I was using freebsd on my work machine till recently, but now work mandates Ubuntu :| - it was either that or Win 11

hi there. i'm running nginx on 13.4-RELEASE and it's enabled in /etc/rc.conf but is not starting on boot. i think it's because the config needs DNS but, according to /var/log/messages, dhclient finishes after nginx fails. is there any way to tell nginx to delay until network is up? or is there a different/better solution? i can manually restart the nginx service once the machine has fully booted

and it works fine.

thorongil: are you using SYNCDHCP with your interface config? docs.freebsd.org/en/books/handbook/…servers/#_configuring_a_dhcp_client

fink: I am not! I did not know it existed. looks like it will solve the problem. thanks!

kevans: with "main" ( i indeed had no test BE, stupid ) i getting: bpa.st/N2KQ

installing 14.2 (resisting the urge to go with -STABLE) on a new home server. I'm unsure about whether I should be using "force 4K sectors" on an NVMe SSD

looking at the SSD with gpart list, it's showing 512B sectors, although that could just be the result of me initially partitioning this disk on linux prior to deciding I'd use it here

tm512, according to Dan Langille those 512B is the result of the disk lying to you. As I've understood from his writings 512B is inefficient

so just stick with the default of 4K sectors being on?

Yup

first time having FreeBSD on a server (outside of a short-lived cloud VM) since the 9.x days. ran DragonflyBSD for my home server ever since then, though I'm looking forward to being back on FreeBSD and getting software updates more than once or twice a year

tm512: to elaborate a bit, a few years ago nearly all disks changed their internal physical structure from 512B sectors to 4K sectors, but because some old systems can't handle non-512 sectors sizes, many disks lie about the sector size for backward compatibility. this is bad because writing a 512B sector to such disk requires a read-modify-write cycle of the entire 4K physical sector.

tm512: there's basically no downside to forcing 4K sectors (especially on an SSD) so even if you know your disk really uses 512B sectors and isn't lying, you should still force 4K sectors, particularly because you can't change a zpool's sector size when adding disks later, afair

so I've got 14.2 installed. ran freebsd-update, which said it was updating me to p2, but after rebooting, uname is showing me as running p1. is that just because the kernel wasn't touched in p2?

tm512: yes, p2 only included a security fix for openssh

finding it kinda weird that uname no longer shows the build date for the kernel. I noticed that with my laptop running STABLE, but I figured it was just a quirk of the pkgbase builders (as I recall the initial snapshot I installed did actually have a build timestamp on the kernel)

that's part of the reproducible build changes, so you can build src multiple times and get identical binaries

you can turn it off if you build locally and don't like it

I see. I'm not a fan of it, but it's not to the point where I'd start building locally

something weird seems to be going on with the version of sysbench on FreeBSD. it's claiming that this i3-10100 (with a 15W TDP limit imposed) is over 850x faster than my R7 5700X in an all-threads CPU test

and the events per second result here on FreeBSD is around 5000x higher than the results on this i3 when running sysbench under Linux

In our small network setup, Computer-A serves as the gateway to the internet, sharing its internet connection with other devices on the network. Recently, we implemented a VPN solution using WireGuard on Computer-A to route all outgoing traffic through the VPN.

Current Issue: After configuring the VPN, we observed that only Computer-A retains internet access, while the other connected devices are unable to reach the internet.

Do have any idea how to resolve this issue ?

Since wireguard is peer to peer, where is the other peer?

other peer, in other place, it is not in my internal network

anyway, peers do not route traffic our of it, you'll need to NAT out of the peer to make internet access possible

holopeinen, you need to have a routing policy in place with the gateway to forward traffic not destined for the vpn network to the other interface

Afterglow, ring0_starr , OK I will try and see (by the way I am working with pf)

pf shouldn't have any impact on the routing table

I remember, last week there was a FIBS discussion

i've done exactly this kind of setup before

but a while ago

show netstat -rn

i always forget how to use route in freebsd

it's too different

route show 8.8.8.8

route to: dns.google

I use netstat

hey, i have a question

in the loader prompt, lsdev shows disk0p1 and disk0p2 as disk devices

then when i try to boot and idk how it gets /dev/ufs/rootfs and that inevitably fails, i enter ufs:/dev/disk0p2 which fails with error 19 (ENODEV)

? at the mountroot prompt shows no GEOM managed disk devices

what do i do?

is there a `bhyvectl(8)` way to list running VMs?

other than pgrep bhyve

there doesn't seem to be

ls /dev/vmm will give you created and not yet destroyed vms

[tj]: thanks that is good enough for the moment

turns out the vm was called `foo` and not `army`

that'll do it

ring0_starr: this level of loader stuff is out of my depth, but at this point personally I'd grab a usb with freebsd on it, boot and check that /dev/disk0p2 actually is a UFS2 partition with boot & kernel stuff on it

ring0_starr: also your issue is lacking a bit of context, did this ever work, is it a new system, etc

but from a usb boot, I'd check `gpart show` and see what comes up

it's a ufs2 partition that's mounted as root

this used to work & now it doesn't, or it never booted to this device?

this is an unsupported arm64 target - i hacked it together

i have an idea, i'm going to take a look at various devices on a similar but working system

oh in that case there could be loads of problems

does the storage controller work?

to actually diagnose what's going on without random poking and guessing i'd need to actually know the specifics of how mounting root fs works

well it has to

it booted off of it

ah, but that is differ

ent

well to be precise

loader is using an interface provided by firmware

the kernel is using its own drivers

u-boot is able to successfully access this disk and mount an msdosfs from it

right, that's my guess is that it's lacking the drivers for mmc

u-boot has its own drivers to get it there

i didn't see the disk devices show up in the boot log

what is the arm hardware?

sun50i-h618-orangepi-zero3

in order to get the correct dts for the uboot image i had to hack together some ports

the fdt overlay is wrong, i know that much

ring0_starr: if you join #bsdmips on efnet that is where lots of board porting happens

i probably missed something i needed to touch in u-boot-master/Makefile

ahh

ok

you might need to add a device compat string to a driver

i have a lot of work to do for h616/h618 targets

cpufreq is broken on this

not pro enough to get this to boot i guess

it seems like manu⊙Fo is the right person to talk to for allwinner targets?

nah, join #bsdmips on efnet

you can speak to him there, but there are more people who can help you

sending an email excludes all the others who will have advice

anyway

I was able to get libretech-all-h3-cc fully working

(it's an h5/a64)

I would find the compat string for the emmc and then check freebsd and linux for which driver should pick it up

that should tell you if you just need to add a new compat string to a driver

i'm willing to bet this is gonna keep me busy

yo

since i've migrated to vnet for my jail, i have one with interface frozen on ipv6 tentative. anyone known this issue ?

I have an intel x710 10G NIC, which should be supported by `ixl(4)`

according to freebsd.org/releases/14.2R/hardware/#ethernet

however there's no ixl driver in /boot/kernel/ on arm64

I see there's no ixl in GENERIC

is that a trivial omission or do I need to get another nic?

theres a net-ixl-kmod in ports, but no packages available for arm64 either

and it doesn't compile ofc

dch: I have if_ixl.ko, I think that might be the one you want.

yes, its available on amd64, but not on arm64 AFAICT

I am trying out relayd, but it seems there's a deeper issue with it. It works for about 10-15 seconds, then it crashes. The log entry is "kernel: pid 75484 (relayd), jid 0, uid 913: exited on signal 10 (no core dump - bad address)". Is that a known issue?

erk: what freebsd version / architecture are you on?

freshports.org/net/intel-ixl-kmod tells me I can have it on 14.x so maybe thats an option

dch: That was on amd64, 14-

erk: thanks.

on arm64 14.2-RELEASE I can use intel-ixl-kmod. Just no CURRENT today.

angry_vincent: right, that's expected; bectl jail wants to be able to mount the BE and can't handle trying to compose a jail with the current rootfs

I don't know if there's any value in having it create a jail at path=/; we'd need some special consideration in teardown to avoid borking the running system, probably better not

Sometimes it's signal 10, sometimes 11

sigbus and sigsegv

doing something badly wrong with memory, possibly dereferencing a pointer that contains a junk value

can you attach lldb or gdb to it?

kevans: i see. then, can i create BE ( not jailed ) that is completely isolated, i mean like chroot into it and install ports with different options. currently i have everything instaled with pkgs. i know that BE will have all pkgs i installed from binary repo but i will remove them in BE and install from ports. Sounds complicated

paulf: no idea, I have relayd installed via pkg, and I never really used a C debugger

Ah it forks itself into the background immediately after launching

zilti: what is the set up for relayd?

[tj]: The config file is this: termbin.com/nhaf And it does work. But after a few requests, it goes boom

Trying to "process attach" only throws an error saying that the given process was stopped with SIGSTOP (even though it is still running in that case)

are cores disabled?

I remember relayd being quite difficult to trace due to priv sep

[tj]: Yes, they are disabled indeed. And to be quite honest, I don't really have the energy currently to debug this myself, but if it is of any help, I could of course enable it, provoke a core dump, and share that

In any case, thanks for the help

are you able to file a bug on bugs.f.o?

you could also ask the port maintainer

I'm pretty sure this is a regression

[tj]: I can file a bug there, yes.

Will do that later today or tomorrow.

thanks, if you let me know the bug (thj⊙fo) I'll try and get someone to look at it

[tj]: done, I added you to the CC list. Bug ID is 285368. :)

zilti: thanks

Hm. Any idea why `service pf reload`, `pfctl -f`, etc, would hang?

With the former, I get "Reloading pf rules." written out and then --- nothing.

... apparently, it didn't hang. It just took *minutes* O_o

networking is not fiable in 14-R ?

hiyo

is rnagy usually around here?

i've been an nginx user for years but apparently caddy is the new hotness? any perspectives on relative merits?

I think one of Caddy's selling points is that it makes acquiring/renewing TLS certs very simple. I dunno much beyond that

cool thanks

thorongil: i've got around 15 services running behind caddy and the config file is around 20 lines

highly recommend

it's extremely easy to set up and it tends to just work

nice!