Digitalocean images freebsd
FreeBSD is officially supported by digitalocean.
This page documents some quirks and workarounds.
Login
login as
freebsd
on first build
Enabling IPV6
DigitalOcean offers 16x free ipv6 addresses with each droplet.
This has instructions, also see the Official digitalocean ipv6 guide.1. Set Static IPs, and default routes
You can find the IP addresses, and netmasks on your droplet's Network page.
# /etc/rc.conf defaultrouter="${IPV4_DEFAULTROUTER}" ipv6_defaultrouter="${IPV6_DEFAULTROUTER}" ipv6_activate_all_interfaces="yes" ifconfig_vtnet0="inet ${IPV4_ADDR} netmask ${NETMASK}" ifconfig_vtnet0_ipv6="inet6 ${IPV6_ADDR} prefixlen 64"2. Enable IPV6 gateway
If moving packets between network inferfaces, enable gateway for ipv6.
# /etc/rc.conf # if moving packets between ifaces gateway_enable="YES" ipv6_gateway_enable="YES"3. Create network interface aliases for all ipv6 addresses.
If you plan to use more than one of the 16 assigned ipv6 addresses, create network interface aliases for them.
# /etc/rc.conf # create public ipv6 aliases ifconfig_vtnet0_alias0="inet6 ${YOUR_DO_IPV6}:f002 prefixlen 64" # OR ifconfig_vtnet0_aliases="\ inet6 ${YOUR_DO_IPV6}:f002 prefixlen 64 \ inet6 ${YOUR_DO_IPV6}:f003 prefixlen 64 \ inet6 ${YOUR_DO_IPV6}:f004 prefixlen 64 \ inet6 ${YOUR_DO_IPV6}:f005 prefixlen 64 \ inet6 ${YOUR_DO_IPV6}:f006 prefixlen 64 \ inet6 ${YOUR_DO_IPV6}:f007 prefixlen 64 \ inet6 ${YOUR_DO_IPV6}:f008 prefixlen 64 \ inet6 ${YOUR_DO_IPV6}:f009 prefixlen 64 \ inet6 ${YOUR_DO_IPV6}:f00a prefixlen 64 \ inet6 ${YOUR_DO_IPV6}:f00b prefixlen 64 \ inet6 ${YOUR_DO_IPV6}:f00c prefixlen 64 \ inet6 ${YOUR_DO_IPV6}:f00d prefixlen 64 \ inet6 ${YOUR_DO_IPV6}:f00e prefixlen 64 \ inet6 ${YOUR_DO_IPV6}:f00f prefixlen 64"4. Create network aliases for ipv4 jails (if not vnet jails)
If hosting regular non vnet jails, you may need to create ipv6 aliases for your jails.
# /etc/rc.conf # create private ipv4 clone addrs cloned_interfaces="${cloned_interfaces} lo1" ifconfig_lo1_aliases="\ inet 192.168.32.1/24 \ inet 192.168.32.2/24 \ inet 192.168.32.3/24 \ inet 192.168.32.4/24 \ inet 192.168.32.5/24 \ inet 192.168.32.6/24 \ inet 192.168.32.7/24 \ inet 192.168.32.8/24 \ inet 192.168.32.9/24 \ inet 192.168.32.10/24 \ inet 192.168.32.11/24 \ inet 192.168.32.12/24 \ inet 192.168.32.13/24 \ inet 192.168.32.14/24 \ inet 192.168.32.15/24"5. Adjust firewall
Make sure your firewall allows expected traffic through ipv6
sudo pfctl -sr # examine rules6. Restart your network and test
# restart networking sudo service netif restart sudo service routing restartAfter adding ip aliases, I needed to reboot to be able to SSH again.
WARNING:
In FreeBSD-12.1 images, digitalocean adds their own service that wipes your network config every reboot.
disabling the service in/etc/rc.conf
had no effect.
I needed to rename the service to stop it from wiping my network configuration.mv /usr/local/etc/rc.d/digitalocean /usr/local/etc/rc.d/digitalocean.orig