Your message?

Notice: To avoid posts by spam, a message body without the word '#FuguIta' is rejected. ~
Please include the word in your message text.
----
#contents
----
#article
**I have found [ command. [#ob1429ee]
>[[m3th]] (2021-11-07 (Sun) 05:41:01)~
~
#FuguIta-7.0-amd64-202111011.img.gz ~
~
 $ ls -l /bin/[
 -r-xr-xr-x  2 root  bin  123320 Oct 17 13:25 /bin/[
 
 $ /bin/[
 [: missing ]
//
- Curious!  I have found same file other *BSD. Sorry for my post.   #FuguIta -- [[m3th]] &new{2021-11-07 (Sun) 12:30:46};
- /bin/[ is equivalent to /bin/test.~
Let's see their inode numbers and link counts.~
 $ ls -li /bin/[ /bin/test
 16207 -r-xr-xr-x  2 root  bin  123320 Oct 17 22:25 /bin/[
 16207 -r-xr-xr-x  2 root  bin  123320 Oct 17 22:25 /bin/test
And note that ksh has same built-in commands.~
~
In FuguIta's scripts, i.e. /boottmp/rc, /boottmp/usbfadm and so on, [ command is used frequently.~
~#FuguIta -- [[kaw]] &new{2021-11-07 (Sun) 18:59:08};

#comment

**Video/Audio transmission over VPN by FuguIta [#x70aaa73]
>[[kaw]] (2021-11-02 (Tue) 15:43:48)~
~
''The plan'' ~
~
I received a request to send video and audio from a studio to a venue using IP transmission equipment for an event.~
~
And there were two limitations to this job as follows.~
~
>>1. a pair of IP transmission devices work well when directly connected, however, due to a problem with the web UI, we cannot change some of the settings, such as the IP address, which means that transmission over the Internet is impossible as it is.~
~
2. We can change the settings of the edge router in the studio, but we don't know about the router in the venue. In other words, we cannot confirm whether we can set up port forwarding so that the Internet can communicate with hosts in the venue's network.~
~
#ref(L2-Tunnel.png,wrap,around,right,40%)
>To solve this problem, we decided to build a VPN between the studio and the venue, and connect the IP encoder in the studio to the IP decoder in the venue using Layer 2. Once the VPN line is established, communication is possible from either direction. And the two ends of the VPN can be thought of as being pseudo-directly connected by LAN cables.~
~
Of course, we use OpenBSD and FuguIta to solve this kind of problem.~
To build a VPN, [[WireGuard>https://www.wireguard.com/]], or [[wg(4)>https://man.openbsd.org/wg.4]], which appeared in OpenBSD 6.8, seemed to be useful.~
Using WireGuard in practice, we found that it was very easy to build a VPN circuit.~
#img(,clear)
Settings for WireGuard at the studio site is as follows:
 ---- hostname.wg1 --------------------
 wgkey PRIVKEY-OF-THIS-PEER
 wgport 7501
 wgpeer PUBKEY-OF-HIS-PEER wgaip 172.16.54.1/32 wgpka 0
 inet 172.16.54.254 255.255.255.0
 mtu 1380
 up
The reason the wg number is 1 is to account for the possibility that other peers may connect in the future. ~
The reason why wgpka is 0 is because the Nat router on the other side is not forwarding the port, so keep alives will not occur.~
~
Next, we look at the venue.
 ---- hostname.wg0 --------------------
 wgkey PRIVKEY-OF-THIS-PEER
 wgport 8501
 wgpeer PUBKEY-OF-HIS-PEER wgendpoint 153.246.158.51 7501 wgaip 172.16.54.0/24 wgpka 5
 mtu 1380
 inet 172.16.54.1 255.255.255.0
#ref(Network.png,wrap,around,left,40%)
There was one more problem that we had to solve in using WireGuard.~
That is, WireGuard is a Layer 3-only VPN.~
This time, we want to connect the IP encoder and the IP decoder pseudo-directly, so we need to connect them on Layer 2.~
~
Therefore, I now decided to use [[etherip(4)>https://man.openbsd.org/etherip.4]] to flow Ethernet frames into WireGuard VPN.~
This seemed to achieve our goal.~
#img(,clear)
Here is the configuration of the physical devices on the studio side. ~
bge0 is connected to LAN, and axe0 to the video encoder.
 ---- hostname.bge0 ------------------
 inet 192.168.1.193 255.255.255.0 NONE
 up
 ---- hostname.axe0 ------------------
 up
And here is the endpoint of the etherip tunnel.
 ---- hostname.etherip1 --------------
 tunnel 172.16.54.254 172.16.54.1
 up
Then we build a [[bridge(4)>https://man.openbsd.org/bridge.4]] between the L2 endpoint and the physical device.
 ---- hostname.bridge1 ---------------
 add etherip1
 add axe0
 up
Finally, we configure sysctls.
 ---- sysctl.conf --------------------
 net.inet.ip.forwarding=1
 net.inet.etherip.allow=1
The configuration of the venue side is almost the same as the studio side. Overall, the configuration is symmetrical. 
 ---- hostname.msk0 ------------------
 inet 192.168.1.193 255.255.255.0 NONE
 ---- hostname.axe0 ------------------
 up
 ---- hostname.etherip0 --------------
 tunnel 172.16.54.1 172.16.54.254
 up
 ---- hostname.bridge0 ---------------
 add etherip0
 add axe0
 up
 ---- sysctl.conf --------------------
 net.inet.ip.forwarding=0
 net.inet.etherip.allow=1

''The Result''~
~
With the combination of WireGuard+EtherIP, we were able to transmit video and audio in good condition.~
~
We transmitted a stream of about 25 Mbps on a line with a bandwidth of over 100 Mbps.~
~
However, we found that the video and audio transmissions were very sensitive to fluctuations in the time axis.~
In addition to the VPN line, we had an SSH connection for maintenance purposes, but when a certain amount of data was transmitted over this SSH line, the VPN packets would wait, causing the video to freeze for a short time.~
In order to solve this problem, we will need to use [[pf(4)>https://man.openbsd.org/pf.4]] to control packet priority.~
This will be an issue for next time.~
~
|CENTER:|CENTER:|c
|Video encoder+VPN endpoint|VPN endpoint+Video decoder|
|&ref(pix-encoder.jpg,,40%);|&ref(pix-decoder.jpg,,40%);|
|~|The venue|
|~|&ref(pix-venue.jpg,,40%);|
Lastly, I would like to discuss the benefits of using FuguIta.~
At each stage of designing, building, and deploying a VPN, we had multiple network configurations and needed to quickly switch between them or migrate the configurations between devices. FuguIta's usbfadm and gennetconfs/chnetconf tools made it possible for us to do these tasks quickly.

//
- Could you share your WireGuard's hostname.if(5) and pf.conf(5), for others to learn the setup? #FuguIta -- [[Alex]] &new{2021-11-02 (Tue) 21:41:36};
- Okay Alex, wait please. #FuguIta -- [[kaw]] &new{2021-11-02 (Tue) 22:47:07};
- added description for setup. pf.conf(5) doesn't have been modified. I left it default. #FuguIta -- [[kaw]] &new{2021-11-03 (Wed) 12:04:43};

#comment

**English version of FuguIta Guide [#bccea5b7]
>[[kaw]] (2021-11-02 (Tue) 11:41:34)~
~
[[English translation of #FuguIta Guide>https://liquorstane.ynh.fr/fuguita/]] is now available.~
This was made possible by the generous effort of Alfredo Vogel.~
~
I would like to express my gratitude to him for his great contribution.~

//

#comment

**FuguIta 7.0 [#j6bbf307]
>[[vanitarium]] (2021-10-27 (Wed) 20:54:43)~
~
#FuguIta I had a kernel panic because it did not find the wifi firmware: it returned that firmware folder was empty. Maybe it is the wrong URL? #FuguIta~
Correct URL is firmware.openbsd.org/~

//
- #FuguIta solved... dns name server error -- [[vanitarium]] &new{2021-10-27 (Wed) 21:39:35};

#comment

**FuguIta 7.0 [#q4e9d267]
>[[kaw]] (2021-10-19 (Tue) 23:30:02)~
~
#FuguIta-7.0-{i386,amd64} are currently under testing. They are available in the test directory of the download mirror.~
~
We look forward to your trial reports.~

//
- Should I use /mnt/livecd-config/7.0/amd64/noasks or copy it in /mnt directory? #FuguIta -- [[m3th]] &new{2021-10-31 (Sun) 03:57:29};
- #FuguIta : You should locate noasks at either /mnt or /mnt/livecd-config/7.0/amd64 . -- [[kaw]] &new{2021-11-01 (Mon) 13:31:18};

#comment

**Translate and host user guide help [#t669a2da]
>[[Vanitarium]] (2021-09-13 (Mon) 18:46:22)~
~
#FuguIta I am offering you to translate and edit the Japanese version into English and host it on my server. I can set it up as a wiki or a website. If you are happy with that let me know so I can let you proofread it and ok it.~

//
- Thank you #FuguIta for replying. I am working at it now -- [[Vanitarium]] &new{2021-09-14 (Tue) 17:23:33};
- Thank you for starting to work on it. I'm sure it will be beneficial to many #FuguIta users. &br; So please let me know when the translation is all done and ready for review.-- [[kaw]] &new{2021-09-14 (Tue) 19:03:28};
- Thank you#FuguIta for replying.I am working at it now -- [[Vanitarium]] &new{2021-09-14 (Tue) 23:41:06};

#comment

**login prompt [#leda1fdc]
>[[m3th]] (2021-08-10 (Tue) 03:32:55)~
~
Without typing anything, can I see the login prompt like OpenBSD?~
This is my request. Without my help, mum can use Fuguita.~
~
#FuguIta~

//
- That's exactly what I did for my mother. Please see the following tweets - https://twitter.com/yoshi_kaw/status/1206620780697505792~
~
To accomplish this, you need to~
~
1. boot #FuguIta normally and set up an operational environment.~
2. save that environment with usbfadm sync.~
3. set up this environment so that it is automatically loaded at boot time and automatically saved when it shutdown.~
~
In other words, this is to do everything described in the [["Start Guide">FuguIta/StartGuide]].~
~
This will allow you to get to the login prompt without any human interaction.~
~
In addition, by adding the DisplayManager.*.autoLogin entry in the /etc/X11/xenodm/xenodm.config file, you can start using X without a login prompt.~
For more information on this, see the online manual xenodm(1).~
~-- [[kaw]] &new{2021-08-12 (Thu) 06:04:43};

#comment

**The file layouts of FuguIta [#u7361335]
>[[kaw]] (2021-05-25 (Tue) 12:41:15)~

Now, I will try to describe the file layout structure of #FuguIta.

The first figure shows the file layout in boot mode 0 (Click the figure to enlarge).~
As examples, the paths /bin/ed, /usr/bin/vi, and pkg_added /usr/local/bin/emacs are shown.
#ref(fi-filesys-mode0.png,wrap,around,left,50%)
The root file system is rd(4). This rd(ram disk) device is attached to the kernel and has been already mounted from the system boot time.
Under the root, there is an unfamiliar directory called "boottmp".
This is where you will find the commands needed at the very beginning of the system boot, and utilities specific to FuguIta.

The FuguIta device itself, a DVD or USB flash drive, which holds the boot loader, OS kernel, and file system images. It is mounted read-only on /sysmedia.

The filesystem image in /sysmedia is mapped to /dev/vnd4 and mounted on /fuguita. This is the OpenBSD file tree. This is pretty much as it should be, except for a few modifications to fit to the live system. Also, this is read-only. So no files can be created, modified, or deleted under it.

/ram is a memory file system called TMPFS (temporary file system), which is both readable and writable.
Files that need to be modified, such as /etc/*.conf, your own data under /home/YOU, and the pkg_added program, are located on this. In addition, files that are rarely modified are replaced by symbolic links towards equivalent files in /fuguita. This will reduce the memory usage of TMPFS.
#img(,clear)
~
#ref(fi-filesys-mode1.png,wrap,around,left,50%)
Next is boot mode 1.
This is the same as mode 0, but /usr is symbolically linked to /fuguita/usr.
This makes the boot faster and uses less memory than mode 0 by not copying/linking /usr to /ram.
However, /usr/local is not writable, so pkg_add is not possible.
#img(,clear)
~
#ref(fi-filesys-mode2.png,wrap,around,left,50%)
Finally, there is boot mode 2.
This is much simpler than modes 0 and 1.
Only / and /ram are mounted, and all external devices are unmounted.
Of course, all files can be modified.
#img(,clear)
~
Note that usbfadm sync will only save the data that exists in /ram TMPFS at boot mode 0, 1, or 2.

//

#comment

**How to change encrypt password [#qeddb53c]
>[[m3th]] (2021-05-21 (Fri) 04:40:05)~
~
Can I change password ?~
Should I use newdrive command again? ~
I might lose data, if I mistake. ~
#FuguIta~

//
- Use bioctl command with -P option.~
https://man.openbsd.org/bioctl.8
~-- [[kaw]] &new{2021-05-21 (Fri) 14:19:05};
- I changed password. Now, I can not reply 6.9 thread. I noticed that my /mnt/something directories are deleted when I reboot #FuguIta. Should I create them in /ram/home/m3th directory instead of /mnt -- [[m3th]] &new{2021-05-23 (Sun) 03:31:35};
- According to [[hier(7)>https://man.openbsd.org/hier]], /mnt is "Empty directory commonly used by system administrators as a ''temporary'' mount point".&br;usbfadm will only store files and directories that exist in tmpfs mounted in /ram. (excluding /tmp, which is also for temporary use).&br;>'''Should I create it in the /ram/home/m3th directory instead of /mnt?'''&br;Yes, I think that is the proper way. -- [[kaw]] &new{2021-05-23 (Sun) 23:14:53};

#comment

----
Former articles are at [[FuguIta/BBS/10]].
----
Return to [[Top>Welcome]]

Front page   New Page list Search Recent changes   Help   RSS of recent changes