00:19:27 <_xor> Are explicit pf rules for DHCP required to properly handle dhclient & pf interface binding? 00:19:58 <_xor> My machine, at boot, doesn't route properly until I restart pf. I was just using rcorder to look at the relationship between pf and dhclient. 00:52:08 is gpu passthrough with one GPU like a laptop possible yet? with bhyve 01:32:19 <_xor> I've heard `-s 10:0,passthru,43/0/0` to bhyve is supposed to work (where 43/0/0 is the device as listed in `pciconf -v -l`), though I caveat emptor, as I haven't tried it yet. 02:20:03 * parv has X/24 to cover any address supplied via DHCP for ipfw 05:36:00 <_xor> Hmm, well that was interesting. 05:37:13 <_xor> My router gets an IP from my ISP via DHCP. The same interface also has a static IP alias that my ISP assigned me (for self-hosted services, etc). 05:40:09 <_xor> If I set ifconfig_em0="SYNCDHCP" and ifconfig_em0_alias0="inet 1.2.3.4/250", it works fine (for the most part, I've been having to restart pf once after boot because it wasn't routing). 05:41:46 <_xor> ...but I'm switching to dhcpcd for dual-stack IPv4 & IPv6, and dhclient last I checked doesn't handle IPv6. But even with ifconfig_em0_alias0="..." set and no ifconfig_em0="SYNCDHCP" (because dhcpcd is handling it), then it appears em0 gets configured with the static IP as the primary IP on em0 and the DHCP-assigned IP is added as an alias. 05:42:52 <_xor> I need it to use the DHCP IP for NAT, but (em0:0) is essentially "Exclude any IP aliases" and not "Use the first IP on the interface". 05:44:40 <_xor> So basically the static IP is being set as the primary IP on the interface and the DHCP-assigned IP is the alias, and I need it the other way around. Currently working around it via a bit of a hack (dhcpcd user hook that adds the static IP as an alias after the DHCP IP has been assigned). 05:44:48 <_xor> If anyone knows of another (better) way to do it, I'm all ears. 05:47:52 i am waiting for dhcpcd merged in base 05:50:48 <_xor> That'll be nice. 05:51:05 <_xor> Actually, do you know if a way to set both a static IP and still for it to use DHCP on an interface? 05:51:48 <_xor> I was reading the man page for it but didn't see a way to do that. I tried doing `static ip_address=...` and "dhcp4", but that didn't do it. 06:13:51 _xor: yes you ned anothre dhcp client for ipv6... net/dual-dhclient 06:14:44 basically it runs both the builtin dhclient and the isc one for v6 06:15:06 does ifconfig_em0_alias0="dhcp" not work? 06:38:36 angry_vincent: the plan is for it to happen for 14.0 so it can only be a matter of… weeks 06:43:53 <_xor> rtprio: Oh yeah, I forgot about net/dual-dhclient. Is that recommended though over dhcpcd? I was under the impression that dhcpcd should be the preferred client, especially since it'll eventually be merged into base. 06:44:30 <_xor> rtprio: ...and ifconfig_em0_alias0 works, but I need the DHCP-provided address to be the primary IP, not the alias. 06:48:49 i wouldn't worry about what might be in base in the future. 06:49:05 if you want both dhcp for v4 and v6 you need the dual-client 06:49:38 which just calls both clients 06:50:21 i would stick with ifconfig_em0="SYNCDHCP" and ifconfig_em0_alias0="inet 1.2.3.4/250", and figure out why pf needs restarted / adjust the config so it does not 06:50:53 kinda of a weird network; tbh 06:54:12 i missed this message from the surprise null root password thread https://lists.freebsd.org/archives/freebsd-current/2023-May/003784.html 06:54:13 Title: Re: Surprise null root password 07:06:18 <_xor> rtprio: ...but dhcpcd handles both, and when I looked at dual-dhclient, it didn't seem as flexible as dhcpcd, which is why I went with the latter. 07:06:32 meena: let's surprise bob by logging as root after breaking into his basement 07:06:59 <_xor> rtprio: My ISP does it that way where a DHCP request needs to get a dynamic IP first and then they route the static IP to that DHCP-assigned IP on their network to mine. 07:07:20 that is wacky 07:07:31 <_xor> I mean it works as I have it setup now, it's just somewhat hacky, but not that big of a deal. 07:07:56 Which one would perform faster overall; FreeBSD as host and a FreeBSD running in Jail, or FreeBSD as host and a FreeBSD running as bhyve/vm? 07:08:26 Jail would be faster than the one in vm? 07:08:35 <_xor> Yeah, I tried assigning the static IP to a separate netif on the box, but that didn't work unfortunately and from some quick reading of their support page, it seems like they route it to the MAC address they have registered for your dynamic IP. 07:10:35 tercaL: yes, jail would be faster. but they both have advantages and disadvantages 07:14:22 _xor: sounds quite hacky; how much for a full /28. or simplify furthr with just a single static ip 07:15:15 <_xor> It's a single static IP. 07:16:06 dependant on weird dhcp routing 07:16:15 and mac access 07:17:15 <_xor> With my previous ISP, I had a really good deal on a /28 static block. The installation tech even called and confirmed it before activating it. I was standing there and he was on the phone with management saying, "Uh...he has a /28. I'm looking at the paperwork right now, it's accurate. He got it cheap. Whatever, I'm activating it." 07:17:57 <_xor> That ISP was cable though and their reliability + service sucked. It was flakey. New ISP is gigabit fiber and rarely ever goes down. 07:19:46 <_xor> This is "business service", and they "require use of their box" (router) with it. I hated that thing, so I cloned the MAC and set em0 on my FreeBSD box to it. Then removed the box and plugged the CAT5 directly into my FreeBSD box. Works fine. 07:21:22 huh 07:26:21 <_xor> They dig a conduit to go from their local NAP to the side of my house and bury single mode fiber in it. Then from the side of the house they bring it inside into my basement to an ONT unit, which is what turns it from fiber to copper CAT5. That CAT5 is technically supposed to be plugged into the router they give you to get access. 07:27:29 <_xor> They do tech support with it too where they can remote into the router, etc. I initially tried just plugging the CAT5 directly into my box, but it wasn't getting an IP from them. So I grabbed the MAC off of their router and changed the MAC on em0 to it, then tried again, and it worked. 07:29:07 <_xor> I asked them about it later and they told me that "business class" customers are required to use their router. They told me this when I tried to return the router they gave me, for which they charge $10/mo on my bill. I still have that stupid thing downstairs. 07:36:49 my fiber router subversion was quite a bit easier 07:37:04 just punch in the credentials on pppoe, set mtu and away we go 07:37:25 i left the ont when i sold the house 07:41:03 <_xor> It didn't even occur to me that I could potentially take that, though I doubt it in my case. 07:41:21 <_xor> Are you in the US? 07:47:47 i was; it was centurylink 07:48:13 <_xor> Figures. ISPs here really do try to uh...take advantage. 07:48:27 pretty great for their introductory rate($50?), rather overpriced once that ran out($130) 07:48:43 hey 07:48:56 someone knows when atime of a dir gets updated? 07:48:56 <_xor> I'm paying $90/mo for 1GbE symmetric fiber with a static IP. 07:49:11 that sounds perfect 07:49:33 static ipv4? 07:50:05 <_xor> Can't complain given that before I was paying $120/mo for cable that was getting around 200/75 and avg latency would jump randomly during peak hours (oversold local nodes). Though the only real positive was the /28 static that came with it. 07:50:06 gustik: check out man lstat 07:50:13 <_xor> Yes, static IPv4. 07:50:13 ok 07:50:54 <_xor> They support IPv6 too, I just hadn't gotten around to configuring it until recently. I'm almost learning more details about IPv6 while I'm at it. 07:51:05 yes 07:51:19 sadly i was looking at starlink; i hate the idea of it, but it's the only thing out here 07:51:20 you need to get prefix delegation working then 07:51:50 because IPv6 does not give you a set of ip's like DHCP, but IPv6 does DHCPv6 PD 07:52:03 <_xor> rtprio: Where are you? (not like GPS coords, I don't want to hide in your bushes and peek through your window) 07:52:19 <_xor> gustik: Yup, getting most of that setup. 07:52:29 i'm on a sailboat in the south pacific. tahiti. 07:52:36 <_xor> I was going to try to use ND instead of DHCPv6, but I don't think ND will do everything I need to do. 07:52:45 and that's very nice this prefix delegation stuff, because if your ISP allows you to get more prefixes, then you can get one dynamic and one static 07:52:58 <_xor> My ISP delegates a /56. 07:53:03 ISPs do not do neighbor discovery 07:53:12 <_xor> I meant internally on my LAN 07:53:15 yes, usually you get DHCPv6 PD /56 07:53:25 what's PD again? 07:53:27 but that's dynamic 07:53:29 prefix delegation 07:53:30 <_xor> Prefix Delegation 07:53:42 <_xor> I'm not 100% sure if my prefix is static though :/ 07:53:44 you get a /56 prefix and you can assign then /64 where you need it 07:53:47 <_xor> I need to confirm whether it is or not. 07:53:59 <_xor> I hope it's a GUA. 07:54:13 another tip is to use DHCPCD 07:54:20 i've used rtadvd; i don't think ive ever dealt with PD 07:54:24 because that's the only software that's actually working 07:54:29 <_xor> Heh 07:54:36 <_xor> I think you and rtprio should have a chat :P 07:54:38 ISC DHCP does work too, but not without manual 07:54:55 rtadvd does not do PD 07:54:56 <_xor> isc-dhcp-client you mean? 07:55:03 prefix delegation is DHCPv6 stuff 07:55:35 yes, ISC is not a good choice any more 07:55:39 <_xor> PD doesn't require DHCPv6 (though that's how they hand it out to you from their end), as far as I know anyway. 07:55:40 but is it really necessary? how many home networks are complicated enough to need multiple /64's 07:56:01 <_xor> I could handle internal PD on my LAN using ND, I thought. From what I read anyway. 07:56:27 <_xor> gustik: I actually setup dhcpcd earlier tonight (again) 07:56:30 you can not do it other way, than PD because each LAN needs own /64 ... if you have a wifi LAN and home LAN, that's how you do it 07:57:15 i had mixed results with v6 at home 07:57:16 <_xor> IPv6 is nicer to deal with in terms of multicast. 07:57:22 <_xor> I mean it's multicast by default. 07:57:44 <_xor> But not having to deal with IGMP and all of that junk is nice. 07:58:00 yes, but that's not important how it looks like compared to what, I do not have an own IPv4 any more, we ran out, so IPv6 is how you connect nowadays everything 07:59:36 I mean "nowadays" ... should have been like that for 20 years already 08:00:06 gustik: you're underestimating how lazy software developers are 08:00:26 love to bind *:443 and have it work 08:00:37 I do not care about that much, see the only device that does not do IPv6 here is my old printer (the new one does IPv6 too) 08:00:38 in practice: it may bind to v6 address or v4 or both who knows 08:00:51 even VoIP telephones now do IPv6 08:01:16 and may depend on OS 08:01:24 I have a SNOM 08:01:55 <_xor> I'll be happy if my static IP includes both IPv4 and IPv6. 08:02:17 it should be 08:02:20 <_xor> I'll be annoyed if the IPv6 isn't a static delegation and they want to milk the opportunity to bump my bill up for no good reason. 08:02:38 that should not be a problem 08:02:46 because the expensive thing is the IPv4 08:03:02 <_xor> Do you use a broker for IPv4? 08:03:16 I see the problem in not being able to find out, besides by testing, or asking on tech support how the ISP has configured it 08:03:39 because sometimes you need to send some specific DUID with DHCPv6 so that you get the right PD static prefix 08:04:17 otherwise it might change (and that would be dynamic then) 08:04:22 <_xor> I'll figure it out, not a huge deal. Though I'm wondering if it would be better and/or cheaper to get a IPv6/IPv4 tunnel and get rid of the static IP I get now. 08:04:35 <_xor> Ah, good point. 08:04:48 I do not think so 08:04:58 we were tunneling for 20 years like this 08:05:33 at some point it has to work and the ISPs should be interested in this even if stuff breaks, because only so they get to know how it works 08:05:41 _xor, "broker" as in an entity that gives you IPv4 address from its collection to use yourself? 08:07:21 <_xor> Basically. 08:07:39 Ok. /me nods 08:08:11 <_xor> My static IPv4 doesn't add that much too my bill currently, so I'm going to keep it. Just contemplating other potential options. 08:08:23 <_xor> gustik is most likely right though, it's probably not worth it. Especially if it's not that much more expensive. 08:08:53 you also have to think about the other side 08:09:07 the sooner you open up this question the better 08:09:19 I have here in Slovakia have had DSLite since 2014 08:09:28 and ISP is Orange (french telecom) 08:09:40 so they got first hand experience with me 08:11:00 2015-2017 I had DOCSIS 3 in Nuermberg / Germany where I got from KMS (Kabel Medien Serivce) a IPv4 and IPv6 PD over DHCP (but not static) however, it was real dualstack 08:11:26 and the speciality here on Orange line is that it is PPPoE (VDSL2) 08:11:50 which rules out ISC DHCP client because it can not do DHCPv6 PD over PPPoE (there are patches for that) 08:12:07 that's why I always tell ppl to use DHCPCD because that works out of the box most cases 08:24:22 cheers 08:24:24 * rtprio & 11:34:19 i started backing up my ssd for a freebsd and linux dual boot again... ext2 sucks tbh 11:34:43 transfer speeds went from 100 mb/s all the way to 7 mb/s when i started transferring my flac music folder 16:46:11 Hi! It's probably not the best place to ask this, but is there a way to generate RSA 4096 bits certificates by default with acme.sh (on FreeBSD obviously)? I found out about the `-k 4096` flag, but if there's a way to make it the default, it would be nice. Thanks a lot in advance :) 16:53:56 patch the script? the defaults are in a pretty obvious place 16:55:52 Yeah, I thought about that, but what about updates? They're going to either override my default or keep the old script, which, in both cases, is not good. 16:56:24 make your own wrapper myacme.sh 16:56:29 or just an alias 16:56:29 putting DEFAULT...=whatever in ~acme.sh/account.conf should probably work too 16:57:05 daemon: yeah, it kinda feels like duct tape but I'll do that if I've got no other options :/ 16:57:18 RhodiumToad: I tried that too but it doesn't seem to work. 16:57:25 I mean it does not bother the main acme.sh and updates will all work fine 16:57:29 Yeah 16:57:47 and you can also do stuff like cat the appropriate certs together for whatever pem format wants 16:57:54 sorry, ~acme/.acme.sh/account.conf 16:58:17 in what way did it not work? 16:58:32 and did you try and configure the account key size or the domain key size? 16:58:49 and in any event, renewing a cert keeps the old key (size and all) 16:59:46 RhodiumToad: Like, I had put `DEFAULT_DOMAIN_KEY_LENGTH=4096` in /var/db/acme/.acme.sh/account.conf and, after generating a whole new certificate, it made a 2048bits cert. 17:00:01 mm 17:00:28 I'll try again, maybe I made a typo or something 17:02:24 Nope, still 2048 bits. 17:02:47 An alias will do I guess lol 17:03:14 Thanks a lot :) 17:19:07 remember to run it as the acme user 17:20:15 [Wed May 31 17:18:45 UTC 2023] Use DEFAULT_DOMAIN_KEY_LENGTH=4096 17:20:19 worked for me 17:24:34 RhodiumToad: Yeah, I ran it as acme (using the standard `acme.sh --issue --dns dns_ -d `) with DEFAULT_DOMAIN_KEY_LENGTH=4096 in /var/db/acme/.acme.sh/account.conf but it still gave 2048bits certs. Weird. 17:25:47 worked perfectly for me 18:19:57 <_xor> Heh 18:20:18 * _xor found an old manual for IA-64 18:20:39 <_xor> I wrote "The Itanic" on it with a black marker. 18:22:59 <_xor> Intel fab'ed them until 2017?! 18:24:08 <_xor> Oh wow, didn't realize FreeBSD support was there until 2018: "FreeBSD (unsupported since 31 October 2018)" 18:26:26 i see 18:26:46 i'm planning to switch again to freebsd - this time as a dual boot with linux for ai stuff 18:27:20 currently on linux, should i partition linux and then install freebsd or install freebsd before linux? 18:27:41 although im on systemd-boot and would rather have grub for dual booting 18:30:07 dammit, I hate ambiguous specifications 18:30:31 parappa: are you using EFI or not? 18:31:48 ok, so i have zrepl making snapshots are routine intervals, but why do the snapshot names use UTC? how can i make it be my timezone? 18:32:47 @RhodiumToad yeah im on uefi 18:33:23 I know nothing of grub; is it being run as an EFI program? 18:33:40 Random example of booting FreeBSD on UEFI from GRUB: https://bpa.st/O4ZTI 18:33:41 Title: View paste O4ZTI 18:33:58 That shows potential fallback if a disk is missing, for example. 18:34:17 i see 18:34:25 im planning to make my disk mostly freebsd 18:35:03 if you already have a linux install that you want to keep, then all you need to do is ensure that you have enough disk space not assigned to any partition to install freebsd into. 18:35:17 yeah i do 18:35:27 currently backuing up my stuff and planning to hopefully like 18:35:57 resize my linux partition since ill only really use linux for ai stuff 18:36:27 when you install freebsd on a uefi system, it will install both bootx64.efi (which is probably where your grub is now?) and freebsd/loader.efi 18:36:46 im on systemd-boot rn 18:36:47 sadly 18:36:52 RhodiumToad: Grub mostly goes into vendor-specific directories lately. 18:36:59 whatever 18:37:26 bootx64.efi is where EFI starts unless you have explicitly told it to use some other program, afaik 18:37:46 Most systems install variables that tend not to include the default/fallback. 18:38:53 anyway. it should make little difference which order you do the installs in, as long as you leave enough space when partitioning to include the other OS. 18:39:33 puddinghead: Maybe see about migrating to grub first, and then it's trivial to dual-boot Linux and FreeBSD. 18:40:20 yeah im planning to reinstall with grub first 18:40:45 then dualboot either arch or endeavour os with freebsd since archs been the distro thats made ai stuff easiest 18:40:53 i absolutely hate how debian handles python 18:41:56 archs made it easy in comparison, you can freely use either python tools install by either pacman or pip while debian bans you from using either unless you install miniconda/anaconda lol 18:50:24 I get around that by avoiding Python like the plague. 18:51:03 mason: yep 18:51:13 yeah that seems about right 19:49:54 Hi, this is a zfs related question. In a server I have a pool with only one disk (8tb) that is reaching its full capacity. Now I want to replace it with one with 12Tb. What should I do in this case (I replaced disks in arrays many times, but never when there's only one drive). 19:50:41 attach the new one into a mirror, let it resilver, detach the old one, zpool online -e ... 19:51:39 otis: zpool attach datos ada1 ada2 ? 19:52:07 you can test this with file based pool first. 19:52:58 I get this: cannot attach ada2 to ada1: no such device in pool. 19:53:39 zpool status ? 19:54:25 tsoome: the status is ONLINE. The difference is the current drive shows as gptid/... instead of ada1 19:56:12 zpool attach needs current drive. You are telling that pool should set up mirror consisting of existing disk and new one. 19:56:22 it seems to be working with gptid 19:59:03 Why would anyone use zfs with a single drive? 19:59:31 That's just silly. 20:00:17 CrtxReavr: because its a TrueNAS server used as a replica for the main server 20:00:54 So a replica that's a single point of failure? 20:01:43 CrtxReavr: Yes, also there is a backup on a 3rd machine. 20:01:47 Speaking strictly for myself: Because it provides features that UFS doesn't - yet, at least. Plus, it's future-proof if I decide to have the CD/DVD in my laptop replaced with an extra disk. 20:02:56 CrtxReavr: I know this isn't perfect, but way better than no backup at all 20:07:56 For a single drive, it just seems like ZFS as A LOT of overhead that's unnecessary. 20:08:31 Plus, you can migrate to larger drive, using UFS and other, simpler tools. 20:09:05 dd, gpart, growfs, Et al. 20:09:20 But you do you. 20:18:11 i would definitely use zfs on a single drive. 20:55:01 I just updated from 12 to 13 and then ran a "zpool update" and got he message, " 20:55:39 "Pool 'zroot' has the bootfs property set, you might need to update the boot code. See gptzfsboot(8) and loader.efi(8) for details." 20:56:08 wasn't clear to me from those man pages what my move was. 20:57:48 Do I need to update the boot code? How can I tell? What is teh right way to update it? 21:27:52 of course dvl already has an article: https://dan.langille.org/2021/05/22/updating-my-freebsd-12-2-host-to-freebsd-13-0/ 21:27:53 Title: Updating my FreeBSD 12.2 host to FreeBSD 13.0 – Dan Langille's Other Diary 21:29:22 no efi partition listed in his `gpart show` tho. mine has one. 21:55:46 A quick question I see Freebsd 14 is CURRENT - and I understand that first beta is out - this means it will become RELEASE without going to STABLE ? ---- also - once FreeBSD 14 reaches RC - if in CURRENT - can it be upgraded to Release when that happen ? 22:02:42 acu: er, there is no 14 beta out 22:03:18 but generally, for cutting a new release off of main, you start with some alpha builds, then branch out to stable, then branch stable -> releng and beta builds start 22:03:48 https://docs.freebsd.org/en/articles/freebsd-releng/ we have an article on release engineering too 22:03:50 Title: FreeBSD Release Engineering | FreeBSD Documentation Portal 22:06:17 thanks kevans and debdrup --- I was looking at https://www.freebsd.org/releases/14.0R/schedule/ 22:06:18 Title: FreeBSD 14.0 Release Process | The FreeBSD Project 22:06:44 right note the 'actual' column on that page 22:07:11 re updates the table as these things are actually done, so '-' / 'delayed' means it's not actually happened as expected 22:07:27 in this case, largely openssl3 induced 22:07:36 14-STABLE has been delayed, there should be some announcement about it somewhere 22:07:45 I see thanks 22:11:44 is there any tool to make a bootable live FreeBSD system on an usb stick (similar to nomadbsd) ? --- I want to do that for Freebsd --- 22:12:23 I have seen Michael Dexter has few appliances - I wonder if imagine.sh is actually doing that ? 22:12:49 https://github.com/michaeldexter/occambsd 22:12:50 Title: GitHub - michaeldexter/occambsd: An application of Occam's razor to FreeBSD 22:14:39 The VM-IMAGE(s) are bastically live, but without fancy MFS things. Do you need read-mostly or for all changes to be lost on reboot? 22:15:24 They also support BIOS/UEFI out of the box, beating the majority of other operating systems on the planet. 22:16:22 I have not looked at the "diskless" feature for some time, which is intended for NFS use. 22:19:27 michaeldexter, thanks a bunch for the work and answer ---- I want to make it easier for students to get in FreeBSD realm - having a usb stick with it booting a native FreeBSD would be lowering the entrance threshold - I like NomadBSD aproach - you boot in a Desktop Environment (I wish they use Enlightnement or Lumina since they are only two BSD licensed DE) --- but also I like that I can install any application in the Live USB - and it persists - then I can just 22:19:27 click a button to fully install in the desktop if I want.... sorry I am too verbose .. 22:24:52 I see to massive roadblocks for bringing fresh blood into FreeBSD - one is a simple GUI to Virtualization virt-manager is GPL and it did not work when I tried --- the only solution I have seen was clonos https://clonos.convectix.com/ based on https://github.com/cbsd/cbsd --- 22:24:54 Title: Free Open-Source Hosting Platform «ClonOS» 22:26:16 freebsd does not need any 'fresh blood' it's fine with the blood it has 22:26:28 is this a joke ? 22:26:28 acu: How high a priority is a Desktop? 22:26:38 acu: nope 22:48:48 RhodiumToad: just updating you since you put so much time into this, doing an install of 13.2 onto the boot drives (but preserving the old pool on the other drives) has worked so far. I've moved a few things back, fingers crossed... 23:18:30 hmmm, `sysctl machdep.bootmethod` says BIOS tho