dch: for the old way, how would one specify ports to be built and put into the image

burie look in how it’s done in cloudinit modules — cgit.freebsd.org/src/tree/release/tools/oci.conf is all that’s needed

dch: did you ever get back to looking at github.com/berthubert/simplomon

dch educate me. what's that oci.conf?

Hi I am trying to understand a bit better how networking works in FreeBSD. In particular, is it possible to define a virtual interface? Like I would like to have a 10.x.x.x network associated to a virtual interface which is NOT linked/routed to the actual physicial interfaces/networks. I am trying to understand each piece of the configuration/networking

so that interface would be only accessible in the host

uskerine: probably you want to create another loopback interface in this case

so I can create a lo1 and assign a network to that

how do you create a new lo interface ?

A loopback interface is a virtual interface that is always up and reachable as long as at least one of the IP interfaces on the switch is operational <- but it seems linked somehow to the IP interfaces

uskerine: `ifconfig lo create` (or pick some number yourself)

entrop: no, I found no quick fix for a non-C++ user, so I had to give up

antranigv: thats the config file for oracle cloud vms. just happens to be one I know well (as the author of it).

there's an EC2 and other things in there too

is lo always on even if the machine would have no other interfaces?

dch: How would I specify to use any of the existing or new config in the /src/tree/release/tools directory? It looks like with release.sh I would run release.sh -c /src/tree/release/tools/desired.conf but how would I specify that I want memstick or cdrom target?

Is there any well supported way of maintaining a port or package outside of the ports tree?

erk: i just have a local branch of ports with my own ports in, works fine with poudriere

(i host it in Forgejo, which is in ports)

the other advantage of that is i can rebuild my packages (e.g. to add a new package) without poudriere re-fetching the ports tree

uskerine: yes, loopbacks are always there

erk: yes, just maintain your own ports tree, and rebase occasionally off upstream when you want to.

you can use overlays (see poudriere docs for this) but IMO its not worth it

yes. local branch is way better

Currently in the process of migrating my server over to FreeBSD. Very excited! So far all the docs and stuff have been very clear and defaults are sane and stuff

Definitely excited to have jails and ZFS

great!

mikewilzn congrats!

Thanks! I'm using primarily docker now and definitely ready for a change

mikewilzn: Migrating from which OS?

Right now I'm running docker in an Alpine LXC on Proxmox

Good timing because I realized I'm still on version 7 and that's going EOL tomorrow

thinking out loud, once you have two separate lo1 interfaces at two hosts, would it be possible to configure a TAN tunnel between both so they are linked?

TAP*

I have been looking into wireguard on freebsd and everything uses the userspace wireguard-go, does freebsd not have inkernel support for wireguard?

Yo polarian fancy seeing you here

mikewilzn: mike from XMPP?

Yessir

I have been here for ages...

I just joined haha

hi

hi?

yes me too I am a new freebsd user

or whatever

uskerine: LAGG(4) would be better no? I haven't messed with it but it seems like what you are asking for

oh wait I completely missed the "two hosts" part, sorry...

LapsangS, based

loopback should always be local to the device, you wouldn't want to bridge them

if you want both hosts to talk to each other, you would want a point to point link, or simply connect to each other over the local network.

LapsangS: welcome I guess

i am just using this system and at slow pace trying to figure out the subtleties of bhyve and zfs

I think lagg servers a different purpose

it is for aggregating links

for now on, i have the basics working, like X.org and stuff

TAP is a virtual interface to transport L2

I think TUN and TAP are used underneath the (some) VPNs, but not widely used

as standalone tools/mechanisms whatever they are

uskerine: I am confused on what you are trying to achieve

I thought you wanted link aggregation

I want to understand how TUN/TAP work

and that is not related at all to link aggregation

ultimately I would like to have two subnets, each one at lo1 interfaces, in two different hosts, linked together with a TAP and/or TUN interface

understanding the in and out of that

seems like connecting the hosts requires the nic's to talk, and then you can have routes to the respective loopback devices, NAT'ing out of each of them i guess. i don't think it makes sense to think of "directly" connecting loopback devices from distinct hosts

I am reading about the TAP interface, still difficult to grasp

scoobybejesus: loopback is in its name, its designed for the device to talk to itself, so I am a little confused on the purpose of attempting to join two loopback devices on separate hosts...

uskerine: i'm not sure if you will have any luck doing it with tun or tap, i think you need a client program to connect to those interfaces. for your situation, it sounds like you want a gre interface

a client program to connect both interfaces is easier to do, just nc

that's not what i mean by connect. i suggest to read more about those interfaces

haha there is inkernel support for wireguard, just no documentation other than WG(4)

wait, what are you trying to do ? connect two jails together without the host?

polarian: it does have in kernel support for wireguard

I know i found it... :)

I asked about an hour ago when I couldn't find anything on it other than people using wireguard-go

the wg-quick package helps, but you probably found that too.

and then after reading some history, and also going into the src tree I found the kernel module name and loaded it

i also have wg(8), but may be that's on current only?

no, it's in 14

wg(8) is everywhere the kmod is

wireguard-tools still incredibly useful for wg-quick and the rc.conf support to make it work somewhat like other platforms

there's an rc script floating around in review for base, but I wanted most of it to be split out into a separate script that works kind of like wg-quick and the submitter wasn't really amenable to that / I found them hard to work with

ok, i wasn't following wireguard story at all :)

kevans: wg-quick has always been something I considered laziness

it doesn't feel like it properly integrates

I like how easy wireguard is on openbsd though...

although it could be using wg-quick under the hood anyways

it's the same easy everywhere, isn't it

set up the conf file `wg-quick up wg0`

it can be done with ifconfig too it appears

just its gonna be a long command

rtprio: on OpenBSD I did the following: !/usr/local/bin/wg setconf wg0 /etc/wireguard/wg0.conf

not if you want routes. and dns. and the other shit

but this works well for OpenBSD as the hostname.if files can run shell commands

that is true

I doubt it would work well on FreeBSD

rc.conf can be... limiting

yes, i do like hostname.if; i wouldn't mind if freebsd added that

its so much more simple too

if you got long configs, you got to cram it all on a single line

polarian: I dont have any specific opinions on wg-quick, but I much prefer the model where an rc script is simply a driver for something else that can be used independently to manage

i don't really want to review a couple hundred line rc script

it's much easier to reason about what the service is providing if the meaty bits aren't conflated right in there

few hundred lines? what sort of config are you running?

i don't see how config has any bearing on the rc script's size

but it does

ok

I've got a Mac Pro from 2007 that has 32-bit EFI with 64-bit amd64 architecture, the EFI loader appears to work, but system hangs trying to load the kernel from 14.1 install img. Any suggestions?

boot with verbose and look for clues?

Couldn't be done without a special boot floppy from Apple that that could create GTP partitions.

But of course, that floppy image was impossible to find on Apple's website, and none of their support people had any fekking clue what you were talking about.

This thing doesn't have a floppy drive. Thanks though.

amarks, 14.x also supports the creation of GPT partiions. . . the FreeBSD versions of the day, did not.

wasn't there gparted live CD in 2006? there certainly was in 2008