00:01:01 does sysutils/bhyve-firmware images support enabling secure boot in virtual machine? 00:03:26 ivy, the specs for this device ("OWC Mercury Elite Pro Dual") say "UASP (USB Attached SCSI Protocol) is supported" 00:03:45 which suggests that it can, but must not, use UASP 00:07:49 treefrob: well, not sure, but the device doesn't appear to present a block storage device. perhaps there's a configuration option? i'd suggest asking the vendor 00:08:30 unfortunately there is no config option (would be some sort of switch on the back) 00:08:37 yeah, I'll ask OWC 00:59:04 treefrob: install the lsblk package 00:59:25 It has a lsblk command 02:09:30 geom disk list perhaps 02:59:05 I find the lsblk in the port to be an poor analogue to the linux version of the command. On FreeBSD the best I have found is "geom -t" and supplementing that with "geom disk list". 10:53:14 SponiX, deimosBSD, rwp: thanks 11:02:28 well I'll be damned. I disconnected the external enclosure from the type-C jack (which belongs to a DeLock "front panel" connected to a mobo USB riser) and connected it instead to a type-A jack on the I/O shield and immediately da0 appeared 14:17:36 When I run iperf3 in udp mode in a vnet jail, the upload is always the same as I set on the command line, never the real bandwidth I have to the server. Anyone knows how I can get the correct number without reverting to tcp mode ? 14:18:38 running `iperf3 -c ping-ams1.online.net -u -b 2048M` on the host gives me the correct numbers: 957mbit down and 950mbit up 14:19:19 running the exact same command in a jail on that machine gives me 957mbit down and 2.05 Gbits up 14:20:07 I do want to use udp mode as that will provide statistics about jitter as well, something the tcp mode does not 14:21:59 <[tj]> you get two numbers for udp mode 14:22:36 <[tj]> like: 14:22:37 <[tj]> [ 5] 0.00-1.00 sec 7.14 GBytes 61.1 Gbits/sec 0.000 ms 0/468854 (0%) sender 14:22:37 <[tj]> [ 5] 0.00-1.00 sec 5.29 GBytes 45.2 Gbits/sec 0.001 ms 121534/468853 (26%) receiver 14:23:14 yeah 14:23:17 [ 5] 0.00-10.00 sec 2.39 GBytes 2.05 Gbits/sec 0.000 ms 0/1754189 (0%) sender 14:23:19 [ 5] 0.00-10.00 sec 1.11 GBytes 949 Mbits/sec 0.016 ms 0/1748937 (0%) receiver 14:23:55 my 'problem' here is that the number for 'sender' is whatever I specify as target bandwidth on the command line. not the actual bandwidth I have with the test server 14:24:10 it does show the correct numbers when running the command on my host (outside of the jail) 14:25:03 This is what my host reports: 14:25:06 [ 5] 0.00-10.02 sec 1.12 GBytes 957 Mbits/sec 0.000 ms 0/821241 (0%) sender 14:25:08 [ 5] 0.00-10.02 sec 1.11 GBytes 950 Mbits/sec 0.013 ms 0/818749 (0%) receiver 14:25:32 which is correct, since I have a 1/1 gbit connection to the internetz on this machine 14:26:00 <[tj]> sender is how fast iperf tries to send at for udp 14:26:13 <[tj]> it'll go to whatever number you select until you run out of tcp 14:26:22 <[tj]> I did iperf3 -c localhost -u -b 100G 14:26:24 <[tj]> for that example output 14:28:35 i'm running the same command, on the host and in the jail: `iperf3 -c ping-ams1.online.net -u -b 2048M` and on my host it shows correct and in the jail it shows 'unf upload 2.05Gbits' 14:29:19 if all else fails I will have to run iperf on the host, but if possible I'd like to have it in a jail 14:29:31 <[tj]> it is probably that the gigabit interface is providing back pressure, but the epair/bridge whatever isn't 14:29:48 <[tj]> the packets are dropped when they hit the gigabit interface and to the jail networking thats further in the network 14:29:49 it's a vnet jail indeed 14:30:09 <[tj]> if you pass the gigabit interface into the jail you might get the expected result 14:30:42 gheh, it's the main interface for this machine so that's not goin to happen 14:30:48 I have a jail configured, following the instructions in the Handbook. 'pkg' is not setup inside the jail. I do have lighttpd installed in there and it seems like it keeps getting updated as well. I'm not sure how that is happeing though. 14:31:13 but thanks for explaining [tj] 14:31:34 the upload is basically testing the speed of epair to bridge, instead of the connection to the remote machine 14:32:58 <[tj]> the *wire* speed of the epair or bridge 14:36:05 mns: do you use pkg -r? (with -c or -j pkg would be set up inside the jail) 14:44:41 nimaje: I use: /usr/bin/time -p sudo /bin/sh -c 'pkg update && pkg upgrade' 14:59:33 on the host? then that shouldn't affect the jail and if inside the jail pkg should be set up in it 15:14:07 nimaje: thats on the host. 15:15:05 no idea how your packages in the jail magically get updated then 15:15:26 I'll have to backtrack and see how that works 15:23:32 hrm, i have an amd ryzen 7 7800x3d running at 4.2ghz, it should support a boost mode to take it to 5.2ghz but i'm not sure how to do that 15:23:47 only 1 core should be boosted, i'm running a single threaded app all on 1 core anyway 15:24:34 Demosthenex: my understanding is that turbo/boost is handled inside the CPU and while it is possible to monitor it somehow, it's not exposed via the normal ACPI frqeuency tables. i'm not 100% sure about that though 15:25:17 ok. well the dev.cpu...freq only ever says 4200 15:26:15 i'm trying to make sure that power saving, cpu freq reduction, etc are never enabled. i want this job to get as much cpu time as possible 15:26:46 i have Cmax in the rc.conf for performance. powerd with -a max -b max. 15:27:01 right. what i mean is there is no way to turn this on or off, it doesn't appear as a discrete frequency you can enable, the CPU simply does it when thermal headroom is available 15:27:13 i'm seeing a weird temperature flux too, which makes me wonder if it's hitting turbo 15:27:55 it runs at an avg of 55C, then zooms up to 75C for maybe a minute, then back down to 55C 15:28:41 this happens routinely at regular intervals that don't appear to be aligned with any routine jobs 15:28:52 could that be boosting? 15:40:26 Demosthenex: I also have this question with a custom-PBO ryzen 5700X and a larger boost clock override of +200MHz. I'd like to ideally see the real CPU frequency rather than the P0 ACPI-exposed frequency in tools like htop 15:40:43 svmhdvn: try installing turbostat 15:40:56 sometimes it will tell me extra details, the rest of the time it dies with a floating point exception 15:41:27 there's currently no support in FreeBSD to get the actual frequency 15:41:31 on an AMD chip (works for Intel) 15:42:01 if turbostat works, then because it directly talks to the CPU (rather than to the kernel) 15:42:08 https://demosthenes.org/gtnh/localhost/localhost/coretemp.html 15:42:09 similar to lets say cpufetch 15:42:14 i get this wild consistent temperature swing 15:42:16 I might be interested in trying to add this support, at least for a small subset of zen chips to start. Is there any documentation online on how tools like Ryzen Master or HWInfo (on windows) is able to get this data? I'm assuming it's through MSRs 15:42:22 https://demosthenes.org/gtnh/localhost/localhost/cpu.html 15:42:28 though i have a constant load 15:44:18 i installed netdata which is now giving me close to realtime temperature graph, and i'm seeing this 5 minute temperature cycle. bizarre 15:44:41 https://i.imgur.com/Humukyl.png 16:10:36 Good morning all. I'd like to call and invite you back to God, turn to Jesus and be forgiven of all sin. Heed this call whoever has ears to hear. 16:14:31 what 16:14:58 our mascot is literally a daemon 16:40:13 Someone had to get their proselytism quota for the day. 16:45:08 geez. 16:45:40 gzar: i invoke the atheist's curse. may you stay up all night with existential dread wondering if you've been lied to all these years. 16:49:18 Demosthenex: And I will pray for you, I hope you will seriously reconsider your ways 16:49:54 gzar: good thing i'll be here to think for you. 16:52:34 Demosthenex: Proverbs 14:12 There is a way which seemeth right unto a man, but the end thereof are the ways of death. 16:54:25 hell yeah death 17:02:46 okay cool man. see you later 17:04:32 fortune -m Noxzema 17:24:35 hrm, rebooting into bios, i had to enable this new PBO think (optimized booster?) 17:29:17 is there a way to tell if a pkg was insatlled using "pkg -r" ? 17:36:30 I use: pkg which /usr/local/bin/zstd => /usr/local/bin/zstd was installed by package zstd-1.5.7 17:36:51 I use: pkg info | grep zstd => zstd-1.5.7 Fast real-time compression algorithm 17:43:44 rwp: thanks. Using 'pkg which' says its not in the database. I'll have to see how I went about and got this jail setup. 17:50:46 You say jail and I am not sure... I would double check that "pkg info" lists out other packages of other things that are installed in the jail. I would run that in the jail of course. Or I would give pkg the -j jail option. Or the pkg -r /jails/jail5 option you mentioned. To make sure the results are from the jail. 18:32:39 rwp: Thanks! I tried 'pkg -r /usr/local/jails/containers/ info ' and that seemed to work. I tried using 'which' with a path relative to the container root but that didn't provide any results. So it must have been 'pkg -r' that I used. 18:35:11 There are multiple ways to do things. Personally I usually jexec into the jail and install packages that way by being inside the jail when installing. But the -j and -r methods should also work. 18:38:11 rwp: I've not setup firewall rules for my jails, otherwise I'd use 'pkg -j'. Uptil now, it was just one jail I had but now I'm going to be adding multiple jails. 18:39:48 Seems like will have to spend time and get pf setup 18:41:06 This confuses me... How are firewall rules related to installing packages using pkg -j into a jail? 18:46:22 pkg -j still wants to setup 'pkg' inside the jail from what I recall seeingbefore. 18:50:28 So, have you somehow blocked your jails from having the ability to fetch by HTTP files from the Internet? Are they air-gapped? Is that the issue? 20:10:53 rwp: I followed the Handbook setup for jails, but I didn't want to give them direct access to the internet. thin jails with nullfs support. works as a web server. 20:11:42 for now I have what I want 20:12:46 mns, They key configuration point there is "thin jails" which means that upgrading them in the jail is going to be counter to the configuration of thin being based upon another snapshot/fsclone. 20:13:24 Because (to be explicit for the lurkers here) that would expand the thin part into a new thick jail and lose the benefits of being thin. 20:14:52 I don't have anything against thin jails but I do think that for most purposes thick jails are easier to manage and less trouble and not worth the effort to make them thin. However if someone is doing laboratory experiments setting up 10,000 jails then of course thin becomes extremely advantageous. 20:15:50 mns, Since you are using thin jails you are going to have to work the problem of upgrading the base layer such that things propagate up through the layers to the thin jails. 20:19:41 rwp: yeah I don't mind working that out. Its a good way to learn things. Eventually I'll have many jails while experiement with infrastructure as code type of stuff. I had set this jail up a while ago, but couldn't tell how I had gotten the packages installed. With your help have been able to figure out that it was done using "pkg -r" 20:20:03 time to head out to a concert 20:20:06 laters 20:22:11 Enjoy! 21:52:43 I unfortunately got a NanoPi R5S. The main network interface generates a new MAC address at every boot. Is there some way in FreeBSD to prevent this, or to override it and set a fixed one? 22:01:07 zilti: in /etc/rc.conf you can try something like this: ifconfig_xxx0="ether xx:xx:xx:xx:xx:xx inet 192.168.0.1/24" 22:01:13 i don't remember if that's the exact syntax 22:03:00 ivy: I think it would be, but it seems to at least not work with DHCP; my config is `ifconfig_eqos0="ether F2:00:24:DD:9A:14 DHCP inet6 accept_rtadv"` 22:05:38 pretty sure you have to split ipv6 configs into a ifconfig_xxx_ipv6 variable 22:23:19 nimaje: Ahh that did it, thanks! I copied that from ifconfig_DEFAULT and added the ether thing. 22:28:22 you should also file a bug if you think that behaviour is wrong, but usually if this happens it's because the card doesn't have a burned-in address at all 22:49:35 ivy: afaik it is the latter. Which apparently is also the reason why the two additional PCIe-connected ethernet ports don't work; apparently the realtek driver only works with cards that have burned-in addresses 22:51:15 that sounds more like an actual bug, but if they're re(4), you may be glad they don't work (that driver has issues) 23:05:04 ivy: they're re(4) indeed 23:09:09 The only reason anyone uses those cards is that they have long been the cheapest option. Cheapest. And most terrible problematic awful horrible option. They would never be chosen by anyone who knew what they were getting. 23:10:53 rwp: sure, but it would help if the freebsd driver wasn't broken 23:15:59 Hello everyone.... I wonder it is anything functional on the virtualization with freebsd (last I checked only proper viable promise was clonos and cbsd), and second... what is the AI looking in FreeBSD... is there ollama runing on freebsd (or something similar that one can use open source large models such llama or others 23:17:15 acu: freebsd has had virtualisation with bhyve since 2014 23:17:17 I need to setup a small host virtualization server that will run 10 virtual machines, with two NICs one LAN one WAn, with two storage (4 TB nvme and 8 TB spining drive)... 23:18:28 ivy: thanks, yes I know... I was wondering what is the state of some proxmox style solution --- like https://clonos.convectix.com/ 23:19:24 I am wondering what is the VISION and STRATEGY of freebsd leaders ? I assume virtualization and AI are sufficiently important that would warrant some attention (perhaps some grants ?) 23:54:27 acu, spinning rust*( 23:54:39 s/\(// 23:56:28 whoops 23:56:36 s/(// 23:57:36 CrtxReavr, it is a bit cryptic of what you are saying --- if you talk about VISION and STRATEGY - about freebsd... yeah - could not find any place with that... I will look at BSDCAN videos... but AI and VIRTUALIZATION are not optional... 23:57:57 o_O 23:58:01 I'm talking about drives. 23:58:11 platters = spinning rust 23:58:45 Yeah - I am innamored about them - Ijust have on ZFS 8 tb that gives me errors - I did not back it app - I am toast :( 23:59:15 You have ZFS on a single drive? 23:59:51 * CrtxReavr is a hardware RAID & UFS2 luddite.