Notes on getting NanoBSD up and running on my Soekris 4801 box as a NAT/ etc box. I wanted to configure it as a NAT box with a DHCP server, relying on external DHCP to pick up its address. I ran into at least one nit: some CF cards probe as ATA masters, and some as slaves, and the one I bought probed as a slave. Using the GEOM_VOL support meant I didn't have to frob a lot of configuration files. Modified src/tools/tools/nanobsd/make.conf: - Use KERNCONF?=UP rather than GENERIC, and configured UP to use a non-debugging, UP kernel. Might want to use the GEODE CPU type. Also compiled with options GEOM_VOL. - #'d out NO_KLDLOAD and the NANOBSD_PRUNE entry for usr/share/misc. - Enabled WITH_GEOM_VOL, as my cfcard flash card probes as ad1 not ad0. Requires kernel configuration change above. - Added NET4801 to the CUSTOMIZE= list. - Enabled CUSTOMIZE_ARGS=${.CURDIR}/localfiles. Created a src/tools/tools/nanobsd/etc directory, and placed in it an rc.conf file: sendmail_submit_enable="NO" sendmail_msp_queue_enable="NO" firewall_enable="YES" firewall_type="/etc/ipfw.conf" natd_enable="YES" natd_flags="-dynamic" # Necessary because of rc.d/natd bug natd_interface="sis0" gateway_enable="YES" ifconfig_sis0="DHCP" ifconfig_sis1="inet 192.168.100.1 netmask 255.255.255.0" ifconfig_sis2="inet 192.168.200.1 netmask 255.255.255.0" dhcpd_enable="YES" dhcpd_withuser="_dhcp" dhcpd_withgroup="_dhcp" Placed an ipfw.conf file in etc: add 5000 divert natd all from any to any via sis0 add 5001 allow all from any to any Placed a dhcpd.conf file in etc: option domain-name "test.network"; # Customize option domain-name-servers 192.168.4.1; # Customize default-lease-time 600; max-lease-time 7200; authoritative; ddns-update-style none; # External network subnet 192.168.16.0 netmask 255.255.255.0 { } # First internal interface subnet 192.168.100.0 netmask 255.255.255.0 { range 192.168.100.100 192.168.100.200; option routers 192.168.100.1; option broadcast-address 192.168.100.255; } # Second internal interface subnet 192.168.200.0 netmask 255.255.255.0 { range 192.168.200.100 192.168.200.200; option routers 192.168.200.1; option broadcast-address 192.168.200.255; } Created packages sub-directory, and placed the isc-dhcp3-server-3.0.2_7.tbz package in that directory. Populated localfiles with a list of files to install: @packages/* etc/rc.conf /etc/rc.conf etc/ipfw.conf /etc/ipfw.conf etc/dhcpd.conf /usr/local/etc/dhcpd.conf Remaining nits: - I ran into several dhclient-related nits. Among them that dhclient exits on no link with the new dhclient revision, and devd isn't built for NanoBSD because it relies on C++. As a result, if the link disappears on the external interface, dhclient is never re-launched. - Another nit is that I use a custom "ether XXX" entry as well as DHCP on sis0. As a result, natd doesn't auto-detect a dynamic interface, so I have to manually force that. - I get savecore warnings on boot because no dump partition is configured: Loading configuration files. kenv: unable to get dumpdev No suitable dump device was found. ... /etc/rc: WARNING: Dump device does not exist. Savecore not run. I'm not sure why this is worth a warning. - I get sendmail warnings every boot: sendmail: execing /usr/libexec/sendmail/sendmail: No such file or directory It's not yet clear to me why that happens -- there's insufficent debugging information from rc.d. - Packages with user/group creation appear not to work with NanoBSD, so I have to force the re-use of an existing user/group or modify my src tree. - Incremental re-builds fail on this system without toasting the installworld because of attempts to re-install the ISC dhcpd package, which causes customization to fail. - At boot, ATA reported the following errors: ad1: FAILURE - SETFEATURES ENABLE RCACHE status=51 error=4 ad1: FAILURE - SETFEATURES ENABLE WCACHE status=51 error=4 Is this really a FAILURE or should it be a warning?