トップ 差分 一覧 ソース 検索 ヘルプ RSS ログイン

FB10-tips

Web 認証ツール

pfSense

FreeBSD-10 の Tips

ディスクの使用量

FreeBSD 10.2 パーティションの使用量
未使用の場合
/          : 2.1G
/usr/src   : 1.9G ( freebsd のソース )
/usr/obj   : 3.3G ( buildworld した場合 )
/usr/ports : 2.1G + 3G 程度(コンパイルするとき)

/usr/local のサイズ
/var のサイズ

1パーティションで作成の場合には 24G+4G(SWAPサイズ) 30G 程度?? 

Buildworld,BuildKernel & Portsをビルドした後 ( /root/bin/mkisoimages.sh した後)
Filesystem     Size    Used   Avail Capacity  Mounted on
/dev/ada0p2     46G     26G     17G    61%    /
+ Swap + Home

ifconfig re0 media 1000baseTX mediaopt full-duplex

FB10 -> FB11 upgrade

Upgrading from FreeBSD 11.0-RELEASE

     # : > /usr/bin/bspatch
     # freebsd-update fetch
     # freebsd-update install
    
Upgrading from FreeBSD 10.3-RELEASE and Earlier

     # : > /usr/bin/bspatch
     ## freebsd-update upgrade -r 11.0-RELEASE
     # freebsd-update upgrade -r 11.1-RELEASE
     # freebsd-update install

     <reboot the system>
     # freebsd-update install
     <rebuild third-party software>
     # freebsd-update install

ports の管理

pkg install rsync
pkg install portsnap
pkg install subversion
pkg install portupgrade
pkg install python2
pkg install python3
#
# env HTTP_PROXY="http://192.168.100.10:18080" pkg install squid
# env HTTP_PROXY="http://192.168.100.10:18080" pkg install net-snmpd
# env HTTP_PROXY="http://192.168.100.10:18080" pkg install apcupsd
# env HTTP_PROXY="http://192.168.110.80:8080" pkg install py27-sqlite3

初回
portsnap fetch
portsnap extract

2回目移行
portsnap fetch
portsnap update
## env HTTP_PROXY="http://172.16.70.10:8080" portsnap fetch
## env HTTP_PROXY="http://172.16.70.10:8080" portsnap update
#
## rm /var/db/portsnap/tag           # アップデートがうまく行かないばあい
# env HTTP_PROXY="http://192.168.11.80:8080" portsnap fetch extract &
# env HTTP_PROXY="http://192.168.11.80:8080" portsnap fetch update &

pkg version -vL=
portupgrade -rR apache
# X 関連の build には 9Gbyte のHDDの空きが必要 ( /usr/ports で 11Gbyte 程度必要 )

src の管理

# cd /usr/src
# rm -rf *
# svn checkout svn://svn.FreeBSD.org/base/releng/10.1 /usr/src
#
# cd /usr/src
# svn update /usr/src
cd /usr/src
make update SVN_UPDATE=yes

/proc を使う

詳しくはFB-tips

/etc/fstab に以下を追加 
proc                /proc           procfs  rw,noauto       0       0
一時的に使う場合には 
# mount /proc

一つの Ether-net device に複数の IP を割り当てる

> ifconfig em0 alias 172.29.0.1 netmask 255.255.255.0

CPU の温度を測る

/boot/loader.conf に
## amdtemp_load="YES"
coretemp_load="YES"
を追加 ( どちらにするかは試す事 )

確認方法

# sysctl -a | grep temperature

# sysctl -a | grep temperature 
hw.acpi.thermal.tz1.temperature: 29.8C
hw.acpi.thermal.tz0.temperature: 27.8C
dev.cpu.1.temperature: 43.0C
dev.cpu.0.temperature: 45.0C

NTFS のマウント

$ kldload fuse
$ dmesg
....
fuse-freebsd: version 0.4.4, FUSE ABI 7.8
$ cat /etc/rc.conf
...
fuse_load="YES"
...
How to mountting
$ ntfs-3g -oro /dev/sda0s2 /mnt/ntfs
$ mount | grep ntfs
## 基本的には コマンドでマウントする もし自動でするのであれば
#### mount_ からプログラム名が始まっていないので、fstab に記載するには
#### mount_ntfs から  ntfs-3g へシンボリックリンクを作る必要がある。

Release ISO の作成

FB-bootdvdにまとめた


/boot/loader.conf

#RELOAD is
# service sysctl restart
#
# amdtemp_load="YES"
coretemp_load="YES"
# Accept filters for data, http and DNS requests
# Useful when your software creates process/thread on each request (i.e. apache)
# Note: DNS accf available on 8.0+
# Note: In case of badly written software this can increase performance, 
# but I still would recommend against using accept filters in production because of
# their opacity - they really break abstractions. Also it's not trivial to debug/monitor
# their state.
#accf_data_load="YES" 
#accf_http_load="YES"
#accf_dns_load="YES"

# Async IO system calls
aio_load="YES"

#  Linux specific devices in /dev
# As for 8.1 it only /dev/full 
#lindev_load="YES"

# Adds NCQ support in FreeBSD
# WARNING! all ad[0-9]+ devices will be renamed to ada[0-9]+
# 8.0+ only
#ahci_load="YES"
#siis_load="YES"

# FreeBSD 9+
# New Congestion Control for FreeBSD
cc_htcp_load="YES"
#cc_cubic_load="YES"

# Increase kernel memory size to 3G. 
#
# Use ONLY if you have KVA_PAGES in kernel configuration, and you have more than 3G RAM 
# Otherwise panic will happen on next reboot!
#
# It's required for high buffer sizes: kern.ipc.nmbjumbop, kern.ipc.nmbclusters, etc
# Useful on highload stateful firewalls, proxies or ZFS fileservers
# (FreeBSD 7.2+ amd64 users: Check that current value is lower!)
#vm.kmem_size="3G"

# If you have really busy forking webserver (i.e. apache13) you may run out of processes
#kern.maxproc=10000

# If your server has lots of swap (>4Gb) you should increase following value
# according to http://lists.freebsd.org/pipermail/freebsd-hackers/2009-October/029616.html
# Otherwise you'll be getting errors
# "kernel: swap zone exhausted, increase kern.maxswzone"
#kern.maxswzone="256M" 

# Older versions of FreeBSD can't tune maxfiles on the fly
#kern.maxfiles="200000"

# Useful for databases 
# Sets maximum data size to 1G
# (FreeBSD 7.2+ amd64 users: Check that current value is lower!)
#kern.maxdsiz="1G"

# Maximum buffer size(vfs.maxbufspace)
# You can check current one via vfs.bufspace
# Should be lowered/upped depending on server's load-type
# Usually decreased to preserve kmem
# (default is 10% of mem)
#kern.maxbcache="512M"

# Sendfile buffers
# Note: i386 only
#kern.ipc.nsfbufs=10240

# syncache tuning
net.inet.tcp.syncache.hashsize=32768
net.inet.tcp.syncache.bucketlimit=32
net.inet.tcp.syncache.cachelimit=1048576

# Send RST on listen queue overflow / memory shortage. 
# Hosts behind Load-Balancer should set it to 1 to fail fast.
# Hosts facing clients should set it to 0 for client to retry connection.
#net.inet.tcp.syncache.rst_on_sock_fail=0

# Increased hostcache
# Later host cache can be viewed via net.inet.tcp.hostcache.list hidden sysctl
# Very useful for it's RTT RTTVAR
# Must be power of two
net.inet.tcp.hostcache.hashsize=65536
# hashsize * bucketlimit (which is 30 by default)
# It allocates 255Mb (1966080*136) of RAM
net.inet.tcp.hostcache.cachelimit=1966080

# TCP control-block Hash table tuning
# See: http://serverfault.com/questions/372512/why-change-net-inet-tcp-tcbhashsize-in-freebsd
net.inet.tcp.tcbhashsize=524288

# Disable ipfw deny all
# Should be uncommented when there is a chance that
# kernel and ipfw binary may be out-of sync on next reboot
#net.inet.ip.fw.default_to_accept=1

#
# SIFTR (Statistical Information For TCP Research) is a kernel module that
# logs a range of statistics on active TCP connections to a log file.
# See prerelease notes:
# http://groups.google.com/group/mailing.freebsd.current/browse_thread/thread/b4c18be6cdce76e4
# and man 4 sitfr
#siftr_load="YES"

# Enable superpages, for 7.2+ only
# See: http://lists.freebsd.org/pipermail/freebsd-hackers/2009-November/030094.html
vm.pmap.pg_ps_enabled=1

# Useful if you are using Intel-Gigabit NIC
#hw.em.rxd=4096
#hw.em.txd=4096
#hw.em.rx_process_limit="-1"
#  Also if you have A LOT interrupts on NIC - play with following parameters
# NOTE: You should set them for every NIC
#dev.em.0.rx_int_delay: 250
#dev.em.0.tx_int_delay: 250
#dev.em.0.rx_abs_int_delay: 250
#dev.em.0.tx_abs_int_delay: 250
# There is also multithreaded version of em/igb drivers that can be found here:
# http://people.yandex-team.ru/~wawa/
#
# for additional em monitoring and statistics use 
# sysctl dev.em.0.stats=1 ; dmesg
# sysctl dev.em.0.debug=1 ; dmesg
# Also after r209242 (-CURRENT) there is a separate sysctl for each stat  variable;   
# Same tunings for igb
#hw.igb.rxd=4096
#hw.igb.txd=4096
#hw.igb.rx_process_limit=100

# Some useful netisr tunables. See sysctl net.isr
#net.isr.maxthreads=4
#net.isr.defaultqlimit=10240
#net.isr.maxqlimit=10240
# Bind netisr threads to CPUs
#net.isr.bindthreads=1

#
# FreeBSD 9.x+
# Increase interface send queue length
# See commit message http://svn.freebsd.org/viewvc/base?view=revision&revision=207554
net.link.ifqmaxlen=1024

# IPC prametor
kern.ipc.msgmnb=8192
kern.ipc.msgssz=64
kern.ipc.msgtql=2048

# Nicer boot logo =)
loader_logo="beastie"

sysctl.conf

# $FreeBSD: releng/10.1/etc/sysctl.conf 112200 2003-03-13 18:43:50Z mux $
#
# Ensure ZFS uses 4k block size
vfs.zfs.min_auto_ashift=12
kern.ipc.somaxconn=2048
# set to at least 16MB for 10GE hosts
kern.ipc.maxsockbuf=16777216
# socket buffers
net.inet.tcp.recvspace=4194304
net.inet.tcp.sendspace=2097152
net.inet.tcp.sendbuf_max=16777216
net.inet.tcp.recvbuf_max=16777216
net.inet.tcp.sendbuf_auto=1
net.inet.tcp.recvbuf_auto=1
net.inet.tcp.sendbuf_inc=16384
net.inet.tcp.recvbuf_inc=524288
# security
security.bsd.see_other_uids=0
security.bsd.see_other_gids=0
# drop UDP packets destined for closed sockets
net.inet.udp.blackhole=1
# drop TCP packets destined for closed sockets
net.inet.tcp.blackhole=2
# ipfw
net.inet.ip.fw.verbose_limit=3
# H-TCP congestion control algorithm
net.inet.tcp.cc.algorithm=htcp
# maximum incoming and outgoing IPv4 network queue sizes
net.inet.ip.intr_queue_maxlen=2048
net.route.netisr_maxqlen=2048

Tips

https://pleiades.ucsc.edu/hyades/FreeBSD_Network_Tuning

passwd の移行

master.passwd を
> pwd_mkdb -p /etc/master.passwd
実行

 FreeBSD チーミング

https://www.infraexpert.com/study/etherchannel1.html

https://www.cyberciti.biz/faq/freebsd-network-link-aggregation-trunking/

https://bompopo.wordpress.com/2012/01/25/freebsd-lagg%E3%81%AB%E3%82%88%E3%82%8B%E3%83%81%E3%83%BC%E3%83%9F%E3%83%B3%E3%82%B0%E8%A8%AD%E5%AE%9A/