Installing FreeBSD on Soekris net4801-48

Nick introduced me to Soekris a few weeks ago and some neat little boxes they make. For a current project, the net4801 fit the bill perfectly, especially with the add in vpn1411 which off loads the intensive computational operations for encryption and compression.

I plan some future posts looking at the throughput performance of OpenVPN with and without the vpn1411 as well as general traffic throughput measurements. This post however will focus on installing FreeBSD on this device as easily as possible.

Firstly, I ordered the following:

Including P&P, this all came to €369.48.

While there is a lot of documentation online and a number of methods available to install FreeBSD on a Soekris box, I found that the easiest way to to do it was as if I were installing on the local machine and hence I could just install it as normal. For this, we turn to VirtualBox1.

  1. Install VirtualBox if you don’t have it.
  2. Attach the CF card to your computer via the USB card reader.
  3. Download a FreeBSD installation CD (e.g. 8.0-RELEASE-i386-disc1.iso.
  4. Create a new VirtualBox machine such that:
    • the ISO image is mounted;
    • you have enabled a network adapter (PCnet-PCI II in bridged mode works for me as I have a DHCP server on the LAN).
  5. Boot the new VirtualBox machine and from its built in BIOS, choose to boot from the mounted CD ROM.
  6. Immediately attach the USB card reader device to the VirtualBox machine.
  7. Choose a custom install so you can select the USB device as the destination medium (da0 for me).
  8. Proceed with your FreeBSD installation as normal.

Once it completes, there are some changes you should make before popping the CF card back into the Soekris box:

  1. In /etc/rc.conf, set up the network configuration. Note that in VirtualBox, the interfaces will be reported as le0 but when booted on the Soekris box, they’ll be sis0 through sis2. I set sis0 (marked Eth 0 on the case) to configure by DHCP. I also set a static IP on sis2 so I can access the box on a direct computer to computer connection if necessary. Lastly, I enable the SSH daemon (ensure you have created a user!):
    ifconfig_sis0="DHCP"
    ifconfig_sis2="inet 192.168.130.2 netmask 255.255.255.0 up"
    sshd_enable="YES"
    
  2. When installing via VirtualBox, the destination device was a USB drive. On the Soekris, the CF is handled as an IDE drive. As such, change fstab to something like (as appropriate for you – I have a single root filesystem and a swap partition):
    # Device                Mountpoint      FStype  Options         Dump    Pass#
    /dev/ad0s1b             none            swap    sw              0       0
    /dev/ad0s1a             /               ufs     rw              1       1
    
  3. Enable a console on the serial port in /etc/ttys by editing the ttyu0 line:
    ttyu0   "/usr/libexec/getty std.9600"   vt100   on secure                          
    
  4. Lastly, add the following lines to /boot/loader.conf:
    comconsole_speed="9600"
    console="comconsole"
    

Now, pop the CF card back into the Soekris box and boot with the serial console attached (19200,8,n,1). I immediately changed the Soekris console speed to 9600 so that it works seemlessly from Soekris BIOS to FreeBSD bootloader, kernel and console.

1. VirtualBox is a fantastic piece of software. I run Kubuntu natively on my laptop and I have a virtual Windows 7 Professional machine running in VirtualBox most of the time. It runs smoothly and quickly and there is a wonderful feature to allow you to attach USB devices to the virtual machine (so my iPhone can access iTunes for example).

Amazon AWS Keeps Getting Better

Amazon’s Web Services have just launched a health dashboard which should prove very useful and can be found at http://status.aws.amazon.com.

They’ve also announced paid support services.

An eagerly awaited feature for me is persistent EC2 storage which they are trialling right now and hopefully I’ll get into the beta program. Fingers crossed!

Stargate SG1 – Finishing the Story



Following up from a discussion on how the series finale disappointed a few people over on Donncha’s blog, Holy Shmoly!, I thought I might point out that a straight-to-DVD movie which actually ends the two-year story arc has just been released.

You can buy a copy (at a great price thanks to the dollar rate) from here on Amazon.

A spoiler-free review and a discussion on the decision to end the series in this manner can be found here on GateWorld. And just to whet you appetite, a trailer follows below.

Blacknight “to IPv6 the Irish Internet!”

Over in Blacknight’s blog, Paul tells us how they are going to IPv6 the Irish Internet!. Well done lads!.

In Ireland, a lot of the ISPs actually have IPv6 enabled their network edges – this includes imag!ne (aka Gaelic Telecom), HEAnet, BT Ireland, Eircom, Irish Broadband and Smart Telecom. Some of these companies offer IPv6 to their customers but a lot don’t or only on a trial basis.

Why? Well the simple answer is there’s no need. There is just no substantive quantity of content available on IPv6 so ISP customers have no need to have or even know about IPv6. This is why Blacknight’s announcement is so exciting. Paul Kelly, CTO, is setting an ambitious but attainable target of 30,000 Irish websites to be reached over IPv6 by the end of 2008.

Paul also goes on to explain just some of the possible (and serious) consequences if ISPs don’t start making progress towards IPv6-enabling their networks. And his announcement has given me that added impetus to get my finger out.

As members of INEX (Irish Neutral Internet Exchange) Blacknight is the only content provider to date that actively seeks to peer with the other members over IPv6. It would be great if INEX added IPv6 peerings to their peering matrix as a further promotional tool. All the ISPs I mentioned above are also actively peering over IPv6 at INEX.

For anyone who’d like to know more about IPv6, ICANN have posted a factsheet – a clear guide to a technical subject written in plain English – on IPv6 here.

Lastly, to inject a little (geek) humour, at the recent RIPE meeting (RIPE 55), an attendee by the name of Gary Feldman broke up proceedings with a rendition of he’s parody The Day the Routers Died:



Oh, and speaking of content and incentives, *cough* see here *cough*.

Want to Publish Your Own Book?

I was purchasing a book online today and I was brought to Lulu.com – Self Publishing to complete the transaction.

Lulu claims to be an easy and free way to publish and sell easily within minutes. The free part is obviously misleading but it appears to do what it says on the tin: allow you to publish and print your book to order and the cost of printing does not seem to be too prohibitive.