Building a FreeBSD small office IPBX server. Part 1: Installing and configuring FreeBSD
March 2015.
Introduction
Let's build a small office SIP IPBX server.
What I'm going to use
The hardware will be:
- A Soekris net5501. Great card. I got it for cheap on Ebay.
- A spare 2.5" SATA hard drive
- A B410P quadbri PCI card to connect to my ISDN phone provider.
And the software:
- FreeBSD 10.1 (current version at the time)
- Asterisk 11 (current stable version at the time)
Step 1: upgrade the Soekris board's BIOS (optional)
Connect to the board using a classic 9600.8N1 serial connection.
Update the BIOS normally. I use
TeraTerm on Windows to send the file using XMODEM.
comBIOS ver. 1.32i 20071005 Copyright (C) 2000-2007 Soekris Engineering.
net5501
0512 Mbyte Memory CPU Geode LX 500 Mhz
Pri Mas SAMSUNG HM160HC LBA Xlt 1024-255-63 134 Gbyte
Slot Vend Dev ClassRev Cmd Stat CL LT HT Base1 Base2 Int
-------------------------------------------------------------------
0:01:2 1022 2082 10100000 0006 0220 08 00 00 A0000000 00000000 10
0:06:0 1106 3053 02000096 0117 0210 08 40 00 0000E101 A0004000 11
0:07:0 1106 3053 02000096 0117 0210 08 40 00 0000E201 A0004100 05
0:08:0 1106 3053 02000096 0117 0210 08 40 00 0000E301 A0004200 09
0:09:0 1106 3053 02000096 0117 0210 08 40 00 0000E401 A0004300 12
0:20:0 1022 2090 06010003 0009 02A0 08 40 80 00006001 00006101
0:20:2 1022 209A 01018001 0005 02A0 08 00 00 00000000 00000000
0:21:0 1022 2094 0C031002 0006 0230 08 00 80 A0005000 00000000 15
0:21:1 1022 2095 0C032002 0006 0230 08 00 00 A0006000 00000000 15
5 Seconds to automatic boot. Press Ctrl-P for entering Monitor.
comBIOS Monitor. Press ? for help.
>download
Start sending file using XMODEM/CRC protocol.
File downloaded succesfully, size 784 Blocks.
> flashupdate
Updating BIOS Flash ,,,,,,,,,,,,,,,,,,,,,,,,,,,,..,,,,.... Done.
Step 2: build a customized FreeBSD 10.1 PXE boot image
Building a kernel
I'm going to build a tailor-made FreeBSD kernel, including what's needed for the net5501, and excluding drivers that are not needed.
Here's the kernel config file:
# Based on GENERIC:
# FreeBSD: releng/10.1/sys/i386/conf/GENERIC 271234 2014-09-07 18:43:26Z markj
# To be used with soekris net5501
cpu I486_CPU
cpu I586_CPU
ident SOEKRIS
options CPU_GEODE
options CPU_SOEKRIS
makeoptions DEBUG=-g # Build kernel with gdb(1) debug symbols
makeoptions WITH_CTF=1 # Run ctfconvert(1) for DTrace support
hints "GENERIC.hints" # Default places to look for devices.
options SCHED_ULE # ULE scheduler
options PREEMPTION # Enable kernel thread preemption
options INET # InterNETworking
options INET6 # IPv6 communications protocols
options TCP_OFFLOAD # TCP offload
options SCTP # Stream Control Transmission Protocol
options FFS # Berkeley Fast Filesystem
options SOFTUPDATES # Enable FFS soft updates support
options UFS_ACL # Support for access control lists
options UFS_DIRHASH # Improve performance on big directories
options UFS_GJOURNAL # Enable gjournal-based UFS journaling
options QUOTA # Enable disk quotas for UFS
options MD_ROOT # MD is a potential root device
#options NFSCL # New Network Filesystem Client
#options NFSD # New Network Filesystem Server
#options NFSLOCKD # Network Lock Manager
#options NFS_ROOT # NFS usable as /, requires NFSCL
options MSDOSFS # MSDOS Filesystem
options CD9660 # ISO 9660 Filesystem
options PROCFS # Process filesystem (requires PSEUDOFS)
options PSEUDOFS # Pseudo-filesystem framework
options GEOM_PART_GPT # GUID Partition Tables.
options GEOM_RAID # Soft RAID functionality.
options GEOM_LABEL # Provides labelization
options COMPAT_FREEBSD4 # Compatible with FreeBSD4
options COMPAT_FREEBSD5 # Compatible with FreeBSD5
options COMPAT_FREEBSD6 # Compatible with FreeBSD6
options COMPAT_FREEBSD7 # Compatible with FreeBSD7
#options SCSI_DELAY=5000 # Delay (in ms) before probing SCSI
options KTRACE # ktrace(1) support
options STACK # stack(9) support
options SYSVSHM # SYSV-style shared memory
options SYSVMSG # SYSV-style message queues
options SYSVSEM # SYSV-style semaphores
options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions
options PRINTF_BUFR_SIZE=128 # Prevent printf output being interspersed.
options KBD_INSTALL_CDEV # install a CDEV entry in /dev
options HWPMC_HOOKS # Necessary kernel hooks for hwpmc(4)
options AUDIT # Security event auditing
options CAPABILITY_MODE # Capsicum capability mode
options CAPABILITIES # Capsicum capabilities
options PROCDESC # Support for process descriptors
options MAC # TrustedBSD MAC Framework
options KDTRACE_HOOKS # Kernel DTrace hooks
options DDB_CTF # Kernel ELF linker loads CTF data
options INCLUDE_CONFIG_FILE # Include this file in kernel
# Debugging support. Always need this:
options KDB # Enable kernel debugger support.
options KDB_TRACE # Print a stack trace for a panic.
# To make an SMP kernel, the next two lines are needed
options SMP # Symmetric MultiProcessor Kernel
device apic # I/O APIC
# CPU frequency control
device cpufreq
# Bus support.
device acpi
device eisa
device pci
device pass
# ATA and ATAPI devices
device ata
device atadisk # ATA disk drives
options ATA_STATIC_ID # Static device numbering
# SCSI peripherals
device scbus # SCSI bus (required for SCSI)
device da # Direct Access (disks)
device cd # CD
# The following are not needed, but the kernel wouldn't compile without them.
device atkbdc # AT keyboard controller
device atkbd # AT keyboard
device psm # PS/2 mouse
device kbdmux # keyboard multiplexer
device vga # VGA video card driver
options VESA # Add support for VESA BIOS Extensions (VBE)
# syscons is the default console driver, resembling an SCO console
device sc
# Add suspend/resume support for the i8254.
device pmtimer
# Serial (COM) ports
device uart # Generic UART driver
# PCI Ethernet NICs that use the common MII bus controller code.
# NOTE: Be sure to keep the 'device miibus' line in order to use these NICs!
device miibus # MII bus support
device vr # VIA Rhine, Rhine II
# Pseudo devices.
device loop # Network loopback
device random # Entropy device
device padlock_rng # VIA Padlock RNG
device rdrand_rng # Intel Bull Mountain RNG
device ether # Ethernet support
device vlan # 802.1Q VLAN support
device tun # Packet tunnel.
device md # Memory "disks"
device gif # IPv6 and IPv4 tunneling
device faith # IPv6-to-IPv4 relaying (translation)
device firmware # firmware assist module
# The `bpf' device enables the Berkeley Packet Filter.
# Be aware of the administrative consequences of enabling this!
# Note that 'bpf' is required for DHCP.
device bpf # Berkeley packet filter
# USB support
options USB_DEBUG # enable debug msgs
device uhci # UHCI PCI->USB interface
device ohci # OHCI PCI->USB interface
device ehci # EHCI PCI->USB interface (USB 2.0)
device usb # USB Bus (required)
device ukbd # Keyboard
device umass # Disks/Mass storage - Requires scbus and da
#Firewall related
device pf #PF OpenBSD packet-filter firewall
device pflog #logging support interface for PF
options ALTQ
options ALTQ_CBQ
options ALTQ_RED
options ALTQ_RIO
options ALTQ_HFSC
options ALTQ_CDNR
options ALTQ_PRIQ
options NULLFS #NULL filesystem
You can also add some options in your make.conf:
CPUTYPE?=geode
OPTIMIZED_CFLAGS=YES
BUILD_OPTIMIZED=YES
WITH_CPUFLAGS=YES
WITH_OPTIMIZED_CFLAGS=YES
I'm going to build this i386 kernel on a amd64 machine, hence the additional parameters:
cd /usr/src/
make -j2 kernel-toolchain TARGET=i386
make -j2 buildworld TARGET=i386 TARGET_ARCH=i386
make -j2 buildkernel KERNCONF=SOEKRIS TARGET=i386 TARGET_ARCH=i386
If you didn't compile the device hints statically into the kernel, or if you didn't add a
device.hints file in the boot folder of the image, you might get the following panic later:
panic: No usable event timer found!
cpuid = 0
KDB: stack backtrace:
#0 0xc0679362 at kdb_backtrace+0x52
#1 0xc063bd1f at panic+0x11f
#2 0xc090bf25 at cpu_initclocks_bsp+0x495
#3 0xc05e906f at initclocks+0x2f
#4 0xc05e5607 at mi_startup+0xe7
#5 0xc0460a57 at begin+0x2c
Uptime: 1s
Building a mfsbsd image
mfsbsd images are great since they can be booted directly using PXE.
Download, extract and go to mfsbsd:
fetch -o mfsbsd.zip https://github.com/mmatuska/mfsbsd/archive/master.zip --no-verify-peer
unzip mfsbsd.zip
cd mfsbsd-master
Copy the example config files:
#/bin/sh
for fn in *.sample; do
cp ${fn} ${fn%.sample}
done
Enable the serial console in the loader config file, and set the root password:
cat conf/loader.conf:
...
mfsbsd.rootpw="mfsroot"
console="comconsole"
Build the image:
make CUSTOM=1 TARGET=i386 TARGET_ARCH=i386 KERNCONF=SOEKRIS
This will use the kernel and userland made in the previous section.
Build and serve the dist files (base.txz, kernel.txz)
Build the dist files:
cd /usr/src/release
make -j2 NODOC=YES NOPORTS=YES NOSRC=YES NOGAMES=YES KERNCONF=SOEKRIS TARGET=i386 TARGET_ARCH=i386 system
Serves the dist files using HTTP or FTP. I use python to start a quick and dirty HTTP server.
cd /usr/src/release/dist
python -m SimpleHTTPServer 8080
Configure pxelinux to boot the file
The usual
pxelinux.0 binary file has problems with the Soekris serial connection (entire screen truncated to 16 characters), so we'll need a patched one, which can be found here: https://centerclick.org/net4801/pxelinux/.Download
memdisk. You can find it packaged with syslinux: http://www.kernel.org/pub/linux/utils/boot/syslinux/.Configure pxelinux in
pxelinux.cfg/default:
DEFAULT fbsd
LABEL fbsd
kernel memdisk
append initrd=/mfsbsd-10.1-RELEASE-p12-i386.img harddisk raw
Step 3: Install FreeBSD on the board
Start your favorite TFTP server and boot
pxelinux.0 with the Soekris.
> boot f0
Start
bsdinstall and install the system as usual. When asked what mirror you wish to use, select "Other" and enter the location of your dist files (for instance: http://192.168.4.2:8080).Partitioning
I partitioned the hard drive manually, using the shell. I wish I could have used ZFS, but with 512MB of RAM, well...
Create the partition:
gpart create -s mbr ada0
gpart add -t freebsd ada0
gpart create -s bsd ada0s1
# ada0s1a => /
gpart add -s 32G -t freebsd-ufs ada0s1
# ada0s1b => Swap
gpart add -s 2G -t freebsd-swap ada0s1
# ada0s1c => /var
gpart add -s 32G -t freebsd-ufs ada0s1
# ada0s1d => /usr
gpart add -s 32G -t freebsd-ufs ada0s1
# ada0s1e => /usr/home
gpart add -t freebsd-ufs ada0s1
Install the boot loader and set the first partition as active.
gpart set -a active -i 1 ada0
gpart bootcode -b /boot/mbr ada0
gpart bootcode -b /boot/boot ada0s1
Create the label and filesystems:
# Labels and filesystems
glabel label swap0 /dev/ada0s1b
newfs -L rootfs -U /dev/ada0s1a
newfs -L varfs -U /dev/ada0s1d
newfs -L usrfs -U /dev/ada0s1e
newfs -L usrhomefs -U /dev/ada0s1f
Write the fstab file in
/tmp/bsdinstall_etc/fstab:
# Device Mountpoint FStype Options Dump Pass#
/dev/ufs/rootfs / ufs rw 1 1
/dev/label/swap0 none swap sw 0 0
/dev/ufs/varfs /var ufs rw 1 2
/dev/ufs/usrfs /usr ufs rw 1 3
/dev/ufs/usrhomefs /usr/home ufs rw 1 4
Mount the systems so that the installer can write into them:
mount /dev/ufs/rootfs /mnt/
mkdir /mnt/var
mount /dev/ufs/varfs /mnt/var/
mkdir /mnt/usr
mount /dev/ufs/usrfs /mnt/usr/
mkdir /mnt/usr/home
mount /dev/ufs/usrhomefs /mnt/usr/home
Continuing the installation
Exit the shell, and let the installer fetch the packages and do its magic.
Before rebooting, don't forget to enable the console and set the boot partition in
/boot/loader.conf:
console="comconsole"
vfs.root.mountfrom="ufs:/dev/ufs/rootfs"
You now have FreeBSD installed on your Soekris net5501.
Going to the next part
In the next part, we'll install the ISDN quadBRI card, and connect to the outside world.