01:33:30 I was using freebsd on my work machine till recently, but now work mandates Ubuntu :| - it was either that or Win 11 02:06:56 hi there. i'm running nginx on 13.4-RELEASE and it's enabled in /etc/rc.conf but is not starting on boot. i think it's because the config needs DNS but, according to /var/log/messages, dhclient finishes after nginx fails. is there any way to tell nginx to delay until network is up? or is there a different/better solution? i can manually restart the nginx service once the machine has fully booted 02:07:02 and it works fine. 02:27:16 thorongil: are you using SYNCDHCP with your interface config? https://docs.freebsd.org/en/books/handbook/network-servers/#_configuring_a_dhcp_client 02:45:24 fink: I am not! I did not know it existed. looks like it will solve the problem. thanks! 04:46:47 kevans: with "main" ( i indeed had no test BE, stupid ) i getting: https://bpa.st/N2KQ 06:25:07 installing 14.2 (resisting the urge to go with -STABLE) on a new home server. I'm unsure about whether I should be using "force 4K sectors" on an NVMe SSD 06:26:41 looking at the SSD with gpart list, it's showing 512B sectors, although that could just be the result of me initially partitioning this disk on linux prior to deciding I'd use it here 06:28:41 tm512, according to Dan Langille those 512B is the result of the disk lying to you. As I've understood from his writings 512B is inefficient 06:30:55 so just stick with the default of 4K sectors being on? 06:31:33 Yup 06:36:57 first time having FreeBSD on a server (outside of a short-lived cloud VM) since the 9.x days. ran DragonflyBSD for my home server ever since then, though I'm looking forward to being back on FreeBSD and getting software updates more than once or twice a year 06:46:17 tm512: to elaborate a bit, a few years ago nearly all disks changed their internal physical structure from 512B sectors to 4K sectors, but because some old systems can't handle non-512 sectors sizes, many disks lie about the sector size for backward compatibility. this is bad because writing a 512B sector to such disk requires a read-modify-write cycle of the entire 4K physical sector. 06:47:13 tm512: there's basically no downside to forcing 4K sectors (especially on an SSD) so even if you know your disk really uses 512B sectors and isn't lying, you should still force 4K sectors, particularly because you can't change a zpool's sector size when adding disks later, afair 07:13:05 so I've got 14.2 installed. ran freebsd-update, which said it was updating me to p2, but after rebooting, uname is showing me as running p1. is that just because the kernel wasn't touched in p2? 07:14:26 tm512: yes, p2 only included a security fix for openssh 07:21:32 finding it kinda weird that uname no longer shows the build date for the kernel. I noticed that with my laptop running STABLE, but I figured it was just a quirk of the pkgbase builders (as I recall the initial snapshot I installed did actually have a build timestamp on the kernel) 07:23:32 that's part of the reproducible build changes, so you can build src multiple times and get identical binaries 07:23:50 you can turn it off if you build locally and don't like it 07:24:52 I see. I'm not a fan of it, but it's not to the point where I'd start building locally 07:39:39 something weird seems to be going on with the version of sysbench on FreeBSD. it's claiming that this i3-10100 (with a 15W TDP limit imposed) is over 850x faster than my R7 5700X in an all-threads CPU test 07:41:11 and the events per second result here on FreeBSD is around 5000x higher than the results on this i3 when running sysbench under Linux 08:20:52 In our small network setup, Computer-A serves as the gateway to the internet, sharing its internet connection with other devices on the network. Recently, we implemented a VPN solution using WireGuard on Computer-A to route all outgoing traffic through the VPN. 08:21:12 Current Issue: After configuring the VPN, we observed that only Computer-A retains internet access, while the other connected devices are unable to reach the internet. 08:22:26 Do have any idea how to resolve this issue ? 08:23:15 Since wireguard is peer to peer, where is the other peer? 08:24:36 other peer, in other place, it is not in my internal network 08:25:28 anyway, peers do not route traffic our of it, you'll need to NAT out of the peer to make internet access possible 08:25:34 holopeinen, you need to have a routing policy in place with the gateway to forward traffic not destined for the vpn network to the other interface 08:26:46 Afterglow, ring0_starr , OK I will try and see (by the way I am working with pf) 08:27:02 pf shouldn't have any impact on the routing table 08:27:39 I remember, last week there was a FIBS discussion 08:28:01 i've done exactly this kind of setup before 08:28:06 but a while ago 08:32:38 show netstat -rn 08:32:49 i always forget how to use route in freebsd 08:32:54 it's too different 08:33:31 <[tj]> route show 8.8.8.8 08:33:31 <[tj]> route to: dns.google 08:33:41 <[tj]> I use netstat 08:36:03 hey, i have a question 08:36:22 in the loader prompt, lsdev shows disk0p1 and disk0p2 as disk devices 08:37:09 then when i try to boot and idk how it gets /dev/ufs/rootfs and that inevitably fails, i enter ufs:/dev/disk0p2 which fails with error 19 (ENODEV) 08:37:26 ? at the mountroot prompt shows no GEOM managed disk devices 08:37:29 what do i do? 09:04:51 is there a `bhyvectl(8)` way to list running VMs? 09:04:57 other than pgrep bhyve 09:05:19 <[tj]> there doesn't seem to be 09:05:30 <[tj]> ls /dev/vmm will give you created and not yet destroyed vms 09:59:35 [tj]: thanks that is good enough for the moment 09:59:47 turns out the vm was called `foo` and not `army` 10:00:35 <[tj]> that'll do it 10:02:59 ring0_starr: this level of loader stuff is out of my depth, but at this point personally I'd grab a usb with freebsd on it, boot and check that /dev/disk0p2 actually is a UFS2 partition with boot & kernel stuff on it 10:03:19 ring0_starr: also your issue is lacking a bit of context, did this ever work, is it a new system, etc 10:03:44 but from a usb boot, I'd check `gpart show` and see what comes up 10:03:49 it's a ufs2 partition that's mounted as root 10:04:33 this used to work & now it doesn't, or it never booted to this device? 10:04:40 this is an unsupported arm64 target - i hacked it together 10:05:42 i have an idea, i'm going to take a look at various devices on a similar but working system 10:05:58 <[tj]> oh in that case there could be loads of problems 10:06:11 <[tj]> does the storage controller work? 10:06:19 to actually diagnose what's going on without random poking and guessing i'd need to actually know the specifics of how mounting root fs works 10:06:23 well it has to 10:06:27 it booted off of it 10:06:35 <[tj]> ah, but that is differ 10:06:36 <[tj]> ent 10:06:48 well to be precise 10:06:50 <[tj]> loader is using an interface provided by firmware 10:07:04 <[tj]> the kernel is using its own drivers 10:07:08 u-boot is able to successfully access this disk and mount an msdosfs from it 10:07:24 right, that's my guess is that it's lacking the drivers for mmc 10:07:34 <[tj]> u-boot has its own drivers to get it there 10:07:38 i didn't see the disk devices show up in the boot log 10:07:49 <[tj]> what is the arm hardware? 10:08:32 sun50i-h618-orangepi-zero3 10:09:39 in order to get the correct dts for the uboot image i had to hack together some ports 10:09:57 the fdt overlay is wrong, i know that much 10:09:58 <[tj]> https://wiki.freebsd.org/arm/Allwinner 10:10:17 <[tj]> ring0_starr: if you join #bsdmips on efnet that is where lots of board porting happens 10:10:27 i probably missed something i needed to touch in u-boot-master/Makefile 10:10:35 ahh 10:10:37 ok 10:10:45 <[tj]> you might need to add a device compat string to a driver 10:11:18 i have a lot of work to do for h616/h618 targets 10:11:30 cpufreq is broken on this 10:11:59 not pro enough to get this to boot i guess 10:12:26 it seems like manu⊙Fo is the right person to talk to for allwinner targets? 10:12:34 <[tj]> nah, join #bsdmips on efnet 10:12:45 <[tj]> you can speak to him there, but there are more people who can help you 10:13:00 <[tj]> sending an email excludes all the others who will have advice 10:13:25 anyway 10:13:41 I was able to get libretech-all-h3-cc fully working 10:13:46 (it's an h5/a64) 10:14:09 <[tj]> I would find the compat string for the emmc and then check freebsd and linux for which driver should pick it up 10:14:31 <[tj]> that should tell you if you just need to add a new compat string to a driver 10:14:38 i'm willing to bet this is gonna keep me busy 11:14:56 yo 11:16:22 since i've migrated to vnet for my jail, i have one with interface frozen on ipv6 tentative. anyone known this issue ? 11:54:25 I have an intel x710 10G NIC, which should be supported by `ixl(4)` 11:54:30 according to https://www.freebsd.org/releases/14.2R/hardware/#ethernet 11:54:42 however there's no ixl driver in /boot/kernel/ on arm64 11:56:07 I see there's no ixl in GENERIC 11:56:26 is that a trivial omission or do I need to get another nic? 11:58:31 theres a net-ixl-kmod in ports, but no packages available for arm64 either 11:59:09 and it doesn't compile ofc 12:08:07 dch: I have if_ixl.ko, I think that might be the one you want. 12:08:39 yes, its available on amd64, but not on arm64 AFAICT 12:09:02 I am trying out relayd, but it seems there's a deeper issue with it. It works for about 10-15 seconds, then it crashes. The log entry is "kernel: pid 75484 (relayd), jid 0, uid 913: exited on signal 10 (no core dump - bad address)". Is that a known issue? 12:18:28 erk: what freebsd version / architecture are you on? 12:18:54 https://www.freshports.org/net/intel-ixl-kmod tells me I can have it on 14.x so maybe thats an option 12:19:14 dch: That was on amd64, 14- 12:19:25 erk: thanks. 13:07:17 on arm64 14.2-RELEASE I can use intel-ixl-kmod. Just no CURRENT today. 13:34:01 angry_vincent: right, that's expected; bectl jail wants to be able to mount the BE and can't handle trying to compose a jail with the current rootfs 13:34:39 I don't know if there's any value in having it create a jail at path=/; we'd need some special consideration in teardown to avoid borking the running system, probably better not 13:48:33 Sometimes it's signal 10, sometimes 11 14:01:04 sigbus and sigsegv 14:01:43 doing something badly wrong with memory, possibly dereferencing a pointer that contains a junk value 14:02:36 can you attach lldb or gdb to it? 14:34:51 kevans: i see. then, can i create BE ( not jailed ) that is completely isolated, i mean like chroot into it and install ports with different options. currently i have everything instaled with pkgs. i know that BE will have all pkgs i installed from binary repo but i will remove them in BE and install from ports. Sounds complicated 14:51:47 paulf: no idea, I have relayd installed via pkg, and I never really used a C debugger 14:54:33 Ah it forks itself into the background immediately after launching 14:55:58 <[tj]> zilti: what is the set up for relayd? 14:57:50 [tj]: The config file is this: https://termbin.com/nhaf And it does work. But after a few requests, it goes boom 14:59:42 Trying to "process attach" only throws an error saying that the given process was stopped with SIGSTOP (even though it is still running in that case) 15:02:48 <[tj]> are cores disabled? 15:03:02 <[tj]> I remember relayd being quite difficult to trace due to priv sep 15:07:33 [tj]: Yes, they are disabled indeed. And to be quite honest, I don't really have the energy currently to debug this myself, but if it is of any help, I could of course enable it, provoke a core dump, and share that 15:07:40 In any case, thanks for the help 15:12:05 <[tj]> are you able to file a bug on bugs.f.o? 15:12:12 <[tj]> you could also ask the port maintainer 15:13:02 <[tj]> I'm pretty sure this is a regression 15:34:25 [tj]: I can file a bug there, yes. 15:34:36 Will do that later today or tomorrow. 15:35:14 <[tj]> thanks, if you let me know the bug (thj⊙fo) I'll try and get someone to look at it 16:31:18 [tj]: done, I added you to the CC list. Bug ID is 285368. :) 16:52:38 <[tj]> zilti: thanks 16:53:23 Hm. Any idea why `service pf reload`, `pfctl -f`, etc, would hang? 16:53:52 With the former, I get "Reloading pf rules." written out and then --- nothing. 16:54:32 ... apparently, it didn't hang. It just took *minutes* O_o 16:59:56 networking is not fiable in 14-R ? 22:04:51 hiyo 22:05:42 is rnagy usually around here? 23:29:25 i've been an nginx user for years but apparently caddy is the new hotness? any perspectives on relative merits? 23:31:56 I think one of Caddy's selling points is that it makes acquiring/renewing TLS certs very simple. I dunno much beyond that 23:36:36 cool thanks 23:39:12 thorongil: i've got around 15 services running behind caddy and the config file is around 20 lines 23:39:15 highly recommend 23:39:28 it's extremely easy to set up and it tends to just work 23:42:33 nice!