Installing OpenBSD on a Soekris Net5501-70
	Part IX. OpenBSD

Installing OpenBSD on a Soekris Net5501-70

Jurjen Bokma

May 2008

Connecting the device

Connect the null modem cable to the serial ports of your net5501 box and your PC.
Connect a UTP cable to the port labeled “eth0” on the Soekris box, and to your network.
Warning
This procedure assumes you have a DHCP and a TFTP server handy.

Do not connect the power cord yet.
Configuring the terminal emulator
1. Install Minicom on the PC.
  apt-get install minicom
2. Press CtrlA+Z then O to get into the configuration menu. Now configure Minicom in such a way that it emulates an ANSI terminal at 19200 baud with 8-bits-one-parity and one stop bit. And make sure it connects to the serial port your cable is plugged into.
3. Save these settings
Boot into the comBIOS
1. Now connect the power cable (both ends ;) and see your box boot.
  
  POST: 012345689bcefghips1234ajklnopqr,,,tvwxy comBIOS ver. 1.33 20070103 Copyright (C) 2000-2007 Soekris Engineering. net5501 0512 Mbyte Memory CPU Geode LX 500 Mhz Pri Mas SanDisk SDCFH2-004G LBA Xlt 995-128-63 4013 Mbyte Slot Vend Dev ClassRev Cmd Stat CL LT HT Base1 Base2 Int ------------------------------------------------------------------- 0:01:2 1022 2082 10100000 0006 0220 08 00 00 A0000000 00000000 10 0:06:0 1106 3053 02000096 0117 0210 08 40 00 0000E101 A0004000 11 0:07:0 1106 3053 02000096 0117 0210 08 40 00 0000E201 A0004100 05 0:08:0 1106 3053 02000096 0117 0210 08 40 00 0000E301 A0004200 09 0:09:0 1106 3053 02000096 0117 0210 08 40 00 0000E401 A0004300 12 0:14:0 104C AC23 06040002 0107 0210 08 40 01 00000000 00000000 0:20:0 1022 2090 06010003 0009 02A0 08 40 80 00006001 00006101 0:20:2 1022 209A 01018001 0005 02A0 08 00 00 00000000 00000000 0:21:0 1022 2094 0C031002 0006 0230 08 00 80 A0005000 00000000 15 0:21:1 1022 2095 0C032002 0006 0230 08 00 00 A0006000 00000000 15 1:00:0 100B 0020 02000000 0107 0290 00 40 00 0000D001 A4000000 10 1:01:0 100B 0020 02000000 0107 0290 00 40 00 0000D101 A4001000 07 1:02:0 100B 0020 02000000 0107 0290 00 40 00 0000D201 A4002000 10 1:03:0 100B 0020 02000000 0107 0290 00 40 00 0000D301 A4003000 07 4 Seconds to automatic boot. Press Ctrl-P for entering Monitor. comBIOS Monitor. Press ? for help. > ? comBIOS Monitor Commands boot [drive][:partition] INT19 Boot reboot cold boot download download a file using XMODEM/CRC flashupdate update flash BIOS with downloaded file time [HH:MM:SS] show or set time date [YYYY/MM/DD] show or set date d[b|w|d] [adr] dump memory bytes/words/dwords e[b|w|d] adr value [...] enter bytes/words/dwords i[b|w|d] port input from 8/16/32-bit port o[b|w|d] port value output to 8/16/32-bit port run adr execute code at adr cmosread [adr] read CMOS RAM data cmoswrite adr byte [...] write CMOS RAM data cmoschecksum update CMOS RAM Checksum set parameter=value set system parameter to value show [parameter] show one or all system parameters ?/help show this help
2. Set date and time:
  date 2008/05/16 22:42:15
3. Set new connection speed
  set ConSpeed=57600
  Warning
  The minicom settings should also be adjusted (at next boot).
Boot from PXE
1. Have the following DHCP snippet and restart the DHCP service:
```
group
        { # openbsd-clients

        next-server 192.168.5.200;
        filename "pxeboot_openbsd_43";

	    host soekris { hardware ethernet 00:00:24:XX:XX:XX  ; fixed-address 192.168.23.65 ; option host-name "soekris"; } #

        }# end group openbsd-clients
	    
```
2. On the TFTP server, go into your TFTP directory and download a few files^[27]:
  
  
  cd /var/lib/tftpboot
  wget http://osis.service.rug.nl/pub/os/bsd/openbsd/4.3/i386/pxeboot
  mv pxeboot pxeboot_openbsd_43
  wget http://osis.service.rug.nl/pub/os/bsd/openbsd/4.3/i386/bsd.rd
  mv bsd.rd openbsd_43.rd
  mkdir etc
  cat <<EOF > etc/boot.conf
  set tty com0
  stty com0 57600
  boot openbsd_43.rd
  EOF
3. Boot the Soekris box into PXE:
  boot f0
  
  > boot f0 Intel UNDI, PXE-2.0 (build 082) Copyright (C) 1997,1998,1999 Intel Corporation VIA Rhine III Management Adapter v2.43 (2005/12/15) CLIENT MAC ADDR: 00 00 24 CA 65 D4 CLIENT IP: 192.168.5.4 MASK: 255.255.255.0 DHCP IP: 192.168.5.200 GATEWAY IP: 192.168.5.251 probing: pc0 com0 com1 pxe![2.1] mem[639K 511M a20=on] disk: hd0+* net: mac 00:00:24:ca:65:d4, ip 192.168.5.4, server 192.168.5.200 >> OpenBSD/i386 PXEBOOT 2.02 switching console to com0 >> OpenBSD/i386 PXEBOOT 2.02 com0: changing speed to 57600 baud in 5 seconds, change your terminal to match! com0: 57600 baud booting tftp:openbsd_43.rd: 4780308+874136 [52+178240+163973]=0x5b821c entry point at 0x200120 Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved. Copyright (c) 1995-2008 OpenBSD. All rights reserved. http://www.OpenBSD.org OpenBSD 4.3 (RAMDISK_CD) #645: Wed Mar 12 11:31:03 MDT 2008 deraadt@i386.openbsd.org:/usr/src/sys/arch/i386/compile/RAMDISK_CD cpu0: Geode(TM) Integrated Processor by AMD PCS ("AuthenticAMD" 586-class) 500 MHz cpu0: FPU,DE,PSE,TSC,MSR,CX8,SEP,PGE,CMOV,CFLUSH,MMX real mem = 536440832 (511MB) avail mem = 512524288 (488MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 20/70/03, BIOS32 rev. 0 @ 0xfac40 pcibios0 at bios0: rev 2.0 @ 0xf0000/0x10000 pcibios0: pcibios_get_intr_routing - function not supported pcibios0: PCI IRQ Routing information unavailable. pcibios0: PCI bus #1 is the last bus bios0: ROM list: 0xc8000/0xa800 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 1 function 0 "AMD Geode LX" rev 0x31 "AMD Geode LX Crypto" rev 0x00 at pci0 dev 1 function 2 not configured vr0 at pci0 dev 6 function 0 "VIA VT6105M RhineIII" rev 0x96: irq 11, address 00:00:24:ca:65:d4 ukphy0 at vr0 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034 vr1 at pci0 dev 7 function 0 "VIA VT6105M RhineIII" rev 0x96: irq 5, address 00:00:24:ca:65:d5 ukphy1 at vr1 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034 vr2 at pci0 dev 8 function 0 "VIA VT6105M RhineIII" rev 0x96: irq 9, address 00:00:24:ca:65:d6 ukphy2 at vr2 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034 vr3 at pci0 dev 9 function 0 "VIA VT6105M RhineIII" rev 0x96: irq 12, address 00:00:24:ca:65:d7 ukphy3 at vr3 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034 ppb0 at pci0 dev 14 function 0 "TI PCI2250 PCI-PCI" rev 0x02 pci1 at ppb0 bus 1 sis0 at pci1 dev 0 function 0 "NS DP83815 10/100" rev 0x00, DP83816A: irq 10, address 00:00:24:c9:b0:10 nsphyter0 at sis0 phy 0: DP83815 10/100 PHY, rev. 1 sis1 at pci1 dev 1 function 0 "NS DP83815 10/100" rev 0x00, DP83816A: irq 7, address 00:00:24:c9:b0:11 nsphyter1 at sis1 phy 0: DP83815 10/100 PHY, rev. 1 sis2 at pci1 dev 2 function 0 "NS DP83815 10/100" rev 0x00, DP83816A: irq 10, address 00:00:24:c9:b0:12 nsphyter2 at sis2 phy 0: DP83815 10/100 PHY, rev. 1 sis3 at pci1 dev 3 function 0 "NS DP83815 10/100" rev 0x00, DP83816A: irq 7, address 00:00:24:c9:b0:13 nsphyter3 at sis3 phy 0: DP83815 10/100 PHY, rev. 1 glxpcib0 at pci0 dev 20 function 0 "AMD CS5536 ISA" rev 0x03: rev 0, 32-bit 3579545Hz timer pciide0 at pci0 dev 20 function 2 "AMD CS5536 IDE" rev 0x01: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility wd0 at pciide0 channel 0 drive 0: <SanDisk SDCFH2-004G> wd0: 4-sector PIO, LBA, 3919MB, 8027712 sectors wd0(pciide0:0:0): using PIO mode 4, DMA mode 2 pciide0: channel 1 ignored (disabled) ohci0 at pci0 dev 21 function 0 "AMD CS5536 USB" rev 0x02: irq 15, version 1.0, legacy support ehci0 at pci0 dev 21 function 1 "AMD CS5536 USB" rev 0x02: irq 15 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 "AMD EHCI root hub" rev 2.00/1.00 addr 1 isa0 at glxpcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo pccom0: console pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo usb1 at ohci0: USB revision 1.0 uhub1 at usb1 "AMD OHCI root hub" rev 1.00/1.00 addr 1 biomask e145 netmask ffe5 ttymask ffe7 rd0: fixed, 3800 blocks PXE boot MAC address 00:00:24:ca:65:d4, interface vr0 root on rd0a swap on rd0b dump on rd0b erase ^?, werase ^W, kill ^U, intr ^C, status ^T (I)nstall, (U)pgrade or (S)hell?
Install OpenBSD
It is time to follow the steps in the installation manual.

	Warning
The minicom settings should also be adjusted (at next boot).

Procedure 59. Configuring the OpenBSD box

Add a mere mortal user

adduser username

Add the user to the /etc/sudoers file

<snip>
# User privilege specification
root    ALL=(ALL) SETENV: ALL
username  ALL=(ALL) ALL
<snip>

Configure the packaging system

Put in ~/.profile a stanza

PKGPATH=ftp://ftp.nluug.nl/pub/OpenBSD/4.3/packages/i386
export PKGPATH

and re-source the file:

. ~/.profile

	Note
	Even though the OpenBSD documentation on the package management tools doesn't mention it, the ftp client does support HTTP. So you can just fill in an http url in the `PKG_PATH`. This is especially convenient when `ftp` is blocked by a firewall en no proxy has been set up.

Install some packages

sudo pkg_add -v syslog-ng-1.6.8
sudo pkg_add -v isc-dhcp-server-3.1.0
Configure some network interfaces
Configure SSH
Make sure the SSH daemon doesn't listen on the WAN interfaces. For now, make it listen on all LAN NICs, including the config NIC (later on we can remove all but the config NIC). Add the following lines to /etc/ssh/sshd_config:
```
ListenAddress 10.0.12.1
ListenAddress 10.1.154.1
ListenAddress 192.168.5.4
      
```
(Compile and) Configure DHCPD
The package isc-dhcpd-3.1.0 that we installed has not replaced the DHCP daemon executable /usr/sbin/dhcpd that was in the file set base43.tgz. Instead, a new file /usr/local/sbin/dhcpd was added that contains the daemon we want to use.
Follow this tutorial to get it running, chrooted and all.
Fun! Now we have a perfectly chrooted DHCP server, but it won't pass the PXELinux options to the clients, so PXELinux loads the default config files. That was not the idea. This is a consequence of the patches OpenBSD applied to the daemon. So we install another instance of OpenBSD (on a vritual machine, and this time with the compiler on it), and fetch the source of the ISC dhcp daemon. This compiles without error, and we copy just the dhcpd binary to the router. Now this of course doesn't support opening all files as root and then dropping privileges, so we leave the chroot out for the moment. But is does support PXELinux all right.
Compile and Configure BIND9
1. Get the BIND source and unpack it:
  
  
  ftp http://ftp.isc.org/isc/bind9/9.4.2/bind-9.4.2.tar.gz
  tar zxf bind-9.4.2.tar.gz
2. Configure the installer:
  
  
  ./configure --with-libtool --with-openssl --enable-ipv6 --with-dlz-filesystem --with-dlz-stub
  make
  
  
  ^[28]
3. Since installation is fairly complex and I don't know how to log only the copy actions, I copy the entire tree to the target machine, and run make install there:
  On the compiling machine:
  
  
  tar cvzf /tmp/bind-9.4.2-compiled.tgz bind-9.4.2
  scp /tmp/bind-9.4.2-compiled.tgz ordinaryuser@router:/tmp
  
  
  
  On the router:
  
  
  cd ~
  tar zxvf /tmp/bind-9.4.2-compiled.tgz
  cd bind-9.4.2/
  sudo make install
  rm -rf bind-9.4.2 /tmp/bind-9.4.2-compiled.tgz
  sudo find /usr/local/sbin/ -type f -group wheel -exec chown root:bin {} \;
  
  
  
  Warning
  It is imperative that the path on the target machine where sudo make install is to run is identical to the path on the build machine where make has run.

^[27]Do use your favourite mirror

^[28] The options “--with-dlz-postgres --with-dlz-bdb --with-dlz-mysql --with-dlz-ldap” would've been nice too, but I'm not wasting my time on options I'm not sure I'm going to use here

	Warning
	This procedure assumes you have a DHCP and a TFTP server handy.

	Warning
	It is imperative that the path on the target machine where sudo make install is to run is identical to the path on the build machine where make has run.


Soekris 5501 Revisited: OpenBSD4.4		Part X. Debian (sometimes also Ubuntu)