You are here

Building a FreeBSD small office IPBX server. Part 1: Installing and configuring FreeBSD

The FreeBSD logoImageImage

Introduction

Let's build a small office SIP IPBX server.

What I'm going to use

The hardware will be:

  • A Soekris net5501. Great card. I got it for cheap on Ebay.
  • A spare 2.5" SATA hard drive
  • A B410P quadbri PCI card to connect to my ISDN phone provider.

A Soekris net5501-70

And the software:

Step 1: upgrade the Soekris board's BIOS (optional)

Connect to the board using a classic 9600.8N1 serial connection.

Update the BIOS normally. I use TeraTerm on Windows to send the file using XMODEM.

comBIOS ver. 1.32i 20071005  Copyright (C) 2000-2007 Soekris Engineering.

net5501

0512 Mbyte Memory                        CPU Geode LX 500 Mhz

Pri Mas  SAMSUNG HM160HC                 LBA Xlt 1024-255-63  134 Gbyte

Slot   Vend Dev  ClassRev Cmd  Stat CL LT HT  Base1    Base2   Int
-------------------------------------------------------------------
0:01:2 1022 2082 10100000 0006 0220 08 00 00 A0000000 00000000 10
0:06:0 1106 3053 02000096 0117 0210 08 40 00 0000E101 A0004000 11
0:07:0 1106 3053 02000096 0117 0210 08 40 00 0000E201 A0004100 05
0:08:0 1106 3053 02000096 0117 0210 08 40 00 0000E301 A0004200 09
0:09:0 1106 3053 02000096 0117 0210 08 40 00 0000E401 A0004300 12
0:20:0 1022 2090 06010003 0009 02A0 08 40 80 00006001 00006101
0:20:2 1022 209A 01018001 0005 02A0 08 00 00 00000000 00000000
0:21:0 1022 2094 0C031002 0006 0230 08 00 80 A0005000 00000000 15
0:21:1 1022 2095 0C032002 0006 0230 08 00 00 A0006000 00000000 15

 5 Seconds to automatic boot.   Press Ctrl-P for entering Monitor.

comBIOS Monitor.   Press ? for help.

>download

Start sending file using XMODEM/CRC protocol.

File downloaded succesfully, size 784 Blocks.

> flashupdate
Updating BIOS Flash ,,,,,,,,,,,,,,,,,,,,,,,,,,,,..,,,,.... Done.

Image

Step 2: build a customized FreeBSD 10.1 PXE boot image

Building a kernel

I'm going to build a tailor-made FreeBSD kernel, including what's needed for the net5501, and excluding drivers that are not needed.

Here's the kernel config file:

# Based on GENERIC:
#   FreeBSD: releng/10.1/sys/i386/conf/GENERIC 271234 2014-09-07 18:43:26Z markj
# To be used with soekris net5501

cpu     I486_CPU
cpu     I586_CPU
ident   SOEKRIS

options CPU_GEODE
options CPU_SOEKRIS

makeoptions	DEBUG=-g		# Build kernel with gdb(1) debug symbols
makeoptions	WITH_CTF=1		# Run ctfconvert(1) for DTrace support

hints		"GENERIC.hints"		# Default places to look for devices.

options 	SCHED_ULE		# ULE scheduler
options 	PREEMPTION		# Enable kernel thread preemption
options 	INET			# InterNETworking
options 	INET6			# IPv6 communications protocols
options 	TCP_OFFLOAD		# TCP offload
options 	SCTP			# Stream Control Transmission Protocol
options 	FFS			# Berkeley Fast Filesystem
options 	SOFTUPDATES		# Enable FFS soft updates support
options 	UFS_ACL			# Support for access control lists
options 	UFS_DIRHASH		# Improve performance on big directories
options 	UFS_GJOURNAL		# Enable gjournal-based UFS journaling
options 	QUOTA			# Enable disk quotas for UFS
options 	MD_ROOT			# MD is a potential root device
#options 	NFSCL			# New Network Filesystem Client
#options 	NFSD			# New Network Filesystem Server
#options 	NFSLOCKD		# Network Lock Manager
#options 	NFS_ROOT		# NFS usable as /, requires NFSCL
options 	MSDOSFS			# MSDOS Filesystem
options 	CD9660			# ISO 9660 Filesystem
options 	PROCFS			# Process filesystem (requires PSEUDOFS)
options 	PSEUDOFS		# Pseudo-filesystem framework
options 	GEOM_PART_GPT		# GUID Partition Tables.
options 	GEOM_RAID		# Soft RAID functionality.
options 	GEOM_LABEL		# Provides labelization
options 	COMPAT_FREEBSD4		# Compatible with FreeBSD4
options 	COMPAT_FREEBSD5		# Compatible with FreeBSD5
options 	COMPAT_FREEBSD6		# Compatible with FreeBSD6
options 	COMPAT_FREEBSD7		# Compatible with FreeBSD7
#options 	SCSI_DELAY=5000		# Delay (in ms) before probing SCSI
options 	KTRACE			# ktrace(1) support
options 	STACK			# stack(9) support
options 	SYSVSHM			# SYSV-style shared memory
options 	SYSVMSG			# SYSV-style message queues
options 	SYSVSEM			# SYSV-style semaphores
options 	_KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions
options 	PRINTF_BUFR_SIZE=128	# Prevent printf output being interspersed.
options 	KBD_INSTALL_CDEV	# install a CDEV entry in /dev
options 	HWPMC_HOOKS		# Necessary kernel hooks for hwpmc(4)
options 	AUDIT			# Security event auditing
options 	CAPABILITY_MODE		# Capsicum capability mode
options 	CAPABILITIES		# Capsicum capabilities
options 	PROCDESC		# Support for process descriptors
options 	MAC			# TrustedBSD MAC Framework
options 	KDTRACE_HOOKS		# Kernel DTrace hooks
options 	DDB_CTF			# Kernel ELF linker loads CTF data
options 	INCLUDE_CONFIG_FILE	# Include this file in kernel

# Debugging support.  Always need this:
options 	KDB			# Enable kernel debugger support.
options 	KDB_TRACE		# Print a stack trace for a panic.

# To make an SMP kernel, the next two lines are needed
options 	SMP			# Symmetric MultiProcessor Kernel
device		apic			# I/O APIC

# CPU frequency control
device		cpufreq

# Bus support.
device		acpi
device		eisa
device		pci
device              pass

# ATA and ATAPI devices
device      ata
device      atadisk         # ATA disk drives
options     ATA_STATIC_ID   # Static device numbering

# SCSI peripherals
device      scbus   # SCSI bus (required for SCSI)
device      da      # Direct Access (disks)
device      cd      # CD

# The following are not needed, but the kernel wouldn't compile without them.
device          atkbdc                  # AT keyboard controller
device          atkbd                   # AT keyboard
device          psm                     # PS/2 mouse
device          kbdmux                  # keyboard multiplexer
device          vga                     # VGA video card driver
options         VESA                    # Add support for VESA BIOS Extensions (VBE)

# syscons is the default console driver, resembling an SCO console
device		sc

# Add suspend/resume support for the i8254.
device		pmtimer

# Serial (COM) ports
device      uart            # Generic UART driver

# PCI Ethernet NICs that use the common MII bus controller code.
# NOTE: Be sure to keep the 'device miibus' line in order to use these NICs!
device		miibus			# MII bus support
device		vr			# VIA Rhine, Rhine II

# Pseudo devices.
device		loop			# Network loopback
device		random			# Entropy device
device		padlock_rng		# VIA Padlock RNG
device		rdrand_rng		# Intel Bull Mountain RNG
device		ether			# Ethernet support
device		vlan			# 802.1Q VLAN support
device		tun			# Packet tunnel.
device		md			# Memory "disks"
device		gif			# IPv6 and IPv4 tunneling
device		faith			# IPv6-to-IPv4 relaying (translation)
device		firmware		# firmware assist module

# The `bpf' device enables the Berkeley Packet Filter.
# Be aware of the administrative consequences of enabling this!
# Note that 'bpf' is required for DHCP.
device		bpf			# Berkeley packet filter

# USB support
options 	USB_DEBUG		# enable debug msgs
device		uhci			# UHCI PCI->USB interface
device		ohci			# OHCI PCI->USB interface
device		ehci			# EHCI PCI->USB interface (USB 2.0)
device		usb			# USB Bus (required)
device		ukbd			# Keyboard
device		umass			# Disks/Mass storage - Requires scbus and da

#Firewall related
device      pf          #PF OpenBSD packet-filter firewall
device      pflog           #logging support interface for PF
options ALTQ
options ALTQ_CBQ
options ALTQ_RED
options ALTQ_RIO
options ALTQ_HFSC
options ALTQ_CDNR
options ALTQ_PRIQ

options     NULLFS          #NULL filesystem

You can also add some options in your make.conf:

CPUTYPE?=geode
OPTIMIZED_CFLAGS=YES
BUILD_OPTIMIZED=YES
WITH_CPUFLAGS=YES
WITH_OPTIMIZED_CFLAGS=YES

I'm going to build this i386 kernel on a amd64 machine, hence the additional parameters:

cd /usr/src/
make -j2 kernel-toolchain TARGET=i386
make -j2 buildworld TARGET=i386 TARGET_ARCH=i386
make -j2 buildkernel KERNCONF=SOEKRIS TARGET=i386 TARGET_ARCH=i386

If you didn't compile the device hints statically into the kernel, or if you didn't add a device.hints file in the boot folder of the image, you might get the following panic later:

panic: No usable event timer found!
cpuid = 0
KDB: stack backtrace:
#0 0xc0679362 at kdb_backtrace+0x52
#1 0xc063bd1f at panic+0x11f
#2 0xc090bf25 at cpu_initclocks_bsp+0x495
#3 0xc05e906f at initclocks+0x2f
#4 0xc05e5607 at mi_startup+0xe7
#5 0xc0460a57 at begin+0x2c
Uptime: 1s

Building a mfsbsd image

mfsbsd images are great since they can be booted directly using PXE.

Download, extract and go to mfsbsd:

fetch -o mfsbsd.zip https://github.com/mmatuska/mfsbsd/archive/master.zip --no-verify-peer
unzip mfsbsd.zip
cd mfsbsd-master

Copy the example config files:

#/bin/sh
for fn in *.sample; do
cp ${fn} ${fn%.sample}
done

Enable the serial console in the loader config file, and set the root password:

cat conf/loader.conf:
...
mfsbsd.rootpw="mfsroot"
console="comconsole"

Build the image:

make CUSTOM=1 TARGET=i386 TARGET_ARCH=i386 KERNCONF=SOEKRIS

This will use the kernel and userland made in the previous section.

Build and serve the dist files (base.txz, kernel.txz)

Build the dist files:

cd /usr/src/release
make -j2 NODOC=YES NOPORTS=YES NOSRC=YES NOGAMES=YES KERNCONF=SOEKRIS TARGET=i386 TARGET_ARCH=i386 system

Serves the dist files using HTTP or FTP. I use python to start a quick and dirty HTTP server.

cd /usr/src/release/dist
python -m SimpleHTTPServer 8080

Configure pxelinux to boot the file

The usual pxelinux.0 binary file has problems with the Soekris serial connection (entire screen truncated to 16 characters), so we'll need a patched one, which can be found here: https://centerclick.org/net4801/pxelinux/.

Download memdisk. You can find it packaged with syslinux: http://www.kernel.org/pub/linux/utils/boot/syslinux/.

Configure pxelinux in pxelinux.cfg/default:

DEFAULT fbsd
 
LABEL fbsd
 kernel memdisk
 append initrd=/mfsbsd-10.1-RELEASE-p12-i386.img harddisk raw

Step 3: Install FreeBSD on the board

Start your favorite TFTP server and boot pxelinux.0 with the Soekris.

> boot f0

Start bsdinstall and install the system as usual. When asked what mirror you wish to use, select "Other" and enter the location of your dist files (for instance: http://192.168.4.2:8080).

Partitioning

I partitioned the hard drive manually, using the shell. I wish I could have used ZFS, but with 512MB of RAM, well...

Create the partition:

gpart create -s mbr ada0
gpart add -t freebsd ada0
gpart create -s bsd ada0s1
# ada0s1a => /
gpart add -s 32G -t freebsd-ufs ada0s1
# ada0s1b => Swap
gpart add -s 2G -t freebsd-swap ada0s1
# ada0s1c => /var
gpart add -s 32G -t freebsd-ufs ada0s1
# ada0s1d => /usr
gpart add -s 32G -t freebsd-ufs ada0s1
# ada0s1e => /usr/home
gpart add -t freebsd-ufs ada0s1

Install the boot loader and set the first partition as active.

gpart set -a active -i 1 ada0
gpart bootcode -b /boot/mbr ada0
gpart bootcode -b /boot/boot ada0s1

Create the label and filesystems:

# Labels and filesystems
glabel label swap0 /dev/ada0s1b
newfs -L rootfs -U /dev/ada0s1a
newfs -L varfs  -U /dev/ada0s1d
newfs -L usrfs  -U /dev/ada0s1e
newfs -L usrhomefs  -U /dev/ada0s1f

Write the fstab file in /tmp/bsdinstall_etc/fstab:

# Device            Mountpoint      FStype  Options     Dump    Pass#
/dev/ufs/rootfs     /               ufs     rw          1       1
/dev/label/swap0    none            swap    sw          0       0
/dev/ufs/varfs      /var            ufs     rw          1       2
/dev/ufs/usrfs      /usr            ufs     rw          1       3
/dev/ufs/usrhomefs  /usr/home       ufs     rw          1       4

Mount the systems so that the installer can write into them:

mount /dev/ufs/rootfs /mnt/
mkdir /mnt/var
mount /dev/ufs/varfs /mnt/var/
mkdir /mnt/usr
mount /dev/ufs/usrfs /mnt/usr/
mkdir /mnt/usr/home
mount /dev/ufs/usrhomefs /mnt/usr/home

Continuing the installation

Exit the shell, and let the installer fetch the packages and do its magic.

Before rebooting, don't forget to enable the console and set the boot partition in /boot/loader.conf:

console="comconsole"
vfs.root.mountfrom="ufs:/dev/ufs/rootfs"

You now have FreeBSD installed on your Soekris net5501.

Going to the next part

In the next part, we'll install the ISDN quadBRI card, and connect to the outside world.