IP addresses, partitions

From JonDonym Wiki
Jump to: navigation, search

JonDos GmbH thanks www.secure-internet.org for the right to publish the following article. We made some changes in it but the original text was provided by www.secure-internet.org

navigation: Main Page | FreeBSD and Jails

Contents

Planning of IP addresses, network adapters and partitions

IP addresses

Planning usage of IP addresses is simple. You need at least one IP address for the FreeBSD host system and you need one further IP address for each FreeBSD jail. If you intend to run other services than JonDonym mixes in additional jails you, of course, will also need at least one IP address for each additional BSD jail (and maybe further for services running in those jails).

You need at least 1 IP address for each jail but beyond this IP address you can assign additional IP addresses to jails as well.

Network adapters

If you have only one network adapter in your hardware that's okay. All IP addresses then will get assigned to this network adapter. As an alternative you also could use more than one network adapter and then split IP address assignments to those adapters. But to be clear: only one adapter is required.

Hard disc partitioning and master boot records

It would be best if your provider could make sure that the hard disc in your machine has NO master boot record and NO boot manager on it. Often, MBRs and boot managers are left from previous server usage but this could – in some cases – lead you to a situation where you can't make FreeBSD overwriting the existing MBRs or boot managers. You then get stuck after finishing the installation and rebooting because the boot process just runs into the old boot manager and/or MBR and your freshly installed FreeBSD will not get booted though it is available. Instead any Linux or other boot menu will friendly wink at you and make you hating it.

It would be best if you tell your provider about this (even if he promises to install a new out-of-the-box hard disc) since otherwise he maybe will not care enough on this point (thinking that Linux can overwrite existing boot managers / MBRs). But you will not install Linux. You're going to install FreeBSD.

Hard disc partitioning

It is strongly recommended to plan hard disc partitioning before the FreeBSD host system gets set up because it can cause unnecessary headache to change the partition table later. Best is, to first plan the partition table and then edit the partition table during the setup process for the host system. Through this you avoid trouble.

For the same reasons a preinstalled FreeBSD (preinstallation by your rootserver provider) will most likely run you into trouble. Your provider most probably would create partitions as proposed by the installer program and through this you'd be at the same point as described above: you'd need to change the partition table with the possible loss of data resulting in a no longer working FreeBSD host system.

But there's also another consideration why to set up the host system on your own: If your provider sets up the host system you can never be sure whether or not he still has access to the host system even if he handed the root password over to you and you changed it.

So the best way still is setting up the whole FreeBSD host system via the KVM console access your provider hopefully provides you. If your provider definitely doesn't allow you to setup the system that way you maybe should ask yourself if it would not be better to get another provider. Alternatively, you could use a system with a second hard disc and have the preinstalled system only on the first disc.

If your provider insists on giving you the server only as „managed server“ (meaning he will have root access to the host system) you should refuse. Reason: It's correct that you will be the only person having the pass phrases to enter the encrypted jail partitions but once you entered the pass phrases, your provider would be able to access the jail data, too, as soon as he logs into the running host system.

The following example assumes you have a small and only hard disc of only 160GB (which is by far enough to run FreeBSD and two mixes in two jails).

All examples are to demonstrate the installation of the host system, two BSD jails with each an encrypted partition and installation of one mix in each BSD jail.

The FreeBSD host system doesn't need much disc space. If you plan the following partitions, you'll get along with everything:

Mountpoint Filesystem Soft-Updates Part Size
/ UFS2 Y 4 GB
SWAP none 4GB (will get encrypted later)
/var UFS2 S Y 4 GB
/tmp UFS2 S Y 512MB (will later get replaced by memory disc)
/usr UFS2 S Y 50GB (can be smaller)
/jails/mix1 UFS2 S Y 20GB (can be smaller, will get encrypted later)
/jails/mix2 UFS2 S Y 20GB (can be smaller, will get encrypted later)
/rest UFS2 S Y omething around 60GB, free for other usage

To get along while running through the setup process with the FreeBSD installer program you should also know the naming conventions in the FreeBSD world regarding partitioning to not get confused:

„slices“ in the FreeBSD world are, what in other worlds is named „physical partitions“. „partitions“ in the FreeBSD world are, what in other worlds is named „logical partitions“.

Please note that on one hard disc there can only be up to 4 slices and one slice can „contain“ only up to 8 partitions. This means, you'll have to spread the partitions listed above to at least two slices where it would be best to have the first 4 partitions in slice 1 and the other 4 partitions in slice 2.

Further details will be given when we go through the installer program.

Personal tools