I’ve been running ciscodude.net at a new location for about a month now. My setup is a little different than it was previously. Instead of a 2nd physical server in front of my VM host as firewall/ACLs, I’ve now got a virtual machine doing the same thing. The setup is the same other than that, OpenBSD firewall in front of Linux service VMs.
An issue which has occasionally popped up is that the internal side NIC of the firewall VM (which is a vio(4) interface) stops having access to its network. A quick
ifconfig down; ifconfig up fixes it for a while. I mentioned the issue to a colleague of mine, and he said there was a magic flag that was known to fix this issue. I found this blog post entitled “virtio NIC on OpenBSD 5.5-current” which documented how to set the flag on a
/bsd.rd for an in-place upgrade. My needs were slightly different, to fix the running kernel’s flag. Instead of running
config -ef /bsd.rd I ran
config -ef /bsd:
When you reboot you will see the following in
This confirms that you’ve got the flag activated.
I will update this if I notice anything peculiar.