longword, I just wanted to say that I found your tale of small memory booting fascinating and very cool that you were able to tune it to do it!

hm, a simple way to make it settable would be guarding it with a #ifndef so that one could add -DHEAP_MIN=$(( 16 * 1024 * 1024 )) to CFLAGS, but no idea if it should really be exposed as settable

anyone know how to resize a vm where freebsd is the guest ?

using virtualbox on linux

Hi

yo

late!

does anyone have a kerberized NFSv4 export working with a FreeBSD server and macOS client? i'm having endless problems with this (random errors, or the mount completely hangs), and i'm pretty sure it's macOS's fault, but i wonder if there's anything on the FreeBSD side that can be changed to make it work better

I'm having a problem with a package, opensmtpd binary install in FreeBSD release 14 p4. There is a fix available with a more recent version. I'm wondering if just waiting will eventually upgrade the version as I do normal pkg maint, or if I have to use ports to achieve the upgrade from 6.8.0,1 to 7.3.0,1

Nematocyst: the short answer is yes. the longer answer is that several things need to happen: 1) the port maintainer needs to update it to the latest upstream release in the ports tree; 2) that update needs to make it a quarter package release (assuming you're using quarterly, which is the default); 3) the quarterly package build needs to run after the update is available to build the package; 4) once all that has happened, pkg upgrade will pull in

if you're using quarerly and the issue isn't serious enough to merit backporting to quarterly, this could take several months to happen since the new version won't appear until the new quarterly is out

thx. I can probably wait. it's nothing earth shattering, just doesn't support TLS incoming. not a big concern outside wanting to correct it eventually

I might be having a brain fart. I have a networking interface that has wan 2 ip addreses. Can I give one of the addresses to a vnet jail?

ngortheone: not directory, a VNET jail needs a dedicated network interface. you should create an epair interface, assign one part to the jail, create a bridge on the host, add the WAN interface to the bridge, put *one* address on the bridge interface on the host, and then put the other address on the epair interface inside the jail (*not* on the host)

s/directory/directly

this may not work if your WAN interface is something like a cable (DOCSIS) bridge that filters by MAC address, but it should work on a normal Ethernet network

If it is MAC address filtered then I think you can assign the hardware ethernet address to the vnet jail. Pretty sure.

i forgot a step: the other end of the epair interface (the host end) also needs to be added to the bridge, and remove all IP addresses from the WAN interface on the host (they should be on the bridge interface instead)

if you can't get past MAC address filtering (i've never had to attempt this) you could also leave both addresses on the host, assign a ULA/RFC1918 address to the jail and have the host be a router instead of a bridge, with NAT for incoming connections

in that case you also don't need a bridge

(i'm so glad we just have a v4 /28 at home now so there's no need to mess with this, i just put the public jails on a dedicated vlan)

thanks unixwitch. This is Vultr cloud, I think it should work!

> and remove all IP addresses from the WAN interface on the host (they should be on the bridge interface instead)

this bit is confusing, do you know why this is needed?

ngortheone: it's just how it works (Linux is the same way, as are all other software bridging platforms i've seen) - if you have multiple interfaces in a bridge, the IP address goes on the bridge

if you put the IP address on a bridge member interface, it may cause issues with things like ND/ARP or other strange problems where things randomly don't seem to work properly

(for example because if the host receives an ARP for 10.1.1.1 on epair0a, then bridge0 sees that ARP, but 10.1.1.1 i assigned to ix0... what should the host do?)

if you put 10.1.1.1 on the bridge, the ARP arrives on epair0a, then it arrives on the bridge, then the bridge replies because 10.1.1.1 is assigned to the bridge interface, no confusion

ngortheone: this might be more clear with a real example: dpaste.com/HSUJVTZ2T - so here i have bridge0, which has various member interfaces (ix1, epair0a, epair1a, tap0, ...) - the IP address could go on any of those interfaces. i could put it on ix1, but i could also put it on epair3a. but the most sensible approach is to put it on the bridge, so none of the member interfaces are "special".

Title: dpaste: HSUJVTZ2T

wonder how FreeBSD arm64 for Apple Silicon is coming, maybe i can use this Mac Mini for a server...

unixwitch, Don't know about FreeBSD, but OpenBSD seems to be working there

unixwitch: I need to go assemble these serial devices so I can get back to it a little easier

in my local tree we can boot all the way to multiuser as long as you're okay not having the disk (usb only)

kevans, Is FreeBSD-on-Apple arm64 progress being reported on -arm64@ mailing list? Elsewhere?

nah

it's been stalled for a wwhile, I'll throww in a status report when I get back to it

Thanks

the new year is looking a little bit better for having time for stuff like this again

kevans: i would need the disk but that sounds promising (at least much better than the wiki page). is Ethernet working? (10G in my case, i don't know if that's a different driver from the 1G version)

I don't recall if wew had gotten ethernet functional or not; we at least didn't have what wew needed to pull the mac address, but bge was at least visible

oh it's just a bge(4)? i guess that makes sense, for some reason since this is Apple i assumed they had custom hardware or something for it

(well i guess the 10G version is not a bge, but maybe it's something else common)

kevans: ooi if i do end up with a spare M1 Mini, is there anything i could help with? i do know C but i've never done FreeBSD kernel development before

unixwitch: You might want to track down a copy of The Design and Implementation of the FreeBSD Operating System (second edition).

Or one of the earlier iterations, either D&I/FreeBSD or D&I/BSD would be a good start

unixwitch: not a lot until I start getting what we have into a more shareable state

you might be able to do something on that 10G hardware once we have it into a reasonable state

if you could, for example, survive with a USB NIC if some work is needed to get the 10G NIC up

not ideal, but it would be better than no connectivitmy

mason: i've actually read The Design and Implementation of 4.4BSD, but not the newer one...

I do plan on picking up an M3 Mini when they refresh those again, I might pick up the 10G option just to have a local sample

ngortheone, unixwitch, Just to voice a counter example, On FreeBSD all of my IP addresses are assigned to the epair devices and none to the bridge devices. bsd.to/JUS8/raw

Title: JUS8

However on Linux systems the IP address is always assigned to the bridge there. It's a different system there.

rwp: if i'm understanding your example correctly, you have 192.168.230.41 assigned to the epair interface *inside* the vnet jail? that's fine and agrees with what i said

but you do not have an IP address on "ja0a" in the host, right?

Yes. But I don't have an address assigned to the bridge.

well, that's also fine, if the bridge is a pure L2 switch and the host control plane is accessed some other way (like a different interface)

my point was you shouldn't have an interface which is both a bridge member and also has an IP address assigned, which you don't in your case

In this example it is a separate NIC for the host. But I could look at a different example where the host is also bridged in on the same bridge.

Your example has an IP address 10.1.6.13 assigned to your bridge0 interface though. I don't ever assign an IP address to the bridge.

(However on Linux systems I would have to do it that way.)

FreeBSD has a rich set of software-defined-networking features. There are many ways to do things.

rwp: you shouldn't do this, see docs.freebsd.org/en/books/handbook/…vanced-networking/#network-bridging "If the bridge host needs an IP address, set it on the bridge interface, not on the member interfaces."

Title: Chapter 34. Advanced Networking | FreeBSD Documentation Portal

i mean, if you want to do this, and it works, that's up to you. but the documentation explicitly says not to do it this way.

Okay. I think I understand the point you are making. If I have a NIC say em0 and bridge it to epairs then it says don't assign an IP address to em0, assign it to the bridge instead. That's fine. But what I am doing is attaching an epair to it and assigning the IP address to the epair.

if you look at bridge(4), the DHCP example also shows the DHCP client running on the bridge interface, not the member interface

Both of us are in agreement not to assign the IP address to the em0 interface if it is attached to a bridge.

rwp: no, you shouldn't add an epair to a bridge and assign an IP address to the epair. i think what you mean is you assign epair0a to the bridge and then assign an IP address to epair0b, which is fine, because those are completely different interfaces and epair0b is not in the bridge.

I think you just accidentally said the opposite thing in that sentence between the beginning and the end. Don't assign to an epair, do assign to an epair. But let's not argue about it. I think we are generally in agreement. And there is more than one way to do it.

well, to be clear, my point is that an interface which is a bridge member should not have an IP address assigned to it

And I agreed with that.

Except for what is the definition of an interface. Both an em0 NIC and an epair are interfaces. I think that may be where we are talking past each other.

an epair is two interfaces

ifconfig epair0 create; ifconfig bridge0 addm epair0a; ifconfig epair0b inet 10.1.1.1/64 up

And you can't both assign an address there and not assign an address there.

now epair0a is a bridge member and does not have an IP address, epair0b is not a bridge member and does have an IP address, so no problem

Hey you showed your configuration which is working for you and I showed my configuration which is working for me. It's all good!

on a completely different topic, how does FreeBSD handle audio interfaces with a large number of I/Os? is it possible to have normal applications (that don't understand such interfaces) just use the first two channels for stereo I/O?

or like, if i want channels 0+1 to be stereo output and treat input 0 as a single mono mic input

yuripv: oh dear, the atf_check piping problem is all over that file

thanks rwp, unixwitch

kevans: yeah, will fix that separately

but without using pipes it looks uglier, wonder if atf_check (or atf itself) could be "fixed" instead :D

yuripv: unfortunately not, it's a shell thing

as soon as we get thrown into a subshell hell breaks loose and that's not easy to solve

what's the difference between bootonly and memstick images?

is bootonly ISO9660 while memstick is UEFI?

My understanding: "memstick" have the base system files to be installed via USB flash disk. With "bootonly" image you would have to fetch everything over network. For the reality check freebsd.org; would have thought freebsd.org/where would have listed but does not

Title: Get FreeBSD | The FreeBSD Project

Well, there is a small blurb under "Choosing an image" without reference to terms used for the images

parv: i think you're right, i assumed memstick also didn't have the base files, but it's significantly larger so perhaps it does

i suppose this differs from "dvd1" in that dvd1 also includes a few packages that memstick doesn't

... also "disc1"

hm, right. i wish the documentation was more clear about this

memdisk and disc1 seem to include the same things, so i assume the difference is just the filesystem/partition type

s/memdisk/memstick

Right

hmm, this motherboard's alc(4) apparently doesn't work...

bugs.freebsd.org/bugzilla/show_bug.cgi?id=230807 maybe

Title: 230807 – if_alc(4): Driver not working for Killer Networking E2200

select bigger font using vidfont?

would be nice if autoscaled that…

meena: yeah, agreed. although i remember linux has this issue too...

does anyone have an appropriate example using vidfont for a 4K display?

it's kind of weird since (in my case) amdgpu.ko only loads halfway through /etc/rc, so i guess you'd need a setting that works both before and after?

that now makes me wonder if you could do it in a devd trigger

unixwitch which one is picked by default?

tsoome: which what? font? i have no idea

unixwitch: basically, if it's picking up the wrong don't, it's tsoome's fault

it seem like a font that would look nice on a 1920x1080 display but on a 3840x2160 display it's bare readable

I would expect you get 16x32

you can check with kenv

which kenv variable is relevant here?

ilythia% kenv|grep -i font

screen.font="6x12"

ilythia%

ou, why do you get 6x12?

i don't know!

the system boots in the default EFI vt(4) config which is 1920x1080 and that looks fine, i guess that's what it selects the font?

hm, well, you can try on loader prompt: set screen.font=

halfway through boot, /etc/rc.d/kld loads the amdgpu.ko module which doubles the resolution

without value, you should be presented with list of options

so you can try different ones to see which is best for you

ic, i will try that in a while, thanks

but, I'd start with setting gfx resolution first

what do you mean

if i could get loader(8) to start in 4K that would be awesome (as long as it had the right font...) but from what i understand this depends a lot on my system's UEFI implementation and the GPU's UEFI driver

I mean, if you want to have 3840x2160, you can set it and it may do

or the GPU's, uh... is it called a GOP?

tsoome: how would i set that to try it?

yes, if firmware does not allow to change to better resolution, then you can not change it

yes, gop is the command there

gop list, gop get, gop set

that's a loader(8) command?

yes

interesting. i will test that too

is there a list of valid values for loader.conf's screen.font=?

if you use set screen.font= without value, it will show the list

if the resolution change does not work, you can just set screen.font=... in loader.conf, the other option is to leave boot screen as is and load console font from rc

you can find fonts used by boot loader from /boot/fonts

tsoome, meena: so "screen.font=12x24" seems to fix the problem, except the font is far too large before amdgpu is loaded... but i guess i can put up with that

yes, thats why I suggested to use method from rc scripts - then you have good screen at boot time and larger font once the system is running

of course, if you get X running, then the console does not matter too much anyhow

gop command did not allow to set better resolution?

oh, i didnt try gop, will try that next time

okay, seems like 'exec="gop set 0"' in /boot/loader.conf fixes the problem, although it adds a surprisingly long delay (~10s) to booting

unixwitch: the 10 second delay comes from autoboot_delay which you can also set in loader.conf(5)

debdrup: i don't think that's where it comes from, i get the normal 10s countdown after it switches to the new resolution

oh, hm.

i mean, 10s is not a huge issue. it might be just how the GPU's GOP driver works...

oh ffs, Firefix has broken X selections?

if i wanted to use Windows i'd use fucking Windows, what the fuck

ugh

Firefox needs to stop reinventing UI tbh

turns out it's actually vim (???) which broke this by turning on 'mouse' by default

I really dislike their owner-drawn menu

is there a per-user equivalent of kern.ipc.somaxconn / kern.ipc.soacceptqueue ?

mmm maybe something in login.conf ...

openfiles is already set to unlimited, I wonder what else sets it

I'm trying to get my webserver to do more than 1024 somaxconn

ok, next problem, Nextcloud requires a new sign-in every time i log in... am i missing some sort of gnome-keyring shit?

stupid question. in rc.conf, cloud-init on one machine writes 'ifconfig_ens1=DHCP' for example. Will this mess up parsing? not sure if "" around DHCP is needed or not.

norrland: rc.conf is sourced as a shell script, thus shell syntax is valid

you need quotation marks if there are unescaped whitespaces

Hello all. New FreeBSD user here, very limited knowledge. Trying to create a jail via bsdinstall. base.txz fetches fine but it keeps failing at lib32_dbg.txz. Any advice on how to get this resolved? bsd.to/YZeu

Title: dpaste/YZeu (Plain Text)

norrland: i should fix that

I don't like the inconsistency

Also, i need to update the cloud-init ports…

norrland: I've got a few good patches in some of which are not yet in 23.4.1

codeberg.org/meena/openbsd-ports/sr…d-init/sysutils/cloud-init/Makefile here's the OpenBSD port I've been working on. Those runpath patches are useful to all BSDs

Title: openbsd-ports/sysutils/cloud-init/Makefile at add/cloud-init - meena/openbsd-ports - Codeberg.org

why would bsdinstall installerconfig have cap_mkdb /etc/login.conf in it? i know that builds the db there but not why it's needed

to inject it?

polyex: I guess there's some machine-dependent settings/config in there? your guess is as good as mine

it's after export PATH... could it be that?

mvee: welcome! I would use the default freebsd mirror on the list for the install; its also over http and not ftp

this should get you to a url like download.freebsd.org/ftp/releases/amd64/amd64/14.0-RELEASE which has lib32-dbg.txz

Title: Index of /ftp/releases/amd64/amd64/14.0-RELEASE/

note thats lib32- and not lib32_ which is what your URL shows. weird.

the paths come from MANIFEST file in that same direcory, mvee, so I speculate that:

- columns represent the filename, then checksum, size, then the local name to save as? etc. ?

what's the term for injecting a var into my current terminal's env?

like how would you say "then ____ FOO=bar to ..."

dch: Appreciate the welcome and advice! I was able to install by not selecting lib32_dbg.txz but ran into other issues, too many to list...Followed the steps here and install seems to work. docs.freebsd.org/en/books/handbook/jails

Title: Chapter 17. Jails and Containers | FreeBSD Documentation Portal

polyex: I don't understand the question, but its' probably "export" for the word, and "env FOO=BAR ... command" just to change it for one.

Hello. How do I add secondary HDD to my ZFS?

i want redundancy. now i have only single drive

V-T60: basically you need to install the drive, of same or bigger size, then partition it manually, update boot loaders etc, and then finally add the partitioned drive portion to the mirror

for the partitioning, man gpart, and use gpart backup|recover from old-> new disk is a great trick

dch: also, not sure if it matters but when using bsdinstall, I used the default freebsd mirror each time.

What's ipfw-equivalent to pf's syntax of selecting a specific interface IP via `(re0:0)`?

My WAN interface has two IPs, the primary one that is set via DHCP and then a secondary one that is statically set. The DHCP-assigned IP is used for client NAT (outbound-created states). The static IP is used for redirects (inbound states for redirects to internally hosted services).

any clues why my apache wont listen on 443?

mane: You need a Listen 443 directive.

in which file?

mane: Any.

mane: The context matters, not the config file name.

mane: Listen is only to be used in the Server context.

mane, does "sockstat -l" show it is not listening on 443?

ok got it working

<33

now why pf wont be executed at boot despite having pf enabled in rc.conf and why rc.local wont get executed

Why you think pf not executed?

Has something major changed between 13 and 14 with unionfs? It is so buggy now... While trying to build a minimal repro for a filesystem corruption bug i ran into a kernel panic bug. (both now reported)

Also, now one of my favorite tools is unusable on 14 because of the corruption bug.

unionfs saw a lot of bug fixes from 13 -> 14 :-)

lol... makes sense

interesting thing is that the corruption bug does not happend when using ufs

dautor: why is that interesting? i would expect a filesystem corruption bug to be filesystem specific

meena: I assumed it would be independent of the underlying fs but rather a bug in the interaction of unionfs and nullfs.

oh

so, a VFS issue then maybe?

yeah :)

and also, it is not reproducable in 13

here's the issue if you want to take a look at the repro steps: bugs.freebsd.org/bugzilla/show_bug.cgi?id=275871

Title: 275871 – [unionfs] [nullfs] [zfs] corrupt filesystem

I felt really disturbed when I first saw readdir return files with slashes in names - it felt so alien.

dautor: i think that's one of the very few characters not allowed file names

Yeah, are there any other characters apart from '/' and '\0' that aren't allowed?

dautor: dunno?

i honestly think that's it

dautor: this caveat is what's really interesting: IMPORTANT: If you 'ls' /var/repro/x/a/b before executing it everything works fine.

meena: Yeah, that tripped me up quite a bit. I inserted 'ls' between each step (in program - not in the repro script) to see where it breaks and couldn't find anything weird so I assumed it was something timing specific.

Anyone here use wifibox ? if so how do you make the speed faster ?

jb1277976: how slow is it rn? how fast should it be?

don't know. takes a while to load some pages. once it loads its fine. looking at xyinn.org/md/freebsd/wifibox there is a part about increating the memory which i did to 512M but some pages are really slow. im chatting right now on wifibox

Title: Fast & Stable WiFi with wifibox on FreeBSD | @fearedbliss

im gonna try to reach out to the maintainer