Dave Eckhardt's EL-20-3700-32GB FreeBSD page



Overview

This page briefly describes how to install FreeBSD 11.1-RELEASE on a Gigabyte EL-20-3700-32GB, a small fanless x86-64 machine which can serve as a home NAT gateway router. The machine is billed as an "IoT gateway", whatever that means. For my purposes, it has too many HDMI ports (two), insufficient Ethernet ports (two), and extremely sparse documentation. But it is small and fanless and easy to install FreeBSD on.

Ingredients

  1. You will need a FreeBSD installer image on a memory stick. I chose FreeBSD-11.1-RELEASE-i386-memstick.img on the theory that the machine has only "32-bit infinity" of RAM, so there is no need to pay the 64-bit pointer-bloat tax for a machine that will just forward packets.

  2. I bought my machine from Amazon; I think it is "rev. 1", which contains 4GB of RAM but no pre-installed wireless interface, whereas apparently "rev. 2" is the other way around. Anyway, make sure your machine has RAM or it will be a short trip.

  3. You will need an HDMI cable and an HDMI monitor (or TV).

  4. You will need a USB keyboard and a USB mouse.

Steps

  1. I had no trouble getting the installer started -- just hit F12 to pick your boot device and you're off.

  2. You will need to pick a hostname.

  3. FreeBSD 11.1 had no trouble finding the internal eMMC storage, so I told it to install to mmcsd0, "entire disk", GPT. The installer suggested a 512KB (!) boot partition, 1.1GB of swap, and a single root file system for the remaining space. I accepted its suggestion (which differs from the material in the FreeBSD Handbook).

  4. The installer offers things other than base/kernel/ports, but those things aren't on the memory-stick image, so don't bother selecting them.

  5. The installer offers you a list of network interfaces to configure. As it turns out, it will configure exactly one interface (if you manually go back and do a second one it will lose the configuration you did for the first, so don't bother).

  6. For the "start at boot" settings (actually: /etc/rc.conf directives), I chose just sshd (which triggers key generation) and "dumpdev" (which is a flag, not a server).

  7. For "system hardening" I picked:

    • clean the /tmp filesystem on system startup
    • disable opening Syslogd network socket
    • disable Sendmail service

  8. I added a user account (you may want to do this, since root logins via SSH are probably disabled; if you do this, you probably want to "invite" the non-root user to the "wheel" group).

  9. The installer consumed around 1.4GB and left around 25GB free.

  10. The installer didn't ask me whether I wanted to install a BIOS-bootable OS or an EFI-bootable OS. I ended up with a non-bootable system because the machine is set to EFI boot by default and it didn't see any bootable EFI partitions. You can get into the machine setup by hitting "Del" as it comes up; then in "Setup", "Advanced", "OS Selection", change "OS Selection" from "UEFI System" to "Legacy System" (other options are "Linux" and "Android", which seems a little muddled, but there you have it).

  11. As soon as you boot (or maybe sooner), check the date. Though I had carefully set the BIOS clock to UTC before starting, and told the FreeBSD installer that the BIOS clock was set to UTC, somehow my machine ended up in the future (yuck).

  12. I noticed that sshd ends up listening on *.ssh, which is less than ideal for a machine with two network interfaces, one of which will face the public Internet, so I edited /etc/rc.conf to set sshd_flags="-4 -o'ListenAddress 192.168.1.1'".

  13. Now you should be in business, perhaps interested in things like: 

    $ /usr/sbin/pkg
$ pkg update
$ pkg search dhcp
$ pkg install isc-dhcp43-server

Best viewed with any browser Proud Donor
davide+receptionist@cs.cmu.edu