Installing OpenBSD 4.7 on a Soekris net4801 (with Debian as a boot server)
Pre requisites for boot server:
- Debian (Lenny 5.0)
Pre requisites for net4801 (also tested with net5501):
- Fast 512MB CF card
Configure (Debian) boot server¶
Create and populate directories for tftpd (I use /var/lib/tftpboot as "base dir")
# mkdir -p <base dir>/etc # cd <base dir> # wget http://ftp.eu.openbsd.org/pub/OpenBSD/4.7/i386/pxeboot # wget http://ftp.eu.openbsd.org/pub/OpenBSD/4.7/i386/bsd.rd
Create a boot config file for the net4801
set tty com0 stty com0 19200 boot bsd.rd
Install the tftp server atftpd
# apt-get install atftpd
(give your <base dir> as base dir)
Install and configure dhcp3
# apt-get install dhcp3-server
edit /etc/dhcp3/dhcpd.conf and add the following (using subnet 192.168.1.0/24 as an example)
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.210 192.168.1.220;
option domain-name-servers 192.168.1.1;
option routers 192.168.1.1;
}
allow booting;
allow bootp;
option space PXE;
option PXE.mtftp-ip code 1 = ip-address;
option PXE.mtftp-cport code 2 = unsigned integer 16;
option PXE.mtftp-sport code 3 = unsigned integer 16;
option PXE.mtftp-tmout code 4 = unsigned integer 8;
option PXE.mtftp-delay code 5 = unsigned integer 8;
group {
option vendor-class-identifier "PXEClient";
next-server <IP ADDR of tftpd server>;
filename "pxeboot";
option PXE.mtftp-ip 0.0.0.0;
vendor-option-space PXE;
host <hostname of net4801> {
hardware ethernet <MAC address of net4801>;
fixed-address <IP address for net4801>;
}
}
Install on net4801¶
Connect the serial cable to the net4801 and power on the net4801
Press Ctrl-P for entering Monitor. boot>
Boot from network
boot> boot f0
Then perform the OpenBSD install
Make sure to switch the default console
Change the default console to com0? [no] yes Available speeds are: 9600 19200 38400 57600 115200. Which one should com0 use? (or 'done') [9600] 19200
Partition table (custom layout)
wd0a 150m / wd0d 80m /var wd0e 40m /home wd0f 218(rest) /usr
Note: skipping /tmp for later
I used the following sets
[X] bsd
[X] bsd.rd
[ ] bsd.mp
[X] base47.tgz
[X] etc47.tgz
[X] misc47.tgz
[ ] comp47.tgz
[X] man47.tgz
[ ] game47.tgz
[ ] xbase47.tgz
[ ] xetc47.tgz
[ ] xshare47.tgz
[ ] xfont47.tgz
[ ] xserv47.tgz
After installation (do not reboot before performing these steps)¶
Edit /mnt/etc/fstab and add /tmp and /var/run as mfs
# echo "swap /tmp mfs rw,nodev,nosuid,-s=19456 0 0" >> /mnt/etc/fstab # echo "swap /var/run mfs rw,nodev,nosuid,-s=19456 0 0" >> /mnt/etc/fstab
apply the following change to /mnt/etc/rc
@@ -122,6 +122,7 @@ umount -a >/dev/null 2>&1 mount -a -t nonfs,vnd +chmod 1777 /tmp mount -uw / # root on nfs requires this, others aren't hurt rm -f /fastboot # XXX (root now writeable)
If you use ed
# ed /mnt/etc/rc /mount -a -t nonfs/ a chmod 1777 /tmp ctrl-d w q
Now it's time to reboot
System configuration after reboot¶
When the system is up after the first reboot we can use vi instead of ed to perform some more configurations.
Enable soft updates by editing /etc/fstab (we will reboot later)
/dev/wd0a / ffs rw,softdep 1 1 /dev/wd0e /home ffs rw,nodev,nosuid,softdep 1 2 /dev/wd0f /usr ffs rw,nodev,softdep 1 2 /dev/wd0d /var ffs rw,nodev,nosuid,softdep 1 2 swap /tmp mfs rw,nodev,nosuid,-s=19456 0 0 swap /var/run mfs rw,nodev,nosuid,-s=19456 0 0
Install BASH(static), WGET & LSOF
# pkg_add -v http://ftp.eu.openbsd.org/pub/OpenBSD/4.7/packages/i386/bash-4.0.35.tgz # pkg_add -v http://ftp.eu.openbsd.org/pub/OpenBSD/4.7/packages/i386/wget-1.12p0.tgz # pkg_add -v http://ftp.eu.openbsd.org/pub/OpenBSD/4.7/packages/i386/lsof-4.82p1.tgz
Check that bash is in /etc/shells
# grep bash /etc/shells /usr/local/bin/bash
Change shell to bash
# chsh -s bash
Add users with adduser
# adduser Enter your default shell: bash csh ksh nologin sh [sh]: bash
Make sure that at least one normal user belongs to group 'wheel' with login class 'staff'
Disable some services in /etc/inetd.conf
127.0.0.1:8021 stream tcp nowait root /usr/libexec/ftp-proxy ftp-proxy ##ident stream tcp nowait _identd /usr/libexec/identd identd -el ##ident stream tcp6 nowait _identd /usr/libexec/identd identd -el ##daytime stream tcp nowait root internal ##daytime stream tcp6 nowait root internal ##time stream tcp nowait root internal ##time stream tcp6 nowait root internal
and reload
# kill -HUP `cat /var/run/inetd.pid`
Enable caching DNS (add the following to /etc/rc.conf.local)
named_flags=""
Note: The rest is not tested with 4.7 (only with 3.7)
Configure pppoe (http://openbsdsupport.org/obsd_dsl.html)
I use the 'sis2' interface for pppoe
/etc/ppp/ppp.conf
default: set log Phase Chat LCP IPCP CCP tun command set redial 15 0 set reconnect 15 10000 pppoe: set device "!/usr/sbin/pppoe -i sis2" disable acfcomp protocomp deny acfcomp set mtu max 1492 set mru max 1492 set speed sync set authname "<login name at ISP>" set authkey "<password at ISP>" add default HISADDR enable mssfixup
Make sure sis2 comes up after reboot
# echo "up" > /etc/hostname.sis2
Enable IP-forwarding
# sysctl -w net.inet.ip.forwarding=1 # vi /etc/sysctl.conf (remove # in front of net.inet.ip.forwarding=1)
I rebooted the system at this point
Test pppoe¶
fix search and nameserver settings in /etc/resolv.conf
search <your domain> nameserver 127.0.0.1 lookup file bind
Bring up pppoe
# ppp -ddial pppoe
you should get a tun0 device (check with ifconfig -a), Try to ping something you know.
Bring down pppoe
# pkill ppp
Fix your firewall rules! and enable pf
/etc/rc.conf
pf=YES # Packet filter / NAT
Active firewall rules at ppp connection
/etc/ppp/ppp.linkup
MYADDR: !sh -c "/sbin/pfctl -f /etc/pf.conf"
Make ppp auto start add the following to /etc/rc.local
# Start PPPoE
echo -n ' PPPoE'
ppp -ddial pppoe
sleep 20 (5)