documentation:end-users_docs
Differences
This shows you the differences between two versions of the page.
Previous revision | |||
— | documentation:end-users_docs [2021/02/23 12:01] (current) – [Installation] olivier | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== User Guide ====== | ||
+ | |||
+ | {{description> | ||
+ | ===== Hardware Compatibility List ===== | ||
+ | |||
+ | For BSDRP you need: | ||
+ | * a 2GB flash disk (Compact Flash, USB stick, mSATA flash module, etc.). | ||
+ | * a minimum of 512MB RAM. | ||
+ | |||
+ | [[https:// | ||
+ | |||
+ | Wireless, PCMCIA cards, SCSI adapters, USB printer, fire wire, etc. drivers were removed from the FreeBSD kernel. | ||
+ | |||
+ | ===== Filename convention ===== | ||
+ | |||
+ | The BSDRP images use this filename convention: | ||
+ | |||
+ | BSDRP_// | ||
+ | |||
+ | The value //image type// can be: | ||
+ | * full : To be used for installing BSDRP. This image contain full BSDRP filesystem (bootloader, | ||
+ | * upgrade : To be used for upgrading BSDRP. This image contain only one system partition. | ||
+ | |||
+ | The value //arch// can be: | ||
+ | * i386 : for i486, i586 and i686 CPU | ||
+ | * amd64 : for all x86-64 CPU (amd64 or intel 64) | ||
+ | |||
+ | The value //console// can be: | ||
+ | * vga: To be used with a vga card and keyboard as default console (but it's still possible to connect to the serial port) | ||
+ | * serial: For headless use, use only serial port as default console | ||
+ | |||
+ | Examples: | ||
+ | * BSDRP_0.3_full_i386_vga.img, | ||
+ | * BSDRP_0.3_upgrade_amd64_serial.img, | ||
+ | |||
+ | The *.mtree.xz files are used for system integrity check. | ||
+ | |||
+ | ===== Installation ===== | ||
+ | === To a flash media (CF/USB) === | ||
+ | |||
+ | == Windows users == | ||
+ | |||
+ | Here are the 2 steps for writing the image to a CF/USB removable media: | ||
+ | - Decompress the BSDRP image file [[http:// | ||
+ | - Use [[http:// | ||
+ | |||
+ | == *BSD or Linux users == | ||
+ | |||
+ | Connect your Compact Flash or USB disk and write down the device name (can be ' | ||
+ | |||
+ | Then unzip the file and byte copy it to your drive (**Warning: Double check that you had choosen the good destination disk!!!**): | ||
+ | < | ||
+ | xzcat BSDRP_full_amd64_vga.1.0.img.xz | dd of=/dev/sd4 bs=256k | ||
+ | </ | ||
+ | |||
+ | You can boot from this media now. | ||
+ | |||
+ | == Mac OS X users == | ||
+ | |||
+ | Insert the USB key, and display list of external devices: | ||
+ | |||
+ | < | ||
+ | % diskutil list | grep external | ||
+ | /dev/disk3 (external, physical): | ||
+ | </ | ||
+ | |||
+ | Check if it is already mounted | ||
+ | |||
+ | < | ||
+ | % mount | grep '/ | ||
+ | / | ||
+ | devfs on /dev (devfs, local) | ||
+ | fdesc on /dev (fdesc, union) | ||
+ | map -hosts on /net (autofs, automounted) | ||
+ | map auto_home on /home (autofs, automounted) | ||
+ | / | ||
+ | </ | ||
+ | The last line is your USB device. Unmount it and write the BSDRP image to the device adding the ' | ||
+ | < | ||
+ | sudo umount -f / | ||
+ | xzcat BSDRP_full_amd64_vga.1.0.img.xz | sudo dd of=/ | ||
+ | </ | ||
+ | If successful, OSX will pop up an error dialog telling you it doesn' | ||
+ | |||
+ | === To an hard drive === | ||
+ | |||
+ | Boot BSDRP from the previously generated usb key, then from BSDRP, display the BSDRP system diskname: | ||
+ | |||
+ | < | ||
+ | [root@router]~# | ||
+ | | ||
+ | | ||
+ | ufs/ | ||
+ | </ | ||
+ | |||
+ | => On this example BSDRP is on disk da1 (USB key) | ||
+ | |||
+ | Display all the system disks: | ||
+ | < | ||
+ | [root@router]# | ||
+ | kern.disks: da1 da0 ada0 | ||
+ | </ | ||
+ | |||
+ | => On this example, because da1 is the BSDRP disk, ada0 is the hard-drive where we want install BSDRP. | ||
+ | |||
+ | Then copy the BSDRP disk to the hard-drive: | ||
+ | |||
+ | < | ||
+ | [root@router]# | ||
+ | Copying 487MB from da1 to ada0... | ||
+ | 487+0 records in | ||
+ | 487+0 records out | ||
+ | 510656512 bytes transferred in 30.351293 secs (16824868 bytes/sec) | ||
+ | </ | ||
+ | |||
+ | Reboot your system (and don't forget to remove the USB key). | ||
+ | |||
+ | Once rebooted from your hard drive, you can expand the /data slice for using all the free space: | ||
+ | < | ||
+ | system expand-data-slice | ||
+ | </ | ||
+ | |||
+ | === Special notes for PC-Engines === | ||
+ | |||
+ | == Alix platform == | ||
+ | |||
+ | You need to use [[http:// | ||
+ | |||
+ | ===== Quick start ===== | ||
+ | |||
+ | Login as root with no password. | ||
+ | |||
+ | If you are using the serial version, serial port parameters are: 115200, | ||
+ | |||
+ | Start by using the help: | ||
+ | < | ||
+ | help | ||
+ | </ | ||
+ | |||
+ | Create a password for root (mandatory for SSH): | ||
+ | < | ||
+ | passwd | ||
+ | </ | ||
+ | |||
+ | For a routing protocol daemons, you have choice between bird or FRRouting (Quaga fork). | ||
+ | |||
+ | As an example, for starting FRR and enter into its cli mode: | ||
+ | < | ||
+ | sysrc frr_enable=yes | ||
+ | service frr start | ||
+ | cli | ||
+ | </ | ||
+ | Do your frr configuration, | ||
+ | < | ||
+ | wr | ||
+ | exit | ||
+ | </ | ||
+ | |||
+ | Then save all changes (you can avoid this by enabling autosave feature): | ||
+ | < | ||
+ | config save | ||
+ | </ | ||
+ | ===== Configuration files ===== | ||
+ | |||
+ | All modifications done in configuration files (/etc/*, / | ||
+ | |||
+ | Use the config command for saving configuration: | ||
+ | |||
+ | < | ||
+ | [root@R1]~# | ||
+ | BSD Router Project configuration tool | ||
+ | Usage: / | ||
+ | - diff : Show diff between current and saved config | ||
+ | - save : Save current config | ||
+ | - apply : Apply current config | ||
+ | - rollback : Revert to previous config | ||
+ | - put : Put the saved config to a remote server | ||
+ | - get : Get config from remote server | ||
+ | - reset : Return to default configuration | ||
+ | - help (h) [option] | ||
+ | If [option] given, display more detail about the option | ||
+ | </ | ||
+ | < | ||
+ | Don't modify / | ||
+ | </ | ||
+ | |||
+ | ===== Upgrading examples ===== | ||
+ | |||
+ | ==== From BSDRP directly ==== | ||
+ | |||
+ | === HTTP/FTP fetch without checking SHA256 ==== | ||
+ | |||
+ | Directly download and send output to xzcat+upgrade: | ||
+ | |||
+ | < | ||
+ | fetch ' | ||
+ | </ | ||
+ | |||
+ | Real example to upgrade to 1.96: | ||
+ | < | ||
+ | fetch ' | ||
+ | </ | ||
+ | |||
+ | === SSH fetch without checking SHA256 ==== | ||
+ | |||
+ | Same than previously, but using SSH: | ||
+ | < | ||
+ | ssh my-user@my-ssh-server cat / | ||
+ | </ | ||
+ | |||
+ | === Using a SCP Client or fetching upgrade file from BSDRP === | ||
+ | |||
+ | This method required: | ||
+ | * A minimum of 60MB of free RAM on your BSDRP (mem_avail value in the "show mem" output) | ||
+ | * One of this: | ||
+ | * Sending the upgrade file + sha256 with a SCP client ([[http:// | ||
+ | * Or downloading upgrade file directly from BSDRP | ||
+ | |||
+ | Resume: | ||
+ | - Create a TMPFS (RAM disk) directory | ||
+ | - Transfer BSDRP image upgrade file + sha256 on the ram disk using the SCP client or download the image directly | ||
+ | - Check SHA256 | ||
+ | - Upgrade the system | ||
+ | |||
+ | Step 1: Creating the ram disk | ||
+ | |||
+ | On BSDRP, enter theses commands for creating a RAM drive: | ||
+ | |||
+ | < | ||
+ | mount -t tmpfs tmpfs /mnt/ | ||
+ | </ | ||
+ | |||
+ | Step 2: Transferring image file + sha256 in the temporary RAM drive | ||
+ | |||
+ | Using your SCP client, send the BSDRP upgrade image to the router' | ||
+ | |||
+ | Or download them from BSDRP: | ||
+ | < | ||
+ | cd /mnt | ||
+ | fetch URL/ | ||
+ | fetch URL/ | ||
+ | </ | ||
+ | |||
+ | Step 3: After transfer complete, On BSDRP, enter this command: | ||
+ | |||
+ | < | ||
+ | sha256 -c `cat BSDRP-upgrade.image.sha256 | cut -d ' ' -f 4` BSDRP-upgrade.image.xz && echo " | ||
+ | xzcat / | ||
+ | umount /mnt | ||
+ | </ | ||
+ | |||
+ | ==== From a *nix server ==== | ||
+ | |||
+ | This method required a SSH client (all Linux/Unix should include it). | ||
+ | |||
+ | From the client, enter this command: | ||
+ | < | ||
+ | cat BSDRP_1.2_upgrade_amd64_vga.img.xz | ssh root@a.b.c.d "xzcat | upgrade" | ||
+ | </ | ||
+ | |||
+ | ===== Security ===== | ||
+ | |||
+ | ==== SSH access ==== | ||
+ | |||
+ | SSH access with the root user is not available by default: You need to set-up a password for the root account before with the **passwd** command. | ||
+ | |||
+ | Example: | ||
+ | < | ||
+ | [root@R1]~# passwd | ||
+ | Changing local password for root | ||
+ | New Password: XXXXXXXX | ||
+ | Retype New Password: XXXXXXXX | ||
+ | </ | ||
+ | |||
+ | ==== System integrity check ==== | ||
+ | |||
+ | [[: | ||
+ | |||
+ | You can check your BSDRP system integrity using these references files by downloading the corresponding file into your router and using " | ||
+ | |||
+ | As example, if you are using 0.35 amd64-serial release, from your BSDRP router (if it had DNS resolution and Internet access configured): | ||
+ | < | ||
+ | cd /tmp | ||
+ | fetch http:// | ||
+ | system integrity BSDRP_0.35_amd64_serial.mtree.xz | ||
+ | </ | ||
+ | |||
+ | ===== System Management ===== | ||
+ | |||
+ | ==== autosave configuration ==== | ||
+ | |||
+ | All modifications in configuration files done into /etc and / | ||
+ | |||
+ | You can enable service autosave for automatically issue command " | ||
+ | |||
+ | < | ||
+ | sysrc autosave_enable=yes | ||
+ | service autosave start | ||
+ | </ | ||
+ | ==== Serial port ==== | ||
+ | |||
+ | === Enabling dual console vga/serial === | ||
+ | |||
+ | If you are using the vga release of BSDRP, you can enable the serial access (COM1) with the command | ||
+ | < | ||
+ | system dual-console | ||
+ | </ | ||
+ | |||
+ | === baud rate === | ||
+ | |||
+ | Serial port baud rate need to be modified in 2 different files: | ||
+ | * / | ||
+ | * /etc/ttys | ||
+ | |||
+ | For modifying the / | ||
+ | < | ||
+ | mount -uw / | ||
+ | </ | ||
+ | |||
+ | Change the speeed value just after the " | ||
+ | |||
+ | Check that you didn't have legacy values (boot_serial, | ||
+ | |||
+ | Once done, mount RO /: | ||
+ | < | ||
+ | mount -ur / | ||
+ | </ | ||
+ | |||
+ | Then edit etc/ttys and change the baud rate in line ttyu0 (if you need to change the first serial port). | ||
+ | |||
+ | === Changing the default serial port used for console === | ||
+ | |||
+ | If you need to change the default serial port to use for console (like Supermicro that use COM2 for sol): | ||
+ | * Start by displaying the list of available serial ports | ||
+ | * Then change the value in / | ||
+ | < | ||
+ | root@bsdrp# grep uart / | ||
+ | uart0: <16550 or compatible> | ||
+ | uart0: console (38400, | ||
+ | uart1: <16550 or compatible> | ||
+ | root@bsdrp# mount -uw / | ||
+ | root@bsdrp# echo ' | ||
+ | root@bsdrp# mount -ur / | ||
+ | </ | ||
+ | ==== IPMI ==== | ||
+ | |||
+ | If you need to configure the local IPMI board, you have to load the IPMI drivers. | ||
+ | |||
+ | Edit / | ||
+ | < | ||
+ | kld_list=' | ||
+ | </ | ||
+ | |||
+ | You can load it from the shell too: | ||
+ | < | ||
+ | kldload ipmi | ||
+ | </ | ||
+ | |||
+ | Then you can use [[http:// | ||
+ | |||
+ | For connecting with IPMI to serial port with IPMI SOL (Serial over lAN) from a remote machine, change the baud-rate of the serial line to 115200 and to connect to it (example with default password for IBM x3550): | ||
+ | < | ||
+ | ipmitool -H 192.168.1.11 -U USERID -P PASSW0RD sol set non-volatile-bit-rate 115.2 | ||
+ | ipmitool -H 192.168.1.11 -U USERID -P PASSW0RD sol set volatile-bit-rate 115.2 | ||
+ | ipmitool -H 192.168.1.11 -U USERID -P PASSW0RD -I lanplus -a sol activate | ||
+ | </ | ||
+ | ==== Watchdog ==== | ||
+ | |||
+ | Add to / | ||
+ | < | ||
+ | # Load Intel ICH watchdog interrupt timer driver | ||
+ | kld_list=' | ||
+ | # Start watchdogd dameon | ||
+ | watchdogd_enable=" | ||
+ | </ | ||
+ | |||
+ | And start it: | ||
+ | < | ||
+ | kldload ichwd | ||
+ | service watchdogd start | ||
+ | </ | ||
+ | |||
+ | If you already load ipmi module, watchdogd can use IPMI in place of ichwd. | ||
+ | |||
+ | ==== SNMP ==== | ||
+ | |||
+ | Enable bsdnmpd: | ||
+ | < | ||
+ | sysrc bsnmpd_enable=YES | ||
+ | </ | ||
+ | |||
+ | Edit / | ||
+ | |||
+ | < | ||
+ | service bsnmpd start | ||
+ | </ | ||
+ | |||
+ | Then you can check it locally (it uses public as default snmp community): | ||
+ | < | ||
+ | [root@BSDRP]~# | ||
+ | sysDescr.0 = router.bsdrp.net 2059309898 FreeBSD 9.1-RELEASE-p1 | ||
+ | </ | ||
+ | ==== Syslog ==== | ||
+ | |||
+ | For generating syslog message, just edit / | ||
+ | < | ||
+ | # uncomment this to enable logging to a remote loghost named loghost | ||
+ | #*.* @loghost | ||
+ | </ | ||
+ | |||
+ | Then restart syslogd: | ||
+ | |||
+ | < | ||
+ | service syslogd restart | ||
+ | </ | ||
+ | |||
+ | < | ||
+ | BSDRP v1.4 and earlier have a default configuration that prevent remote syslog. This behavior can be changed by editing / | ||
+ | </ | ||
+ | |||
+ | ==== Firmware Upgrade ==== | ||
+ | |||
+ | === Mellanox === | ||
+ | |||
+ | Stat by identifying your NIC ID: | ||
+ | < | ||
+ | # mstfwmanager | ||
+ | Querying Mellanox devices firmware ... | ||
+ | |||
+ | Device #1: | ||
+ | ---------- | ||
+ | |||
+ | Device Type: ConnectX4 | ||
+ | Part Number: | ||
+ | Description: | ||
+ | PSID: | ||
+ | PCI Device Name: pci0:2:0:0 | ||
+ | Base GUID: e41d2d0300fdbd90 | ||
+ | Base MAC: | ||
+ | Versions: | ||
+ | | ||
+ | | ||
+ | | ||
+ | |||
+ | Status: | ||
+ | </ | ||
+ | |||
+ | Then go to the [[https:// | ||
+ | |||
+ | < | ||
+ | # mount /data | ||
+ | # cd /data | ||
+ | # fetch http:// | ||
+ | # unzip fw-ConnectX4-rel-12_26_4012-MCX416A-CCA_Ax-UEFI-14.19.17-FlexBoot-3.5.805.bin.zip | ||
+ | # mstfwmanager -u -i fw-ConnectX4-rel-12_26_4012-MCX416A-CCA_Ax-UEFI-14.19.17-FlexBoot-3.5.805.bin | ||
+ | Querying Mellanox devices firmware ... | ||
+ | |||
+ | Device #1: | ||
+ | ---------- | ||
+ | |||
+ | Device Type: ConnectX4 | ||
+ | Part Number: | ||
+ | Description: | ||
+ | PSID: | ||
+ | PCI Device Name: pci0:2:0:0 | ||
+ | Base GUID: e41d2d0300fdbd90 | ||
+ | Base MAC: | ||
+ | Versions: | ||
+ | | ||
+ | | ||
+ | | ||
+ | |||
+ | Status: | ||
+ | |||
+ | --------- | ||
+ | Found 1 device(s) requiring firmware update... | ||
+ | |||
+ | Perform FW update? [y/N]: y | ||
+ | Device #1: Updating FW ... | ||
+ | Initializing image partition - OK | ||
+ | Writing Boot image component - OK | ||
+ | Done | ||
+ | |||
+ | Restart needed for updates to take effect. | ||
+ | </ | ||
+ | |||
+ | |||
+ | |||
+ | ===== Debugging ===== | ||
+ | |||
+ | ==== Enabling crash dump ==== | ||
+ | |||
+ | === Local swap dump device === | ||
+ | |||
+ | For saving and extracting a crash dump you need: | ||
+ | * A swap partition with same size as your RAM size (will store the raw RAM dump) | ||
+ | * A data partition with same size as your RAM size (for storing the extracted dump) | ||
+ | |||
+ | For enabling crash dump, the steps are: | ||
+ | - Configure a dump device that will be used for storing memory dump (can be an external USB key) | ||
+ | - Increase size of /data for being able to store the memory dump | ||
+ | - Configure to mount /data automatically (because next step needs it) | ||
+ | - Configure to store dump into /data | ||
+ | |||
+ | Here is an an example when we split data partition 4 in 2 BSD partitions: | ||
+ | * One as swap | ||
+ | * One as /data | ||
+ | |||
+ | But if you can plug an USB key with a size=RAM size, you can avoid to expand your partition 4 and just using this device. | ||
+ | |||
+ | Step to follows: | ||
+ | - Delete partition 4 (/data) | ||
+ | - Recreate partition 4 using full disk space | ||
+ | - Create 2 BSD partitions in this new large partition 4: | ||
+ | * partition s4a (4.2BSD) with a size= RAM size | ||
+ | * partition s4b (swap) with a size= RAM size | ||
+ | - Format s4a in UFS and enable dumpon on the swap | ||
+ | |||
+ | Then we destroy the default small partition 4, and re-create a new one that will use the full disk size, and create BSD-partition inside it (MBR partition scheme allow only 4 partitions, then we're using sub-partition in BSD mode): | ||
+ | |||
+ | < | ||
+ | gpart delete -i 4 da0 | ||
+ | gpart add -t freebsd da0 | ||
+ | bsdlabel -w /dev/da0s4 | ||
+ | </ | ||
+ | |||
+ | Now start the BSD partition editor: | ||
+ | < | ||
+ | bsdlabel -e /dev/da0s4 | ||
+ | </ | ||
+ | |||
+ | and replace these lines: | ||
+ | < | ||
+ | # /dev/da0s4: | ||
+ | 8 partitions: | ||
+ | # size | ||
+ | a: 284191428 | ||
+ | c: 284191428 | ||
+ | </ | ||
+ | |||
+ | by this one (size and fstype of line a: and b: modified, ' | ||
+ | |||
+ | < | ||
+ | # /dev/da0s4: | ||
+ | 8 partitions: | ||
+ | # size | ||
+ | a: | ||
+ | b: | ||
+ | c: 284191428 | ||
+ | </ | ||
+ | |||
+ | Then quit the editor (:x) and format partition a (/data): | ||
+ | < | ||
+ | newfs -UjL BSDRPs4 /dev/da0s4a | ||
+ | sysrc dumpdev="/ | ||
+ | sysrc dumpdir="/ | ||
+ | sysrc dumpon_flags=" | ||
+ | sysrc savecore_enable=YES | ||
+ | sed -i "" | ||
+ | mount /data | ||
+ | mkdir /data/crash | ||
+ | chmod 700 /data/crash | ||
+ | config save | ||
+ | service dumpon start | ||
+ | </ | ||
+ | |||
+ | Now, during a crash it will wrote the core dump to : | ||
+ | |||
+ | < | ||
+ | #14 0xffffffff8096c34a at taskqueue_run_locked+0x14a | ||
+ | #15 0xffffffff8096d258 at taskqueue_thread_loop+0xe8 | ||
+ | #16 0xffffffff808d4495 at fork_exit+0x85 | ||
+ | #17 0xffffffff80d1b30e at fork_trampoline+0xe | ||
+ | Uptime: 3m10s | ||
+ | Dumping 1112 out of 16325 MB: | ||
+ | Dump complete | ||
+ | </ | ||
+ | |||
+ | And after a reboot it will automatically extract the dump from dumpdevice and store it to / | ||
+ | |||
+ | < | ||
+ | [root@router]~# | ||
+ | total 100456 | ||
+ | -rw-r--r-- | ||
+ | -rw------- | ||
+ | lrwxr-xr-x | ||
+ | -rw------- | ||
+ | lrwxr-xr-x | ||
+ | </ | ||
+ | |||
+ | === netdump === | ||
+ | |||
+ | In case where you didn't have enough disk space to localy store dump, you can use netdump(4). | ||
+ | |||
+ | On the receiving FreeBSD server (not your router): | ||
+ | < | ||
+ | pkg install netdumpd | ||
+ | service netdumpd enable | ||
+ | service netdumpd start | ||
+ | </ | ||
+ | |||
+ | Then on your router, declare source interface to use, source IP address, gateway | ||
+ | < | ||
+ | sysrc dumpdev=igb1 | ||
+ | sysrc dumpon_flags=" | ||
+ | </ | ||
+ | |||
+ | and enable it: | ||
+ | |||
+ | < | ||
+ | # service dumpon restart | ||
+ | kernel dumps on priority: device | ||
+ | 0: /dev/null | ||
+ | server address: 198.19.0.24 | ||
+ | client address: 192.168.1.10 | ||
+ | gateway address: 192.168.1.254 | ||
+ | </ | ||
+ | ==== Installing debug symbols ==== | ||
+ | Symbol files of kernel and binary are available in the separate DEBUG archive file. | ||
+ | It needs: | ||
+ | - Either 1Gbs of Free RAM for creating a large tmpfs or 1Gbs of free space in /data (use " | ||
+ | - The debug tar file needs to being extracted in /data/ (there is already a symlink from / | ||
+ | |||
+ | Here in an example, by starting expanding the data slice: | ||
+ | < | ||
+ | [root@router]~# | ||
+ | There is (1.0G) available on your disk that can be use for /data | ||
+ | Are you sure to repartition your disk ? (y/n)y | ||
+ | (etc.) | ||
+ | Done | ||
+ | [root@router]~# | ||
+ | [root@router]~# | ||
+ | Filesystem | ||
+ | / | ||
+ | [root@router]~# | ||
+ | </ | ||
+ | |||
+ | ==== Analysing core dump ==== | ||
+ | |||
+ | You need to install debug symbols first, then: | ||
+ | < | ||
+ | kgdb / | ||
+ | </ | ||
+ | |||
+ | < | ||
+ | GNU gdb 6.1.1 [FreeBSD] | ||
+ | Copyright 2004 Free Software Foundation, Inc. | ||
+ | GDB is free software, covered by the GNU General Public License, and you are | ||
+ | welcome to change it and/or distribute copies of it under certain conditions. | ||
+ | Type "show copying" | ||
+ | There is absolutely no warranty for GDB. Type "show warranty" | ||
+ | This GDB was configured as " | ||
+ | |||
+ | Unread portion of the kernel message buffer: | ||
+ | |||
+ | |||
+ | Fatal trap 12: page fault while in kernel mode | ||
+ | cpuid = 7; apic id = 0e | ||
+ | fault virtual address | ||
+ | fault code = supervisor write data, page not present | ||
+ | instruction pointer | ||
+ | stack pointer | ||
+ | frame pointer | ||
+ | code segment | ||
+ | = DPL 0, pres 1, long 1, def32 0, gran 1 | ||
+ | processor eflags | ||
+ | current process | ||
+ | trap number | ||
+ | panic: page fault | ||
+ | cpuid = 7 | ||
+ | KDB: stack backtrace: | ||
+ | #0 0xffffffff80971167 at kdb_backtrace+0x67 | ||
+ | #1 0xffffffff80929b72 at vpanic+0x182 | ||
+ | #2 0xffffffff809299e3 at panic+0x43 | ||
+ | #3 0xffffffff80d56e84 at trap_fatal+0x324 | ||
+ | #4 0xffffffff80d57083 at trap_pfault+0x1e3 | ||
+ | #5 0xffffffff80d56683 at trap+0x273 | ||
+ | #6 0xffffffff80d39261 at calltrap+0x8 | ||
+ | #7 0xffffffff8047c664 at cxgbe_netmap_reg+0x2f4 | ||
+ | #8 0xffffffff8063d48c at netmap_hw_reg+0x2c | ||
+ | #9 0xffffffff8063a93b at netmap_do_regif+0x2ab | ||
+ | #10 0xffffffff8063b564 at netmap_ioctl+0xba4 | ||
+ | #11 0xffffffff8063f14e at freebsd_netmap_ioctl+0x3e | ||
+ | #12 0xffffffff8085e47c at devfs_ioctl+0xac | ||
+ | #13 0xffffffff80eee78d at VOP_IOCTL_APV+0x8d | ||
+ | #14 0xffffffff80a08901 at vn_ioctl+0x131 | ||
+ | #15 0xffffffff8085ecdf at devfs_ioctl_f+0x1f | ||
+ | #16 0xffffffff8098ed7b at kern_ioctl+0x29b | ||
+ | #17 0xffffffff8098ea71 at sys_ioctl+0x171 | ||
+ | Uptime: 4m41s | ||
+ | Dumping 1112 out of 16325 MB: | ||
+ | |||
+ | #0 doadump (textdump=< | ||
+ | 222 | ||
+ | in pcpu.h | ||
+ | |||
+ | (kgdb) backtrace | ||
+ | #0 doadump (textdump=< | ||
+ | #1 0xffffffff809295f9 in kern_reboot (howto=260) at / | ||
+ | #2 0xffffffff80929bab in vpanic (fmt=< | ||
+ | #3 0xffffffff809299e3 in panic (fmt=0x0) at / | ||
+ | #4 0xffffffff80d56e84 in trap_fatal (frame=0xfffffe0466ba6120, | ||
+ | #5 0xffffffff80d57083 in trap_pfault (frame=0xfffffe0466ba6120, | ||
+ | #6 0xffffffff80d56683 in trap (frame=0xfffffe0466ba6120) at / | ||
+ | #7 0xffffffff80d39261 in calltrap () at / | ||
+ | #8 0xffffffff80d5480e in bzero () at / | ||
+ | #9 0xffffffff8047c664 in cxgbe_netmap_reg (na=< | ||
+ | #10 0xffffffff8063d48c in netmap_hw_reg (na=0xfffff800055ba400, | ||
+ | #11 0xffffffff8063a93b in netmap_do_regif (priv=< | ||
+ | at / | ||
+ | #12 0xffffffff8063b564 in netmap_ioctl (priv=< | ||
+ | at / | ||
+ | #13 0xffffffff8063f14e in freebsd_netmap_ioctl (dev=< | ||
+ | td=0xfffff8001509a500) at / | ||
+ | #14 0xffffffff8085e47c in devfs_ioctl (ap=< | ||
+ | #15 0xffffffff80eee78d in VOP_IOCTL_APV (vop=< | ||
+ | #16 0xffffffff80a08901 in vn_ioctl (fp=0xfffff80015191f00, | ||
+ | #17 0xffffffff8085ecdf in devfs_ioctl_f (fp=0x0, com=131072, data=0x0, cred=0x4000, | ||
+ | at / | ||
+ | #18 0xffffffff8098ed7b in kern_ioctl (td=< | ||
+ | #19 0xffffffff8098ea71 in sys_ioctl (td=0xfffff8001509a500, | ||
+ | #20 0xffffffff80d57825 in amd64_syscall (td=< | ||
+ | #21 0xffffffff80d3954b in Xfast_syscall () at / | ||
+ | #22 0x000000080100e5ca in ?? () | ||
+ | Previous frame inner to this frame (corrupt stack?) | ||
+ | Current language: | ||
+ | |||
+ | </ | ||
+ | |||
+ | ==== Generate a panic on a hang/freeze system ==== | ||
+ | |||
+ | If your system didn't panic but freeze, you can generate a panic by sending a Non Maskable Interupt (NMI) by IPMI (chassis power diag). | ||
+ | < | ||
+ | ipmitool -I lanplus -H SERVER -U USER -P PASSWORD chassis power diag | ||
+ | </ | ||
+ | |||
+ | ==== Kernel live debugging ==== | ||
+ | |||
+ | You need to install debug symbols first, then: | ||
+ | |||
+ | < | ||
+ | [root@router]~# | ||
+ | GNU gdb 6.1.1 [FreeBSD] | ||
+ | Copyright 2004 Free Software Foundation, Inc. | ||
+ | GDB is free software, covered by the GNU General Public License, and you are | ||
+ | welcome to change it and/or distribute copies of it under certain conditions. | ||
+ | Type "show copying" | ||
+ | There is absolutely no warranty for GDB. Type "show warranty" | ||
+ | This GDB was configured as " | ||
+ | Reading symbols from / | ||
+ | done. | ||
+ | Loaded symbols for / | ||
+ | #0 sched_switch (td=0xffffffff8156b140, | ||
+ | flags=< | ||
+ | at / | ||
+ | 1945 / | ||
+ | in / | ||
+ | (kgdb) ptype ifindex_table[5]-> | ||
+ | type = struct ifnet { | ||
+ | void *if_softc; | ||
+ | void *if_l2com; | ||
+ | struct vnet *if_vnet; | ||
+ | struct { | ||
+ | struct ifnet *tqe_next; | ||
+ | struct ifnet **tqe_prev; | ||
+ | } if_link; | ||
+ | char if_xname[16]; | ||
+ | const char *if_dname; | ||
+ | int if_dunit; | ||
+ | u_int if_refcount; | ||
+ | struct ifaddrhead if_addrhead; | ||
+ | int if_pcount; | ||
+ | struct carp_if *if_carp; | ||
+ | struct bpf_if *if_bpf; | ||
+ | u_short if_index; | ||
+ | short if_index_reserved; | ||
+ | struct ifvlantrunk *if_vlantrunk; | ||
+ | int if_flags; | ||
+ | int if_capabilities; | ||
+ | int if_capenable; | ||
+ | void *if_linkmib; | ||
+ | ---Type < | ||
+ | Quit | ||
+ | (kgdb) | ||
+ | |||
+ | </ | ||
+ | ===== Going further ===== | ||
+ | |||
+ | BSDRP is a FreeBSD, then you need to read how to configure a FreeBSD for using it. | ||
+ | |||
+ | Here is a list of useful documentations: | ||
+ | * [[Documentation: | ||
+ | * [[http:// | ||
+ | * [[http:// | ||
+ | * [[http:// | ||
+ | * [[http:// | ||
+ | * [[http:// | ||
+ | * [[http:// | ||
+ | * [[http:// | ||
+ | * [[https:// | ||
+ | * [[http:// | ||
+ | ===== Advanced customization ===== | ||
+ | |||
+ | ==== Scripts ==== | ||
+ | |||
+ | The root filesystem is in read-only mode, then you can't modify or create your own script on it. | ||
+ | |||
+ | For modify the existing script (don't forget to send us your improvement), | ||
+ | Here is an example for customizing the config script: | ||
+ | < | ||
+ | mount /data | ||
+ | cp / | ||
+ | vi / | ||
+ | </ | ||
+ | Now you can add your great patches to config script. | ||
+ | And test it: | ||
+ | < | ||
+ | sh / | ||
+ | </ | ||
+ | Then, don't forget to umount the /data partition: | ||
+ | < | ||
+ | umount /data | ||
+ | </ | ||
+ | |||
+ | ==== System ==== | ||
+ | |||
+ | You can modify the full filesystem by re-mount the active slice in read-write mode: | ||
+ | < | ||
+ | mount -uw / | ||
+ | </ | ||
+ | |||
+ | Now you can modify all files or removing/ | ||
+ | |||
+ | Here is how to remove ucarp as example: | ||
+ | < | ||
+ | [root@router]~# | ||
+ | ucarp-1.5.2.20171201 | ||
+ | [root@router]~# | ||
+ | Checking integrity... done (0 conflicting) | ||
+ | Deinstallation has been requested for the following 1 packages (of 0 packages in the universe): | ||
+ | |||
+ | Installed packages to be REMOVED: | ||
+ | ucarp-1.5.2.20171201 | ||
+ | |||
+ | Number of packages to be removed: 1 | ||
+ | |||
+ | Proceed with deinstalling packages? [y/N]: y | ||
+ | [1/1] Deinstalling ucarp-1.5.2.20171201... | ||
+ | [1/1] Deleting files for ucarp-1.5.2.20171201: | ||
+ | pkg: / | ||
+ | [1/1] Deleting files for ucarp-1.5.2.20171201: | ||
+ | </ | ||
+ | After your changes, re-mount it in read-only mode: | ||
+ | |||
+ | < | ||
+ | mount -ur / | ||
+ | </ | ||
+ | |||
+ | <note warning> | ||
+ | But warning: All your changes (with the exception of / | ||
+ | </ | ||
+ | |||
+ | ===== Improving forwarding speed ==== | ||
+ | |||
+ | Check the [[Documentation: | ||