| Installing OpenBSD on a Soekris Net5501-70 | ||
|---|---|---|
 | Part IX. OpenBSD |  |
| Installing OpenBSD on a Soekris Net5501-70 | ||
|---|---|---|
| | Part IX. OpenBSD | |
May 2008
Connect the null modem cable to the serial ports of your net5501 box and your PC.
Connect a UTP cable to the port labeled “eth0” on the Soekris box, and to your network.
![[Warning]](include/images/admon/warning.png) | Warning |
|---|---|
|
This procedure assumes you have a DHCP and a TFTP server handy. |
Do not connect the power cord yet.
Install Minicom on the PC.
apt-get install minicom
Press CtrlA+Z then O to get into the configuration menu.
Now configure Minicom in such a way that it emulates an ANSI terminal at 19200 baud with 8-bits-one-parity and one stop bit.
And make sure it connects to the serial port your cable is plugged into.
Save these settings
Now connect the power cable (both ends ;) and see your box boot.
POST: 012345689bcefghips1234ajklnopqr,,,tvwxy
comBIOS ver. 1.33 20070103 Copyright (C) 2000-2007 Soekris Engineering.
net5501
0512 Mbyte Memory CPU Geode LX 500 Mhz
Pri Mas SanDisk SDCFH2-004G LBA Xlt 995-128-63 4013 Mbyte
Slot Vend Dev ClassRev Cmd Stat CL LT HT Base1 Base2 Int
-------------------------------------------------------------------
0:01:2 1022 2082 10100000 0006 0220 08 00 00 A0000000 00000000 10
0:06:0 1106 3053 02000096 0117 0210 08 40 00 0000E101 A0004000 11
0:07:0 1106 3053 02000096 0117 0210 08 40 00 0000E201 A0004100 05
0:08:0 1106 3053 02000096 0117 0210 08 40 00 0000E301 A0004200 09
0:09:0 1106 3053 02000096 0117 0210 08 40 00 0000E401 A0004300 12
0:14:0 104C AC23 06040002 0107 0210 08 40 01 00000000 00000000
0:20:0 1022 2090 06010003 0009 02A0 08 40 80 00006001 00006101
0:20:2 1022 209A 01018001 0005 02A0 08 00 00 00000000 00000000
0:21:0 1022 2094 0C031002 0006 0230 08 00 80 A0005000 00000000 15
0:21:1 1022 2095 0C032002 0006 0230 08 00 00 A0006000 00000000 15
1:00:0 100B 0020 02000000 0107 0290 00 40 00 0000D001 A4000000 10
1:01:0 100B 0020 02000000 0107 0290 00 40 00 0000D101 A4001000 07
1:02:0 100B 0020 02000000 0107 0290 00 40 00 0000D201 A4002000 10
1:03:0 100B 0020 02000000 0107 0290 00 40 00 0000D301 A4003000 07
4 Seconds to automatic boot. Press Ctrl-P for entering Monitor.
comBIOS Monitor. Press ? for help.
> ?
comBIOS Monitor Commands
boot [drive][:partition] INT19 Boot
reboot cold boot
download download a file using XMODEM/CRC
flashupdate update flash BIOS with downloaded file
time [HH:MM:SS] show or set time
date [YYYY/MM/DD] show or set date
d[b|w|d] [adr] dump memory bytes/words/dwords
e[b|w|d] adr value [...] enter bytes/words/dwords
i[b|w|d] port input from 8/16/32-bit port
o[b|w|d] port value output to 8/16/32-bit port
run adr execute code at adr
cmosread [adr] read CMOS RAM data
cmoswrite adr byte [...] write CMOS RAM data
cmoschecksum update CMOS RAM Checksum
set parameter=value set system parameter to value
show [parameter] show one or all system parameters
?/help show this help
Set date and time:
date 2008/05/16 22:42:15
Set new connection speed
set ConSpeed=57600
| Warning |
|---|---|
|
The minicom settings should also be adjusted (at next boot). |
Have the following DHCP snippet and restart the DHCP service:
group
{ # openbsd-clients
next-server 192.168.5.200;
filename "pxeboot_openbsd_43";
host soekris { hardware ethernet 00:00:24:XX:XX:XX ; fixed-address 192.168.23.65 ; option host-name "soekris"; } #
}# end group openbsd-clients
On the TFTP server, go into your TFTP directory and download a few files[29]:
cd /var/lib/tftpboot
wget http://osis.service.rug.nl/pub/os/bsd/openbsd/4.3/i386/pxeboot
mv pxeboot pxeboot_openbsd_43
wget http://osis.service.rug.nl/pub/os/bsd/openbsd/4.3/i386/bsd.rd
mv bsd.rd openbsd_43.rd
mkdir etc
cat <<EOF > etc/boot.conf
set tty com0
stty com0 57600
boot openbsd_43.rd
EOF
Boot the Soekris box into PXE:
boot f0
> boot f0
Intel UNDI, PXE-2.0 (build 082)
Copyright (C) 1997,1998,1999 Intel Corporation
VIA Rhine III Management Adapter v2.43 (2005/12/15)
CLIENT MAC ADDR: 00 00 24 CA 65 D4
CLIENT IP: 192.168.5.4 MASK: 255.255.255.0 DHCP IP: 192.168.5.200
GATEWAY IP: 192.168.5.251
probing: pc0 com0 com1 pxe![2.1] mem[639K 511M a20=on]
disk: hd0+*
net: mac 00:00:24:ca:65:d4, ip 192.168.5.4, server 192.168.5.200
>> OpenBSD/i386 PXEBOOT 2.02
switching console to com0
>> OpenBSD/i386 PXEBOOT 2.02
com0: changing speed to 57600 baud in 5 seconds, change your terminal to match!
com0: 57600 baud
booting tftp:openbsd_43.rd: 4780308+874136 [52+178240+163973]=0x5b821c
entry point at 0x200120
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California. All rights reserved.
Copyright (c) 1995-2008 OpenBSD. All rights reserved. http://www.OpenBSD.org
OpenBSD 4.3 (RAMDISK_CD) #645: Wed Mar 12 11:31:03 MDT 2008
deraadt@i386.openbsd.org:/usr/src/sys/arch/i386/compile/RAMDISK_CD
cpu0: Geode(TM) Integrated Processor by AMD PCS ("AuthenticAMD" 586-class) 500 MHz
cpu0: FPU,DE,PSE,TSC,MSR,CX8,SEP,PGE,CMOV,CFLUSH,MMX
real mem = 536440832 (511MB)
avail mem = 512524288 (488MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 20/70/03, BIOS32 rev. 0 @ 0xfac40
pcibios0 at bios0: rev 2.0 @ 0xf0000/0x10000
pcibios0: pcibios_get_intr_routing - function not supported
pcibios0: PCI IRQ Routing information unavailable.
pcibios0: PCI bus #1 is the last bus
bios0: ROM list: 0xc8000/0xa800
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 1 function 0 "AMD Geode LX" rev 0x31
"AMD Geode LX Crypto" rev 0x00 at pci0 dev 1 function 2 not configured
vr0 at pci0 dev 6 function 0 "VIA VT6105M RhineIII" rev 0x96: irq 11, address 00:00:24:ca:65:d4
ukphy0 at vr0 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034
vr1 at pci0 dev 7 function 0 "VIA VT6105M RhineIII" rev 0x96: irq 5, address 00:00:24:ca:65:d5
ukphy1 at vr1 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034
vr2 at pci0 dev 8 function 0 "VIA VT6105M RhineIII" rev 0x96: irq 9, address 00:00:24:ca:65:d6
ukphy2 at vr2 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034
vr3 at pci0 dev 9 function 0 "VIA VT6105M RhineIII" rev 0x96: irq 12, address 00:00:24:ca:65:d7
ukphy3 at vr3 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034
ppb0 at pci0 dev 14 function 0 "TI PCI2250 PCI-PCI" rev 0x02
pci1 at ppb0 bus 1
sis0 at pci1 dev 0 function 0 "NS DP83815 10/100" rev 0x00, DP83816A: irq 10, address 00:00:24:c9:b0:10
nsphyter0 at sis0 phy 0: DP83815 10/100 PHY, rev. 1
sis1 at pci1 dev 1 function 0 "NS DP83815 10/100" rev 0x00, DP83816A: irq 7, address 00:00:24:c9:b0:11
nsphyter1 at sis1 phy 0: DP83815 10/100 PHY, rev. 1
sis2 at pci1 dev 2 function 0 "NS DP83815 10/100" rev 0x00, DP83816A: irq 10, address 00:00:24:c9:b0:12
nsphyter2 at sis2 phy 0: DP83815 10/100 PHY, rev. 1
sis3 at pci1 dev 3 function 0 "NS DP83815 10/100" rev 0x00, DP83816A: irq 7, address 00:00:24:c9:b0:13
nsphyter3 at sis3 phy 0: DP83815 10/100 PHY, rev. 1
glxpcib0 at pci0 dev 20 function 0 "AMD CS5536 ISA" rev 0x03: rev 0, 32-bit 3579545Hz timer
pciide0 at pci0 dev 20 function 2 "AMD CS5536 IDE" rev 0x01: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility
wd0 at pciide0 channel 0 drive 0: <SanDisk SDCFH2-004G>
wd0: 4-sector PIO, LBA, 3919MB, 8027712 sectors
wd0(pciide0:0:0): using PIO mode 4, DMA mode 2
pciide0: channel 1 ignored (disabled)
ohci0 at pci0 dev 21 function 0 "AMD CS5536 USB" rev 0x02: irq 15, version 1.0, legacy support
ehci0 at pci0 dev 21 function 1 "AMD CS5536 USB" rev 0x02: irq 15
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 "AMD EHCI root hub" rev 2.00/1.00 addr 1
isa0 at glxpcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pccom0: console
pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
usb1 at ohci0: USB revision 1.0
uhub1 at usb1 "AMD OHCI root hub" rev 1.00/1.00 addr 1
biomask e145 netmask ffe5 ttymask ffe7
rd0: fixed, 3800 blocks
PXE boot MAC address 00:00:24:ca:65:d4, interface vr0
root on rd0a swap on rd0b dump on rd0b
erase ^?, werase ^W, kill ^U, intr ^C, status ^T
(I)nstall, (U)pgrade or (S)hell?
It is time to follow the steps in the installation manual.
adduser username
<snip>
# User privilege specification
root ALL=(ALL) SETENV: ALL
username ALL=(ALL) ALL
<snip>
Put in ~/.profile a stanza
PKGPATH=ftp://ftp.nluug.nl/pub/OpenBSD/4.3/packages/i386
export PKGPATH
and re-source the file:
. ~/.profile
![[Note]](include/images/admon/note.png) | Note |
|---|---|
|
Even though the OpenBSD documentation on the package management tools doesn't mention it, the ftp client does support HTTP.
So you can just fill in an http url in the |
sudo pkg_add -v syslog-ng-1.6.8
sudo pkg_add -v isc-dhcp-server-3.1.0
Edit /etc/hostname.vr1 to create a WAN NIC:
echo "dhcp NONE NONE NONE" > /etc/hostname.vr1
Edit /etc/hostname.vr2 to create a LAN for which this box will be the DHCP server:
net 10.0.12.1 255.255.255.0 NONE
Edit /etc/hostname.vr3 to create another LAN (e.g. the DMZ):
net 10.1.154.1 255.255.255.0 NONE
Make sure the SSH daemon doesn't listen on the WAN interfaces.
For now, make it listen on all LAN NICs, including the config NIC (later on we can remove all but the config NIC).
Add the following lines to /etc/ssh/sshd_config:
ListenAddress 10.0.12.1
ListenAddress 10.1.154.1
ListenAddress 192.168.5.4
The package isc-dhcpd-3.1.0 that we installed has not replaced the DHCP daemon executable /usr/sbin/dhcpd that was in the file set base43.tgz.
Instead, a new file /usr/local/sbin/dhcpd was added that contains the daemon we want to use.
Follow this tutorial to get it running, chrooted and all.
Fun! Now we have a perfectly chrooted DHCP server, but it won't pass the PXELinux options to the clients, so PXELinux loads the default config files.
That was not the idea.
This is a consequence of the patches OpenBSD applied to the daemon.
So we install another instance of OpenBSD (on a vritual machine, and this time with the compiler on it), and fetch the source of the ISC dhcp daemon.
This compiles without error, and we copy just the dhcpd binary to the router.
Now this of course doesn't support opening all files as root and then dropping privileges, so we leave the chroot out for the moment.
But is does support PXELinux all right.
Get the BIND source and unpack it:
ftp http://ftp.isc.org/isc/bind9/9.4.2/bind-9.4.2.tar.gz
tar zxf bind-9.4.2.tar.gz
Configure the installer:
./configure --with-libtool --with-openssl --enable-ipv6 --with-dlz-filesystem --with-dlz-stub
make
Since installation is fairly complex and I don't know how to log only the copy actions, I copy the entire tree to the target machine, and run make install there:
On the compiling machine:
tar cvzf /tmp/bind-9.4.2-compiled.tgz bind-9.4.2
scp /tmp/bind-9.4.2-compiled.tgz ordinaryuser@router:/tmp
On the router:
cd ~
tar zxvf /tmp/bind-9.4.2-compiled.tgz
cd bind-9.4.2/
sudo make install
rm -rf bind-9.4.2 /tmp/bind-9.4.2-compiled.tgz
sudo find /usr/local/sbin/ -type f -group wheel -exec chown root:bin {} \;
| Warning |
|---|---|
|
It is imperative that the path on the target machine where sudo make install is to run is identical to the path on the build machine where make has run. |