why does chrony depend on python39 down its dep tree? that's so old

alepzi: Python 3.9 is the current default version in ports. if you want to change that, you need to set DEFAULT_VERSIONS appropriately and build from source. switching to 3.11 default is in progress

lw know when that'll land?

14.1 or?

it's not tied to freebsd version, it's the same ports tree for every freebsd version. it'll be whenever it's done and tested and all the python ports work. i don't know what the current status is off hand.

(there might be something in phabricator perhaps)

tyvm!

hi, I ran into a problem with samba/gnutls initialization after updating the port. libc pthread_key_create() is returning ENOSYS ('function not implemented'), which is really confusing me. Help? pastebin.com/raw/bPgcDN7m

oh. "If libpthread is linked, it will override these placeholder functions with (non-weak) routines." - so it's just missing libpthread?

yes

libc has weak stubs for pthread functions to fail if libpthread isn't otherwise linked in to the binary

I wonder what went wrong then. I checked all recent port changes and nothing stands out. except LDFLAGS is being set

my bad, samba Makefile has a CONFIGURE_ENV= PTHREAD_LDFLAGS="-lpthread"

does this get overwritten by putting CFLAGS= on the commandline when doing a custom test build?

fortunately it has a WITH_DEBUG toggle, but I'd be interested to know how to avoid messing up the internal flags (if that is what happened)

didn't work, same failure. if I roll back gnutls, it magically works again. so there's some bad interaction with the new update, and I guess it hasn't been caught yet

hi guys, I couldn't find anything but maybe someone knows, is there an issue with virtio network drivers on freebsd 13.3-RELEASE ? I have a virtualized router/firewall running 13.3, only ICMP was passing through with virtio nic but couldn't do anything with tcp/udp, swapped to e1000 and everything works flawless. I don't remember having this type

of issue with 13.2

my bad disabling rxcsum works, I thought this issue was resolved since forever

anyone else have trouble getting libvirt with bhyve backend to properly work? virt-manager doesn't update vm states, which breaks some basic features like reboot and force-off, can't get spice to work and the overall experience is pretty janky…

when trying to create a win10 vm, the os selection dialog doesn't let me choose anything (but i can still click "forward"), i never get the setup, but rather just stare at the "tianocore" logo forever and when i try starting the vm again it explodes because something something vnet even though i told it to use bridge0 and i don't even know where to begin debugging this entire mess…

i can get linux vms to work, there i only have to work around the vm state jank and for some distros have to move the uefi loader to the same location the freebsd uefi loader would be (something something bootx64.efi), so it doesn't seem to be *completely* broken.

eh, fuck it, going for raw bhyve without a zillion poorly documented abstractions. :F

phryk: have you looked at sysutils/vm-bhyve?

it doesn't have libvirt's remote management stuff, but it's a little easier to use than calling bhyve directly

lw: yes, it already explodes when trying to use onestart instead of having vms running constnatly…

don't use onestart, just don't put the VMs you don't want to auto-boot in vm_list, and start them manually with 'vm start foo'

sorry, a service that fails with onestart is too sus.

vm-bhyve leaves a lot to be desired but it's certainly usable, you just kind of have to know what you're doing sadly

yeah, that's essentially worthless for me. going for direct bhyve use is going to be more involved but at least i explicitly do every step and see the errors along the way and it's actually documented.

i remember hearing about this: gitlab.com/swills/cirrina but i don't know how mature/usable it is

Title: Steve Wills / cirrina · GitLab

seems to have releases, though

phryk: vm-bhyve gives you errors, you just have to set debug to "yes" or "true", i forget which. there's vm-bhyve.log and bhyve.log. the latter is a direct bhyve error log

mhh, and the bhyve part of the handbook doesn't document how to run windows, either. :/

guess i don't have much of a choice…

does bugs.freebsd.org feel really slow for anyone else today?

takes like 5-10 seconds to submit a comment

lw: it's loading fairly slow on my end, but that could be unrelated

hmm, not sure i chose the best time to update my local source tree to main, right after the llvm merge...

hey folks, how are you?

the last commit message is "Fix arm64 build (take 2)" :-d

I know that FreeBSD can use SLAAC and rtsold. I was wondering if there's a way to act as a SLAAC "server"? Basically, I want my host to assign IPv6 to my VNET Jails.

lw: yeah, some llvm regressions and trying to use the FPU in places that had a compiler flag that disables it :)

antranigv: rtadvd(8), if by "slaac server" you mean you want freebsd to response to ICMP Router Soliciation

nothing too serious as far as i can tell so far anyway

lw, indeed. however, while the jails are getting the router's LinkLocal address, they are not getting any public routable IPv6 addresses.

dstolfa how's life in the forums? :) haven't checked in a while :D

antranigv: wouldn't know, i don't use them :D

antranigv: did you configure the appropriate prefixes in rtadvd.conf(5) ?

otherwise it won't know what prefix to advertise to the client

dstolfa same here…. same here :D

lw I did indeed, here's what it looks like

bridge0: :addr="2001:470:7a1b:2001:1411::":prefixlen#80:

antranigv: other than that, i'm seeing if there's any hope for freebsd to run dtrace tests in the CI to catch some painful regressions earlier

dstolfa we also have a DTrace issue in the system headers, not sure if anyone has noticed it, but we did. I think I forgot to send a PR

there were concerns about doing it before because we didn't closely look at the test suite, so things could crash. however i'd argue it's in a much better state today and quite useful

antranigv: can you show the output of 'tcpdump -nvi <interface>' on the jail while it's sending router solicitations?

lw indeed. one sec :)

i haven't actually used rtadvd for... well, probably since you still had to apply the KAME patch to get IPv6 support :-d but maybe the problem is something obvious

dstolfa: more annoyingly i just noticed this bumped __FreeBSD_version so i need to rebuild all my packages... the build i started this morning hasn't even finished yet!

antranigv: oh, it occurs to me that you might need to start rtsold(8) on the jails, if you didn't already

otherwise you have to wait for the router to send an unsolicited RA which can take ~10 minutes in some default configurations

i also wonder if freebsd even support SLAAC on a subnet size other than /64, that's a fairly unusual config

DHCPv6 might work better there, except FreeBSD doesn't include a DHCPv6 client... not sure if there's one in ports

lw here's the host, jail and other things gist.github.com/antranigv/eacfe74e8f788e1f25dbb3892841e71d

Title: Host · GitHub

lw there is indeed one in ports that also support Prefix Delegation, I think it's DHCPCD

ah ofc! that might be the issue!

I should "divide" my /48 to /64s

well, you don't need DHCP-PD for this, just managed address configuration

but yeah, if you have a /48, just give each jail a /64, you're not going to run out

Instead I divided my /64 to /80s :D

okay, lemme try and report back

you could divide it into /56s, then assign one /56 per jail host, which would give you 256 hosts with 256 jails each (or you know... do it however you like :-)

i just give a /128 to each jail and advertise that in OSPF... works well for IPv4 too

My IPv6 math still sucks. If I have a /48 and a single host, should I assign /64 to each Jail? how many /64s are in a /48?

65536

(64-48 is 16)

% echo '2^(64-48)' | bc

65536

useful maths to memorise for ipv6

antranigv: it really depends how you want to do it, and i guess on what the jails are doing? if you're using vnet though, and you don't have any particular preference, using a /64 for each ethernet segment is fairly reasonable

(one epair being one ethernet segment here)

indeed

so I set a /64 to the bridge

and then the bridge advertises that

and then the jail gets a single IP from that

oh you're using a bridge, right, so all the epair are in one segment

but yeah, that sounds right

indeed!

perfect, time to try and hopefully blog

you might want to set a fixed ethernet (MAC) address for each epair so every jail gets the same IP address every time it boots

otherwise you will have issues adding DNS entries etc

lw I'm using `jailer`, which always sets a static MAC

ah ok

it worked!

so it had to be /64

nothing less than that

yeah, i'm not sure why rtadvd even lets you configure that, i'm not sure slaac works at all in non-/64 subnets

maybe some weird edge cases need it

or maybe if you want static address configuration but still use router advertisements...

this reminds me, i want to try a kernel without 'options INET' on my new ipv6-only VPS, that should turn up a bunch of broken things i can send patches for

lw mine is indeed the third case

hm... does rtadvd not support advertising PREF64 (RFC 8781)?

guess i need to send a patch for that too

so i've been using nginx for basic web serving since forever, but i don't really love it... i was looking at www/obhttpd (OpenBSD's httpd) but it seems to be maintained by a single person which makes me a bit nervous. i know about lighttpd, but does anyone have any other preference?

learning anything new with it's own paradigm can be annoying at first, but caddy config is simple.

scoobybejesus: looks interesting, thanks

bugs.freebsd.org slow to load for anyone else?

@skered yes for me as well

ipv6?

IDK

Request-Response timing from browser usercontent.irccloud-cdn.com/file/g…ot%202024-04-07%20at%2018.59.14.png

as shown ... it is taking almost 9 seconds waiting for the server to respond

I noticed this starting today only

how do you enable CLAT?

Soni: it should be possible with ipfw

meena maybe found a handbook error fwiw

jmnbtslsQE: what should we be reading?

if i give an ip to a jail isn't it supposed to disappear from the host's interface? ifconfig -a on host shows ip on interface that jail is given and shows up on jexec -l testjail ifconfig -a

alepzi: I only see the "outside" half of each epair here, both FreeBSD 13 and 14.

alepzi: How are you giving your jails interfaces?

mason: termbin.com/y5z2

oh nvm fw rule on host sorry

Ah, sorry, got distracted by a work thing.

Glad you found it.

ty! any other fixes you can see for me to make?

alepzi: IT's a bit fancier than what I do. I don't see anything that needs fixing. It's possible to assign a MAC address if you want, which may or may not matter to other things. Not as important if you're not doing, for instance, DHCP.

ya no dhcp

I'm hoping to put together enough ambition to be able to reference JID in configs, which would obviate the need to explicitly set an ID for your epair.

i guess i need to set the netmask on the jail ip. handbook example shows /24 but why a whole class c?

that sounds nice. how does that work?

alepzi: I think that's all malleable and dependent on whatever you've got for a network locally.

As for how JID works, it doesn't yet. I'll have to figure out how to expose it, if possible, to jail configs.

It will depend on when in the spin-up process the JID starts to exist.

and if a jail is restarted, it will have a new JID

reminds me of what i was thinking. so you know taps can auto start as needed when a bhyve vm starts? well epairs being autocreated on jail start would be nice just the same

because the pre/post command shit can get out of sync

alepzi: github.com/freebsd/freebsd-src/blob/main/share/examples/jails/jib is probably your answer

Title: freebsd-src/share/examples/jails/jib at main · freebsd/freebsd-src · GitHub

entrop: Dynamic and shifting JIDs will be part of the point.

entrop: I want to be able to move configs from one host to another and not have to manually reconfigure anything.

entrop: how is jib much of an improvement over what i got already?

entrop: back

alepzi: You wouldn't have to specify a distinct ID for your epairs and keep track of what you've assigned. But fear not, it doesn't exist yet.

copyright says 2016?

What copyright?

Oh, jib.

I missed that link entirely and thought it was a typo.

but ya that does sound useful

Ooh. That says /bin/sh and then checks for a BASH version. Anyway, not entirely what I'm after, but interesting that someone took a stab at it.

yeah, bash doesn't really try to get rid of its bash-isms in /bin/sh-mode in my experience

(and if it's easy enough to account for, might as well do it)

It occurs to me that exposing JID as I want wouldn't strictly help folks who aren't using DHCP to configure networking. Two hosts could very easily have the same JID, so the JID wouldn't strictly be safe to use as an actual address.

Still useful for epair naming, though.

can we turn off the ipv4 stack

mason: just found a prob in my config. i was putting the jail ip on the vm bridge and in the jail. just needs to be on the jail

it takes so long to boot due to waiting for ipv4

Soni: i wanna run pure ipv6 too

also how do you turn 13.2-STABLE into 14.0-RELEASE?

to turn off ipv4 you probably have to compile a custom kernel config

if you find out tell us?

(how big is the freebsd git repo?)

1.1G for me

oof

yeah this might be a problem

retro computing, cool

we don't think we have enough space in our VM for this

termbin.com/cccf is my networking for host, bhyve vm, and jail in the vm. any way to make it better or fix anything wrong with it? fwiw it seems to be working 100%