*login is

ravella: you're welcome!

i'm having some trouble with bhyve and vlan interfaces i'm using vm-bhyve fwiw but i'm not sure it's related to it. basically if i have a bridge with members bge0.5 and i configure the vm as a member of that bridge, i can reach the host VLAN ip but not other hosts

but from other hosts i can reach the hypervisor host just fine

am i missing some sysctl tunable related to allowing bridges to pass traffic?

is it up? ^^

hjf, forwarding ?

net.inet.ip.forwarding=1, ^

yeah

cpet: i tried that but it didn't work. i don't think it's related though because bridges are at a lower layer than ip fowarding

hjf: can you share `vm switch list` ?

NAME TYPE IFACE ADDRESS PRIVATE MTU VLAN PORTS

public standard vm-public - no - - bge0

b3k standard vm-b3k - no - 3000 bge0

NAME TYPE IFACE ADDRESS PRIVATE MTU VLAN PORTS

sw100 standard vm-sw100 - no - - lagg0.100

I just created the switch and added my nic to it

hrm

i created the vlan on top of the nic and then added _that_ to the switch

yeah this isnt that fancy vlans are done using the actual switches webui

which was working for me before i changed the network around and bridged everything.

well you want it tagged properly bfore it leaves bge0 right?

hjf, is the switch name the same as what you created ?

in the .conf ?

yes

and its basically vm switch create public && vm add public nic ?

$public = whatever

well i edited the conf

what you create is what you add cant add public and add in slappy to the conf

Title: VM-BHYVE(8) - utility to manage bhyve virtual machines

Quick Start

switch_list="sw100 sw200 sw30 mgmt host"

ports_sw100="lagg0.100"

is all you need to do

^_+

lo

once that works you can go all crazy with vlans and all that

network0_switch="public"

network1_switch="b3k"

so yes the vm has both "switches"

still have to configure the OS you install

the os has ip addresses for both interfaces

oh i didn't ask that; do you want the host or the vm to do the tagging

the host

then i think you have to add the vlan to the switch

the linux if attached to public gets an ip from dhcp fine

the if attached to b3k has a static ip. it can ping the hypervisor host (in this case the ip i set for bge0.3000)

but it can't ping hosts behind bge0.3000

hosts connected to the switch can ping bge0.3000 , but not the VMs

i changed it a little so it looks like this:

NAME TYPE IFACE ADDRESS PRIVATE MTU VLAN PORTS

public standard vm-public - no - - bge0

b3k standard vm-b3k - no - - vlan3000

but the result is the same, i can ping the hypervisor host but not the remote hosts (and the remote hosts can ping the hypervisor but not the VMs)

hjf: i feel like i have been here before; there were three or four variants of configuring vlans and the vlanXX wasn't it

meka: do you use a rfc1918 network for your guests? The nat situation with cbsd is giving me some trouble

I'm considering manually creating the bridge instead, and adding a NAT rule to pf

anyone run wget in a cron job? do you have to run it so there is no output printed?

the command runs normally but did not in the cron, so it seems like that cron likes commands that don't produce any output

wget -q option

or do i need to add a new line after the command?

ravella: that's exactly what I did with Reggae

To be precise, there's one special jail and what makes it special is dhcp/dns inside of it. Other jails get their addresses through dhcpcd, as it picks up IPv4 and IPv6

rtprio: i've been using ifname_vlans="vlanNNNN" attached to a virtualbox VM for years

no switch though

On the host I have bridge0 renamed to cbsd0 just to make it easier to identify the bridge which is for CBSD jails and I have all my jails as VNET, so when I create the jail with jcreate, I add interface=cbsd0

An example of such jail creation is this line: github.com/cbsd/reggae/blob/master/scripts/master-init.sh#L26

Title: reggae/master-init.sh at master · cbsd/reggae · GitHub

i had to tcpdump every interface until i could figure out whr th problem was

"oh noes"

so now i changed things a little. i assigned the host ip to the bridge, not the vlan interface

bridge includes vlanif + tap

if i do it this way, i can't ping from outside

the vm and the host see each other ,but not through the (physical)switch

ok it gets worse. i flushed the arp cache, and i tried pinging. the destination MAC appeared in the arp cache

meka: ah I think I found my problem, if I create the bridge manually then I need to answer "no" to `cbsd natcfg`

SON OF A B

When you use 802.1Q VLAN tagged interfaces created on a physical interface (parent interface), make sure not to add the parent interface to any bridge.

If you do this, ARP resolutions on the tagged interfaces seem to cease working as reported in the following PR/Forum Threads.

indeed, i did just that and now it works

hjf: wouldn't surprise me if you and I just had similar issues lol

well, in my case, I couldn't ping the outside world, two daemons were contending to create the same bridge interface

yeah, on second though, probably not the same issue

this sucks though because i need the parent interface in a bridge

maybe a nasty solution would be to make another tagged vlan interface for the default vlan (vlan 1?)

so all my traffic will be VLANed. i guess it's ok as long as i always have a switch that can deal with this