Tag Archives: FreeBSD

Installing gnome GUI on FreeBSD 8

Most people seem to think installing a GUI on FreeBSD is a difficult task.¬† Here’s how to do it, including little tweaks to make it work even better ūüėČ

Login to your computer as root (or su to root from a regular user)

Use your favourite editor (check my blog for instructions on using ‘ee’ which is included in FreeBSD) to edit /boot/loader.conf – add the following lines:




This will load the linux compatibility layer, and linux procfs compatibility modules (these will most likely be used later when you need to install flash plugins) and also the ATAPI scsi emulation driver.  This is used for cd/dvd recording tools within gnome.

Next make sure that the linux proc folder exists by typing:

mkdir -p /compat/linux/proc

And now we will edit the /etc/fstab file.  Add the following lines if they do not exist already:

proc /proc procfs rw 0 0

linproc /compat/linux/proc linprocfs rw 0 0

Next, we will tell FreeBSD to initialise the linux compatibility layer on boot-up.  Edit /etc/rc.conf and add:


Ok, now you’re ready to install gnome.¬† Make sure you’re connected to the internet, and type:

pkg_add -r xorg gnome2

This will install xorg (if needed) and gnome.¬† It will fetch all dependencies it needs, so it may take a while.¬† You will be returned to a prompt when it’s finished.

Now to help things move along smoothly, you need to find out your computer’s hostname and add it to your hosts file…¬† Run the following command to get your hostname:


Next edit /etc/hosts and add the following line at the bottom (replace ‘hostname’ with the output of the above command): hostname

Now just one thing left to do, and that is to tell FreeBSD to load the gnome components next reboot… Edit /etc/rc.conf and add:





reboot, and you will be presented with the gnome login prompt ūüôā

Step-by-Step guide to install FreeBSD 8.1

A few people have asked me recently how to install FreeBSD 8.1.¬† A few managed it by themselves, but using auto defaults which can cause various problems.¬† So I decided to publish this guide.¬† It uses the simplest method for users (not always “the best”, but certainly working) – I have taken screenshots throughout the entire process to assist you in installing.

First of all, download and burn the installation CD (disc1) or DVD (dvd1) image from your nearest FreeBSD mirror.  For our purposes, there is no difference between the two images.

Boot from the CD/DVD, and you will reach the following screen:

Choose your language from the list.¬† As i’m in the UK I will select United Kingdom with the cursor keys, and press Enter.¬† You will see the next screen:

You need to select your keyboard layout here.  I will choose UK ISO for me and press Enter.  This will bring us to the next screen:

Select ‘Standard’ from the menu and press enter to move to the next screen:

This is just an information screen so press enter to move to the next screen:

NOTE: you will only see this screen if you have more than one disk drive in your computer.  If you do not see this screen, skip to the next screenshot.

Select the first disk (either ad0 or ad4 or da0 depending on your computer setup) using the space bar to go to the next screen (if you have a single disk only, you will automatically go to the next screen):

If you are using an existing disk, you will have more than one line shown here.  Use the cursor keys to go down to all the entries and press D to delete them.  Repeat until you only have one line (unused).  Press A for use entire disk followed by Q to go to the next screen.  (If you have multiple disks, you will go back to the previous image Рpress TAB then enter to continue to the next screen if so)

This page allows you to select a boot manager.¬† You don’t need a boot manager for FreeBSD, so choose ‘Standard’ and press enter to continue to the next page:

This is an informational page again, press enter to continue to the next screen:

This is where most people choose Auto defaults Рbut this is almost always not suitable for you.  Instead, press C to create which goes to this screen:

Delete the number with the backspace key.  We need to enter a suitable value for swap space here.  Take your memory size to the nearest 1GB and double the figure. (e.g. if you have 1GB ram, use the figure 2G) Рnote you must only put G not GB.  press enter to go to this screen:

Use the cursor keys to go to “Swap” and press enter.¬† This will take you back to the black screen again.¬† Press C again to go to this screen:

Leave the number that is given in the box for you and press Enter to go to the next screen:

Select “FS” and press enter to go to the next screen:

Enter “/” into this box and press enter to go back to the black screen.¬† On this screen, use the cursor keys to go down to the entry listed as mount “/” and press the S key.¬† You will see the newfs item change to “UFS+S” like this image:

On this screen, you should now just have the “swap” and “/” entries.¬† Press Q to continue to the next step:

Use the cursor keys to go down to “Custom” and press the space bar to continue to the next step:

Using the cursor keys and space bar, select the following items on this page: base, lib32, man, catman, proflibs, ports, kernels. When you press space on “kernels”, you will be shown this screen:

Go down to GENERIC and press space, then back up to Exit and press space.  This will return you to the previous screen.

Select SRC using the space bar, when you do, you will be shown the following screen:

Go down to ALL and press space to select all items, then go to Exit and press space to return to the previous screen like this:

Go back up to Exit at the top of the page and press space to move onto the next step:

Go up to Exit and press space to move onto the next page:

Select CD/DVD here and press enter to move to the next step:

Ok, up to this point you haven’t made any changes to your disks.¬† This is your last chance (as it says) to change your mind.¬† Press enter to start formatting your drives:

After formatting (only takes a minute or two – similar to a quick format), you will see the following page as it installs files:

Once all the files have been copied, it will start to install the ports collection.  This has no progress bar and will take a while so be patient.  The screen looks like so:

Once everything is installed, and ports copied over – it will confirm the installation with the following page:

Press enter to move onto the post-installation questions.  You will enter the next step:

This will allow you configure WIRED networking (if you have wireless networking and do not wish to configure a wired network select NO here!)

If you would like to configure wired networking, select yes and press enter to move to the next step:

Your network card(s) will be shown here.  Network card names depend on your specific card.  If you have multiple network cards, you will see multiple lines here.  Ignore the plip0 device.

Select the network card you wish to configure and press enter to go to the next step:

Select NO here and press enter.  (If you want to use IPv6, enable it after installation).  This will bring you to the next step:

If your network uses DHCP for IP assignments, select YES and continue.  Otherwise select NO for static configuration.  The next page is identical regardless of which you choose Рexcept with DHCP it will part-fill out IP addresses for you as given by DHCP.  The next page looks like this:

Fill out the host name and press tab.  This will auto-populate the domain section unless DHCP already did it for you.  If you chose not to use DHCP (or no DHCP servers were found), you will need to fill out gateway, nameserver, ip address and netmask fields.  Use the tab key to move between fields.  When done, tab until OK is highlighted and press enter to move onto the next screen:

Select NO here and press enter to move to the next step:

Select NO and press enter to move to the next step:

If you require access from outside of your computer (e.g. if it is a server, or if you like to remote access it from other computers etc), select YES here.  Otherwise select NO.  Either choice will move to the next screen:

Select NO here and press enter to continue to the next step:

Select NO here as we can configure this later if you want to use it.  This will continue onto the next stage:

Select NO here to move onto the next step:

Select YES here as we want to configure our console settings to something a little nicer.  This will move onto the next page:

Move down to FONT and press space to move to the next page:

Select the best font for you.  For me, this is IBM 437.  Press enter to return to the previous page.

Select KEYMAP and press space to move to the next page:

Select the best codepage for you.  For me, this is UK ISO.  Press enter to return to the previous page.

Select REPEAT and press space to move to the next page:

Select FAST and press enter to return to the previous page.

Select SCREENMAP and press space to move onto the next page:

Select the best screenmap for you.  For me, this is ISO 8859-1 TO IBM437.  Press enter to return to the previous screen.

Move up to EXIT and press enter to move onto the next page:

Select YES to set our timezone, this will move onto the next screen:

Select NO here to move onto the next screen:

Select your region from the list.  For me, this is EUROPE.  Press enter to go to the next screen:

Select your country/region from the list.  For me, this is UNITED KINGDOM.  Press enter to move to the next screen:

Check the timezone abbreviation is correct and say YES if it is.  For me, this is BST or GMT depending on summer time.  If you select NO you will go back to the previous page to reselect.  Selecting YES moves to the next step:

Select YES to move to the next step:

Don’t bother selecting any details in this page (they will be autodetected) – just go to EXIT and press enter to move to the next screen:

Select NO so that we do not install any packages.  This will move to the next page:

Select YES to add a user to the system.  This will move onto the following page:

Move down to USER and press enter to move onto the next page:

Add your username (all in lowercase) and use TAB to move between fields.¬† Enter a password and confirm in the relevant boxes.¬† In ‘Member groups’ put wheel (in lowercase).¬† Your home directory will automatically be set based on your login id.¬† The default shell is /bin/sh however I prefer /bin/tcsh.¬† TAB to OK and press enter to continue.

This will go back to the add user menu, select EXIT and press enter to move onto the next page:

Select OK to set a new root password for your computer.  The screen will look like this:

Enter your new root password twice to continue to the next page:

Select NO to continue to the next screen (the original installation screen):

Use the right cursor key to select EXIT INSTALL and press enter to continue.

Select YES to confirm you want to reboot.

Remove the CD/DVD from the drive and press ENTER to reboot.

When the computer as rebooted (assuming no problems) you will be presented with a login prompt like this:

Your computer is now installed and ready to use.  See my other posts for information on how to perform other tasks.

I hope this helps anyone hoping to install FreeBSD, and I welcome any questions.

Booting from ZFS RAID0/1/5/6 in FreeBSD 8.x

Ok, this is a long post but a useful one.¬† This is how to make freebsd boot from a ZFS volume (whether it be raid0, raid5 or raid6).¬† The freebsd installer doesn’t support anything exotic so we have to do this manually.

If you’re using FreeBSD 9.0, then follow the guide at https://www.dan.me.uk/blog/2012/01/22/booting-from-zfs-raid0156-in-freebsd-9-0-release/

First, grab yourself a copy of DVD1 iso or the memory stick image and boot from it.  No other boot image will work Рit MUST be the DVD or memory stick image!

Once you’ve booted into the installer and chosen your country and keyboard layouts, go to the Fixit menu and choose either CDROM/DVD or USB depending on the installation media you used.¬† This will open up a terminal window into a live filesystem booted from the DVD/USB.

For my example, i’m going to build a RAID5 array on disks da0 da1 and da2.

First, we need to remove any existing GPT partition info from the disks – ignore the ‘invalid argument’ message if you get it at this stage:

gpart destroy da0
gpart destroy da1
gpart destroy da2

Now we need to initialise the GPT partitions on each disk:

gpart create -s gpt da0
gpart create -s gpt da1
gpart create -s gpt da2

We will now make a boot (64KB) and ZFS (remaining space) partition on each disk in turn:

gpart add -s 128 -t freebsd-boot da0
gpart add -s 128 -t freebsd-boot da1
gpart add -s 128 -t freebsd-boot da2

gpart add -t freebsd-zfs -l disk0 da0
gpart add -t freebsd-zfs -l disk1 da1
gpart add -t freebsd-zfs -l disk2 da2

And now we have to install the protected MBR boot code into all the drives:

gpart bootcode -b /mnt2/boot/pmbr -p /mnt2/boot/gptzfsboot -i 1 da0
gpart bootcode -b /mnt2/boot/pmbr -p /mnt2/boot/gptzfsboot -i 1 da1
gpart bootcode -b /mnt2/boot/pmbr -p /mnt2/boot/gptzfsboot -i 1 da2

Now that we’ve configured the disks, we need to load the ZFS kernel modules from the CD so that we can build ZFS volumes:

kldload /mnt2/boot/kernel/opensolaris.ko
kldload /mnt2/boot/kernel/zfs.ko

And create a ZFS pool.  If you want a RAID6 volume, choose raidz2 instead of raidz1 here.  If you want a mirror, use mirror or if you want RAID0 (or single disk) just omit the raidz1 completely:

zpool create zroot raidz1 /dev/gpt/disk0 /dev/gpt/disk1 /dev/gpt/disk2
zpool set bootfs=zroot zroot

Ok, now we’ve made our ZFS pool (and it’s currently mounted at /zroot/) – we need to make all our filesystems on it… this is complicated, but here we go:

zfs set checksum=fletcher4 zroot
zfs create -o compression=on -o exec=on -o setuid=off zroot/tmp
chmod 1777 /zroot/tmp
zfs create zroot/usr
zfs create zroot/usr/home
cd /zroot; ln -s /usr/home home
zfs create -o compression=lzjb -o setuid=off zroot/usr/ports
zfs create -o compression=off -o exec=off -o setuid=off zroot/usr/ports/distfiles
zfs create -o compression=off -o exec=off -o setuid=off zroot/usr/ports/packages
zfs create zroot/var
zfs create -o compression=lzjb -o exec=off -o setuid=off zroot/var/crash
zfs create -o exec=off -o setuid=off zroot/var/db
zfs create -o compression=lzjb -o exec=on -o setuid=off zroot/var/db/pkg
zfs create -o exec=off -o setuid=off zroot/var/empty
zfs create -o compression=lzjb -o exec=off -o setuid=off zroot/var/log
zfs create -o compression=gzip -o exec=off -o setuid=off zroot/var/mail
zfs create -o exec=off -o setuid=off zroot/var/run
zfs create -o compression=lzjb -o exec=on -o setuid=off zroot/var/tmp
chmod 1777 /zroot/var/tmp

Now we’re ready to install FreeBSD onto the new ZFS partitions.¬† We’re going to install the base, manual pages, all sources and a generic kernel – this takes some time so be patient…

cd /dist/8.1-RELEASE/
export DESTDIR=/zroot
for dir in base manpages ; do (cd $dir ; ./install.sh) ; done
cd src ; ./install.sh all
cd ../kernels ; ./install.sh generic
cd /zroot/boot ; cp -Rlp GENERIC/* /zroot/boot/kernel/

Now we need to set /var/empty to readonly:

zfs set readonly=on zroot/var/empty

And now we’re ready to configure the installation.¬† To make things easier, we will chroot into the environment:

chroot /zroot

We need to setup an initial /etc/rc.conf which will mount all ZFS filesystems:

echo ‘zfs_enable=”YES”‘ > /etc/rc.conf

And an initial /boot/loader.conf that will load the ZFS modules and set our root mountpoint:

echo ‘vfs.zfs.prefetch_disable=”1″‘ > /boot/loader.conf
echo ‘vfs.root.mountfrom=”zfs:zroot”‘ >> /boot/loader.conf
echo ‘zfs_load=”YES”‘ >> /boot/loader.conf

Now you can set your root password:

passwd root

And configure your timezone:


And setup a dummy aliases file for sendmail to keep it quiet ūüėČ

cd /etc/mail
make aliases

You can do other configuration here, like adding a user etc – but when you’re done we can exit the environment:


Now, we need to export our ZFS configuration (and reimport it) so we can save out the cache file:

mkdir /boot/zfs
cd /boot/zfs
zpool export zroot && zpool import zroot
cp /boot/zfs/zpool.cache /zroot/boot/zfs/zpool.cache

We now create an empty /etc/fstab file as follows:

touch /zroot/etc/fstab

This is the tricky part, we need to unmount the ZFS partitions and re-assign their mountpoints for the root filesystems:

export LD_LIBRARY_PATH=/mnt2/lib
zfs unmount -a
zfs set mountpoint=legacy zroot
zfs set mountpoint=/tmp zroot/tmp
zfs set mountpoint=/usr zroot/usr
zfs set mountpoint=/var zroot/var

Now we can exit the fixit shell, remove the media and reboot the computer.  Do this as soon as you can.

The computer should reboot into a ZFS-based filesystem, booted from a software RAID array on fully protected disks.

Once it’s booted, you can login and run sysinstall to configure other options like networking and startup programs (like SSH!)


PPTP VPN in FreeBSD (for Windows XP/Vista/7 clients)

Here’s a simple guide to setting up a VPN server on FreeBSD so that Windows clients can connect using their built-in VPN clients…

First, make sure your ports collection is up-to-date, then build poptop in /usr/ports/net/poptop:

# cd /usr/ports/net/poptop/
# make
# make install

Next we need to create a config file for poptop… create the file /usr/local/etc/pptpd.conf as follows:

pidfile /var/run/pptpd.pid

Next we need to create a PPP configuration file called /etc/ppp/ppp.conf (overwrite the existing file) as follows (edit the IPs to suit your network requirements):

set timeout 0
set log phase chat connect lcp ipcp command
set device localhost:pptp
set dial
set login
# Server (local) IP address, Range for Clients, and Netmask
set ifaddr
set server /tmp/vpn-in-%d “” 0177

set timeout 0
set log phase lcp ipcp command
allow mode direct

load loop
disable pap
disable passwdauth
disable ipv6cp
enable proxy
accept dns
enable MSChapV2
enable mppe
disable deflate pred1
deny deflate pred1
set device !/etc/ppp/secure

Every line above except those ending with a colon(:) should be indented or ppp.conf will not work – the CMS in use on this site wont indent – sorry ūüôĀ

Next we need to create a file called /etc/ppp/secure with the following contents:

exec /usr/sbin/ppp -direct loop-in

And set it to be executable with chmod 0755 /etc/ppp/secure – this script will be run automatically during the VPN setup process.

Now we need to add a login for the VPN (you can have multiple username/passwords in this file) called /etc/ppp/ppp.secret like so:

user1 pass1
user2 pass2
user3 pass3

Now we need to enable proxy ARP in Freebsd.  Add the following line into /etc/sysctl.conf:


To activate it without a reboot, type sysctl net.link.ether.inet.proxyall=1

And finally set the VPN server to start on bootup automatically by adding the following into /etc/rc.conf:


Now startup the VPN server by running:

/usr/local/etc/rc.d/pptpd start

Your VPN server is now ready on your FreeBSD server and you’re ready to configure your Windows clients to connect to it.¬† I’ll give you an example of how to do it on Windows 7, i’m sure you can find out how to do it on earlier versions of windows…

  1. Go to Start
  2. Open Control Panel
  3. Under Network and Internet, click View network status and tasks
  4. Click Set up a new connection or network at the bottom of the page
  5. Choose Connect to a workplace and click Next
  6. Select No, create a new connection and click Next
  7. Select Use my Internet connection (VPN)
  8. Enter the IP address of your VPN server in Internet address and give it a description below.
  9. Check Don’t connect now; just set it up so I can connect later and click Next
  10. Enter the username and password from your ppp.secret file, leave Domain blank, click Create
  11. Click Close
  12. Click Change adapter settings on the left of your Network and Sharing Center window
  13. Right-click on your new VPN and go to Properties
  14. Go to the Networking tab, click Internet Protocol Version 4 (TCP/IPv4) and click Properties
  15. Click Advanced
  16. Uncheck Use default gateway on remote network (this enables split tunnelling mode which is probably what you will want to use)
  17. Click Ok then Ok then Ok and close the Network Connections window.

Now your VPN is setup, you can connect by clicking on the network icon in your taskbar, clicking your VPN in the list and clicking on Connect.

Windows Vista is similar to Windows 7 to configure.  Windows XP is a little different Рbut the general setup is identical on all three flavours of Windows.

Split Tunnelling mode is when you join the remote network but not route your entire internet connection via it.  If you want to route your entire connection via the VPN you can skip steps 12-17 above.

RAID5/6 (using ZFS) in FreeBSD 8.x

Ok, FreeBSD still lacks a decent RAID5 implementation within its core system (some people use the geom_raid5 3rd party module that you can find in freenas) – but with ZFS moved into production status in freebsd 8 now we can use this.

ZFS supports various raid levels.¬† We will use RAID5 in this example – I’ll explain how to use RAID6 later in the article.

Ok, for my example I will use 6 x 2TB hard drives freshly installed in my system (listed as ad10 ad12 ad14 ad16 ad18 ad20 in dmesg) to generate a RAID5 raid set, giving 5 x 2TB of usable space and capable of a single disk failure without loss of data.  Remember, you need a minimum of 3 disks to do RAID5, and you get N-1 capacity (N-2 for RAID6)

First, we need to load ZFS into the system… add the following into your /boot/loader.conf:


This will cause ZFS to load in the kernel during each boot.¬† The prefetch_disable is set by default on servers with less than 4GB of ram, but it’s safe to add it anyway.¬† I’ve found this produces far more stable results in live systems so go with it ūüėČ

Next, add the following into your /etc/rc.conf file:


This will re-mount any ZFS filesystems on every boot, and setup any necessary settings on each boot.

Now, we will add all 6 disks into a raid5 set called ‘datastore’ – run the following as root:

zpool create datastore raidz ad10 ad12 ad14 ad16 ad18 ad20

‘raidz’ is ZFS’s name for RAID5 – to do RAID6 you would use ‘raidz2’ instead.¬† You can confirm the command was successful with zpool status as follows:

pool: datastore
state: ONLINE
scrub: none

datastore   ONLINE       0     0     0
raidz1    ONLINE       0     0     0
ad10    ONLINE       0     0     0
ad12    ONLINE       0     0     0
ad14    ONLINE       0     0     0
ad16    ONLINE       0     0     0
ad18    ONLINE       0     0     0
ad20    ONLINE       0     0     0

errors: No known data errors

This shows the raid set is online and healthy.  When there are problems, it will drop to DEGRADED state.  If you have too many disk failures, it will show FAULTED and the entire array is lost (in our example we would need to lose 2 disks to cause this, or 3 in a RAID6 setup)

Now we will set the pool to auto-recover when a disk is replaced, run the following as root:

zpool set autoreplace=on datastore

This will cause the array to auto-readd when you replace a disk in the same physical location (e.g. if ad16 fails and you replace it with a new disk, it will re-add the disk to the pool)

You will now notice that you have a /datastore folder with the entire storage available to it.  you can confirm this with zfs list as follows:

datastore       2.63T  6.26T  29.9K  /datastore

You now have a working RAID5 (or RAID6) software raid setup in FreeBSD.

Generally to setup RAID6 instead of RAID5 you replace the word raidz with raidz2.  RAID5 allows for a single disk failure without data loss, RAID6 allows for a double disk failure without data loss.

After a disk failure, run zpool status to ensure the state is set to ONLINE for all the disks in the array then run the command zpool scrub datastore to make zfs rebuild the array.¬† Rebuilding takes time (it rebuilds based on used data so the more full your array the longer the rebuild time!) – once it’s completed the scrub or “resilver” process, your array will return back to ONLINE status and be fully protected against disk failures once again.

As this process can take (literally) hours to complete some people prefer a RAID6 setup to allow for a 2nd disk failure during those few hours.  This is a decision you should make based on the importance of the data you will store on the array!

Full System Backups using dump/restore in FreeBSD

This is useful to keep identical copies of your data on a 2nd disk.¬† It’s NOT a replacement for using RAID1 mirroring – but it can be useful.¬† e.g. you can access data from the previous backup on a per-file basis.¬† You could also use it to mirror a current disk to a new disk to go into a seperate server (disk cloning).

What it is REALLY useful for is to copy your data from a smaller disk to a larger disk Рbut you should do that offline not live.  The examples here are all done using a live filesystem.  To do a non-live filesystem, boot into single user mode, mount the old drives as readonly with mount -o ro -a, then mount the new drive as normal and run the same commands to dump/restore.

Ok, so i’m going to assume that you want to dump the /usr filesystem into /mnt/usr (a filesystem mounted on a seperate disk)…

cd /mnt/usr

dump -L -0 -f- /usr | restore -r -f-

This will dump ALL files in /usr into /mnt/usr.  Status updates are written to the screen every 5 minutes.

As this can be run on a live filesystem, you can run backups during normal operation (although the disk performance hit should be taken into account)

What is really useful is that you can pipe the restore command via ssh to restore to a remote server anywhere on the internet… an example would be…

dump -L -0 -f- /usr | ssh -2 -C -l remoteuser restore -r -f-

That would restore the files into the home directory of ‘remoteuser’ on the remote server.

FreeBSD newfs options

Sometimes the default formatting options aren’t what you need, so i’ll explain a few of them here.

soft-updates are enabled with the -U option.  Soft updates are generally a good idea, but you might run into problems if you enable them on a smaller partition as it can fill up before the system has had time to release free space to the user.

block size, frag size and inode size can be useful to change depending on your intended data usage.  A single file will always use a minimum of the block size.   If your intended data is likely to be a lot of small files (e.g. a maildir dump disk), then a 64kb block size is insane as a 100byte file will occupy 64kb of disk storage.  inodes can be exhausted if your intended data is likely to be a lot of files.  e.g. if your disk is likely to contain a few thousand large zip files then you need fewer inodes which frees up space for data.

for a disk that needs a lot of small files, i would go for something like:

newfs -O2 -U -b 4096 -f 512 -i 2048 /dev/da0s1a

for a disk that needs fewer files but generally has large files, you could increase the block and inode size:

newfs -O2 -U -b 65536 -f 8192 -i 65536 /dev/da0s1a

The defaults (at least in FreeBSD 7) are…

newfs -O2 -U -b 16384 -f 2048 -i 2048 /dev/da0s1a

Partitioning/Formatting disks in FreeBSD (manual method)

Here’s how to manually partition and format a disk in FreeBSD manually.

I’m going to assume you want to use the entire disk (/dev/da0)¬† in 1 partition and all data on it will be destroyed…

First, lets wipe out any data that might be on it…¬† we’ll destroy the GPT table (if one exists), and blank out the first chunk of the disk to destroy any MBR partition tables that might exist:

gpt destroy /dev/da0

dd if=/dev/zero of=/dev/da0 bs=1m count=128

Now we will create a single (bootable/active) partition spanning the entire disk.¬† You may not want it to be bootable, but it doesn’t hurt anyway so why not:

fdisk -BI /dev/da0

Now we will write a standard (bootable) freebsd disk label to the 1st partition.¬† The standard label has the entire space usable as “a”:

bsdlabel -wB /dev/da0s1

Now we will format it for FreeBSD to use.¬† We will use UFS2 with soft updates…

newfs -O2 -U /dev/da0s1a

Now all you need to do is mount it… e.g. to mount it as /mnt:

mount /dev/da0s1a /mnt

if you want it to mount on every boot, add it to /etc/fstab like this:

/dev/da0s1a     /mnt     ufs     rw     2     2

All done ūüôā

CARP in FreeBSD (HSRP/VRRP alternative)

CARP can be used for several things, but I’m going to concentrate on a HSRP/VRRP alternative in this post (having a hot standby on a seperate computer).

To enable CARP support, you need to add the following line in your kernel config file (in /usr/src/sys/<arch>/conf/):

device carp

Once you have built and installed your new kernel, you can configure a CARP interface.  To use carp, you need a non-carp IP on your interface on each computer and then a second shared IP.  For this purpose we will use as the shared IP and as the fixed non-carp IP on the fxp0 interface.

Edit your /etc/rc.conf file as follows:

ifconfig_fxp0=”inet netmask″

ifconfig_carp0=”vhid 1 advskew 100 pass p4ssw0rd″

To explain the carp0 line in more detail…

The vhid contains the virtual interface ID.  There seems to be some confusion online whether this should be identical or different on machines.  Personally, I use the same vhid on primary and backup hosts.

The advskew value specifies which should be primary and backup.  A lower figure is a higher priority so the master should be a lower number than the secondary.

The pass value is the authentication value.  This needs to match between primary and backup machines.  The password is sent plaintext over the interface, so is easily snooped unfortunately.

Finally, the shared IP is listed.  This needs to match an existing subnet on the machine or the carp interface will not be configured.

An example of a backup to the above machine (using as its non-carp IP) would have the following config:

ifconfig_fxp0=”inet netmask″

ifconfig_carp0=”vhid 1 advskew 200 pass p4ssw0rd″

As you can see, it is identical except fxp0 has a different IP, and the advskew is higher making the priority lower.

To check on the status, you run ifconfig carp0 – it should look similar to the following:

carp0: flags=49<UP,LOOPBACK,RUNNING> metric 0 mtu 1500
inet netmask 0xffffff00
carp: MASTER vhid 1 advbase 1 advskew 100

That should be all you need to configure carp on a FreeBSD machine.

Alternative to null-routing in FreeBSD (using IPFW)

Instead of using null-routing, you can use IPFW to block the traffic (the advantages include being able to set the ICMP response type).¬† My favourite is to use “Communication prohibited by filter” response.

If you wanted to block in this way, you would use:

/sbin/ipfw add 01000 unreach filter-prohib ip from to me

You can also adapt the above to only include certain types of traffic which is where it is more flexible than null-routing.