USB 3.1 Type-C to RJ45 Gigabit Ethernet adapter
The Amazon Basics Aluminum USB 3.1 Type-C to RJ45 Gigabit Ethernet Adapter works well with FreeBSD 14.1-RELEASE. It uses the
Install the ports tree
Source: Chapter 4. Installing Applications: Packages and Ports | FreeBSD Documentation Portal
Ensure the FreeBSD source code is checked out
sudo git clone -o freebsd -b releng/14.1 https://git.FreeBSD.org/src.git /usr/srcCheck out the ports tree
sudo git clone --depth 1 https://git.FreeBSD.org/ports.git -b 2024Q3 /usr/portsTo switch to a different quarterly branch:
sudo git -C /usr/ports switch 2024Q4drm-61-kmod
Install from the ports tree.
cd /usr/ports/graphics/drm-61-kmod
sudo make install cleanAlternatively, for Alderlake GPUs:
sudo pkg install drm-kmodEdit /etc/rc.conf
kld_list="i915kms"Add user to video group:
sudo pw groupmod video -m jasMount filesystems in single-user mode
When booted into single-user mode.
fsck
mount -u /
mount -a -t zfs
zfs mount -aYou should now be able to edit files, add/remove packages, etc.
Mount encrypted zroot in LiveCD
Boot into the LiveCD environment.
mkdir /tmp/mnt
geli attach /dev/nda0p4
zpool import -f -R /tmp/mnt zroot
zfs mount zroot/ROOT/defaultThe root directory of the zroot, zroot/ROOT/default, is labeled to not be automounted when imported, hence the need for the last command.
== Setup Podman (FreeBSD >= 14) ==
The following is a condensed version of the guide found at CloudSpinx: Install Podman and run Containers in FreeBSD 14.
sudo pkg install podman-suite
sudo mount -t fdescfs fdesc /dev/fdAdd the following line to /etc/fstab:
fdesc /dev/fd fdescfs rw 0 0Enable the Podman service.
sudo sysrc podman_enable="YES"Container networking requires a NAT to allow the container network’s packets to reach the host’s network. Copy the sample pf.conf for Podman.
sudo cp -v /usr/local/etc/containers/pf.conf.sample /etc/pf.confChange v4egress_if and v6egress_if to the host’s main network interface in /etc/pf.conf.
v4egress_if="igc0"
v6egree_if="igc0"Enable and start PF.
sudo sysrc pf_enable="YES"
sudo service pf startFreeBSD >= 13.3 has support for rerouting connections from the host to services inside the container. To enable this, load the PF kernel module, then use sysctl to activate PF support for this rerouting.
echo 'pf_load="YES"' | sudo tee -a /boot/loader.conf
sudo kldload pf
sudo sysctl net.pf.filter_local=1
echo 'net.pf.filter_local=1' | sudo tee -a /etc/sysctl.conf.local
sudo service pf restartThe rerouting rules will only work if the destination address is localhost. Ensure the following exists in /etc/pf.conf.
nat-anchor "cni-rdr/*"Container images and related state is stored in /var/db/containers. Create a ZFS dataset for this with the mountpoint set to that directory.
sudo zfs create -o mountpoint=/var/db/containers zroot/containersIf the system is not using ZFS, change storage.conf to use the vfs storage driver.
sudo sed -I .bak -e 's/driver = "zfs"/driver = "vfs"/' /usr/local/etc/containers/storage.confIf there are any errors caused by the /var/db/containers/storage database, remote it.
sudo rm -rfv /var/db/containers/storageNote: Podman can only be run with root privileges on FreeBSD at this time.
Enable the Linux service.
sudo sysrc linux_enable="YES"
sudo service linux startTo run Linux containers, add the --os=linux argument to Podman commands.
sudo podman run --os=linux ubuntu /usr/bin/cat "/etc/os-release"Everything else should work as expected.
Install Linux VM in Bhyve
Based on How to install Linux VM on FreeBSD using bhyve and ZFS, but condensed and collated for my use-case.
Setting up the network interfaces
Make the tap device UP by default in /etc/sysctl.conf.
echo "net.link.tap.up_on_open=1" >> /etc/sysctl.conf
sysctl net.link.tap.up_on_open=1Load the kernel modules needed for bhyve.
kldload vmm
kldload nmdmMake sure the modules are loaded at boot time.
echo 'vmm_load="YES"' >> /boot/loader.conf
echo 'nmdm_load="YES"' >> /boot/loader.conf
echo 'if_tap_load="YES"' >> /boot/loader.conf
echo 'if_bridge_load="YES"' >> /boot/loader.confCreate the bridge and tap device. If you already have a bridge created, use that instead. We’ll assume this is the case, and the bridge is called igb0bridge.
ifconfig bridge createIf a bridge is already created and the main network interface igc0 is attached to it, the following command is not necessary.
ifconfig igb0bridge addm igc0Create tap interface and attach it to the igb0bridge. <syntaxhighlight lang=“bash” ifconfig tap0 create ifconfig igb0bridge addm tap0
If there wasn’t a bridge already being used for jails, then /etc/rc.conf should contain the following:
cloned_interfaces="igb0bridge tap0"
ifconfig_igb0bridge="addm igc0 addm tap0 up"If there was already a bridge used for jails, then /etc/rc.conf should contain the following:
cloned_interfaces="igb0bridge tap0"
ifconfig_igb0bridge="inet 10.0.0.8/24 addm igc0 addm tap0 up"Setting up the ZFS volumes for Linux bhyve VM
zfs create -V128G -o volmode=dev zroot/debianvmDownloading Debian installer ISO
cd /tmp/
DEBIAN_VERSION=12.10.0
wget "https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-${DEBIAN_VERSION}-amd64-netinst.iso"Installing Debian in VM
Install the grub-bhyve binary to allow booting of non-FreeBSD guest OSes.
pkg install grub2-bhyve bhyve-firmwareInstall Debian by running bhyve with the netinstall iso image and the zvol attached.
bhyve -c 4 -m 8G -w -H \
-s 0,hostbridge \
-s 3,ahci-cd,/tmp/debian-12.10.0-amd64-netinst.iso \
-s 4,virtio-blk,/dev/zvol/zroot/debianvm \
-s 5,virtio-net,tap0 \
-s 29,fbuf,tcp=0.0.0.0:5900,w=800,h=600,wait \
-s 30,xhci,tablet \
-s 31,lpc \
-l com1,stdio \
-l bootrom,/usr/local/share/uefi-firmware/BHYVE_UEFI.fd \
debianvmWhen the command runs, use a remote VNC view to connect to and start the netinstall iso.
The following step is required to boot from UEFI.
Run the Debian installer with desired configuration. When you reach the “Finish the installation” stage, select “Go Back”, then select “Execute a shell”. Once in the shell, run the following commands:
mkdir /target/boot/efi/EFI/BOOT/
cp -v /target/boot/efi/EFI/debian/grubx64.efi /target/boot/efi/EFI/BOOT/bootx64.efi
exitNow continue with “Finish the installation”.
Booting Debian bhyve VM
The instance of the virtual machine needs to be destroyed before it can be started again.
bhyvectl --destroy --vm=debianvmBoot the Debian VM.
bhyve -c 4 -m 8G -w -H \
-s 0,hostbridge \
-s 4,virtio-blk,/dev/zvol/zroot/debianvm \
-s 5,virtio-net,tap0 \
-s 29,fbuf,tcp=0.0.0.0:5900,w=1024,h=768 \
-s 30,xhci,tablet \
-s 31,lpc \
-l com1,stdio \
-l bootrom,/usr/local/share/uefi-firmware/BHYVE_UEFI.fd \
debianvmStarting the Debian VM on boot with a shell script
#!/bin/sh
# Name: startdebianvm
# Purpose: Simple script to start my Debian 10 VM using bhyve on FreeBSD
# Author: Vivek Gite {https://www.cyberciti.biz} under GPL v2.x+
-------------------------------------------------------------------------
# Lazy failsafe (not needed but I will leave them here)
ifconfig tap0 create
ifconfig em0bridge addm tap0
if ! kldstat | grep -w vmm.ko
then
kldload -v vmm
fi
if ! kldstat | grep -w nmdm.ko
then
kldload -v nmdm
fi
bhyve -c 1 -m 1G -w -H \
-s 0,hostbridge \
-s 4,virtio-blk,/dev/zvol/zroot/debianvm \
-s 5,virtio-net,tap0 \
-s 29,fbuf,tcp=0.0.0.0:5900,w=1024,h=768 \
-s 30,xhci,tablet \
-s 31,lpc -l com1,stdio \
-l bootrom,/usr/local/share/uefi-firmware/BHYVE_UEFI.fd \
debianvmCreate a crontab entry:
@reboot /path/to/startdebianvmInstalling a Linux jail
Create the ZFS datasets for the base jail and Linux jail.
sudo zfs create naspool/jails/debian
sudo zfs create naspool/jails/14.2-RELEASEDownload the base userland system for FreeBSD.
fetch https://download.freebsd.org/ftp/releases/amd64/amd64/14.2-RELEASE/base.txzExtract the base userland into the base jail’s directory.
sudo tar -xf base.txz -C /jails/14.2-RELEASE --unlinkCopy DNS and timezone files.
sudo cp -v /etc/resolv.conf /jails/14.2-RELEASE/etc/resolv.conf
sudo cp -v /etc/localtime /jails/14.2-RELEASE/etc/localtimeUpdate the base jail to the latest patch level.
sudo freebsd-update -b /jails/14.2-RELEASE/ fetch installCreate a ZFS snapshot from the base jail.
sudo zfs snapshot naspool/jails/14.2-RELEASE@baseClone the base jail to create a thin jail for the Linux distribution.
sudo zfs clone naspool/jails/14.2-RELEASE@base naspool/jails/debianEnable the Linux ABI.
sudo sysrc linux_enable="YES"
sudo service linux startRun the jail command with a quick configuration.
sudo jail -cm \
name=debian \
host.hostname="debian" \
path="/jails/debian" \
interface="igc0" \
ip4.addr="10.0.0.21" \
exec.start="/bin/sh /etc/rc" \
exec.stop="/bin/sh /etc/rc.shutdown" \
mount.devfs \
devfs_ruleset=11 \
allow.mount \
allow.mount.devfs \
allow.mount.fdescfs \
allow.mount.procfs \
allow.mount.linprocfs \
allow.mount.linsysfs \
allow.mount.tmpfs \
enforce_statfs=1Access the jail.
sudo jexec -u root debianInstall the debootstrap program and prepare the Debian environment.
pkg install debootstrap
debootstrap bookworm /compat/debianWhen the process finishes, stop the jail from the host system.
sudo service jail onestop debianAdd an entry in /etc/jail.conf for the Debian jail.
debian {
# STARTUP/LOGGING
exec.start = "/bin/sh /etc/rc";
exec.stop = "/bin/sh /etc/rc.shutdown";
exec.consolelog = "/var/log/jail_console_${name}.log";
# PERMISSIONS
allow.raw_sockets;
exec.clean;
mount.devfs;
devfs_ruleset = 11;
# HOSTNAME/PATH
host.hostname = "${name}";
path = "/jails/${name}";
# NETWORK
ip4.addr = 10.0.0.21;
interface = igc0;
# MOUNT
mount += "devfs $path/compat/debian/dev devfs rw 0 0";
mount += "tmpfs $path/compat/debian/dev/shm tmpfs rw,size=1g,mode=1777 0 0";
mount += "fdescfs $path/compat/debian/dev/fd fdescfs rw,linrdlnk 0 0";
mount += "linprocfs $path/compat/debian/proc linprocfs rw 0 0";
mount += "linsysfs $path/compat/debian/sys linsysfs rw 0 0";
mount += "/tmp $path/compat/debian/tmp nullfs rw 0 0";
mount += "/home $path/compat/debian/home nullfs rw 0 0";
}Start the jail.
sudo service jail start debianThe Debian environment can be accessed using the following command:
sudo jexec debian chroot /compat/debian /bin/bash