From PrgmrWiki
(Redirected from Netbsd)

PV and HVM Virtualization

For the rest of this document, we assume that you have a VPS in PV (paravirtualized) mode. We have a page PV and HVM Virtualization describing the two virtualization types supported by Xen: PV and HVM. While it is possible to install NetBSD on an HVM VPS, at the present time we strongly recommend installing NetBSD on a PV VPS for performance reasons. Installing under HVM with a netboot installer is not yet documented.

Legacy Grub (pv-grub) or Grub2?

Legacy GRUB, also referred to as pv-grub, requires a separate boot partition formatted as ext2 that contains the grub config file and the kernel to be booted. While seeming more awkward, pv-grub is currently the mainstream approach.

Using GRUB 2 requires a separate step at the end to download the Xen kernel and configure a grub config file; this is more about the defaults in the install process scripting than what is or isn't simpler. With GRUB 2, the grub process started from the dom0 reads the NetBSD root filesystem to find the grub config file and then the kernel. The advantage is that no separate boot ext2 partition is needed.

Issues with pv-grub

After installing via pv-grub, the system boots fine. Running fsck_ext2fs under NetBSD shows some minor issues. It is not clear how serious these are, and if they should be left or fixed. One has to modify the boot partition to update to a new NetBSD kernel, typically writing it from NetBSD to do so, and the pv-grub started by Xen has to read the partition to read the kernel. Advice for now is not to change anything with fsck.

\todo Resolve the fsck issues in terms of an ext2 specification and whether there are bugs in the mkfs used in the install vs. NetBSD's in-kernel implementation and/or NetBSD's fsck_ext2fs.

Issues with grub2

This approach does not seem to work. grub2 complains about not being able to find the Xen ELF note.

\todo Verify this, or add reports of this working. With grub2, I got an error about a failure to find a xen ELF note.


Booting NetBSD installer (PV)

From the Management Console, select the option labeled "install new OS image". Select the version of NetBSD you wish to install from the list of operating systems. Note that this doesn't install the OS; it installs a kernel that will boot into the NetBSD installer. This also partitions your drive for use with pvgrub and adds a menu.lst. Once the install is finished, go back to the main menu, and use the option "create/start" to boot. Once the system is booted to a pvgrub menu, select the entry containing the word "install".

Overall instructions

Before you perform the installation, you should disable privacy extensions for autoconfigured IPv6 addresses. Such temporary addresses are not usable for a VPS. From the utility menu, select Run /bin/sh. At the shell prompt, execute the following command: sed -i 's/^slaac private/slaac hwaddr/' /etc/dhcpcd.conf

A tutorial for the netbsd installer is at

When prompted, install to xbd0.

Partitioning for pv-grub (for NetBSD < 9.0)

When prompted, select 'Use existing partition sizes'. Your root device should be on partition 'a'. Please refer to for more information on partitioning

When editing partition 'a', the following is known to work:

  • Use 'FFSv2' for FStype
  • Set 'start' to e (for end of partition e)
  • Set 'end' to -1 (for full disk)
  • Set 'mount' to 'yes'
  • Set 'mount point' to '/'

This partition scheme should work and was made for a 4GiB disk:

 We now have your BSD disklabel partitions as:                                 
 This is your last chance to change them.                                      
    Start  MB   End  MB  Size  MB FS type    Newfs Mount Mount point           
    --------- --------- --------- ---------- ----- ----- -----------           
 a:        34      4095      4061 FFSv2      Yes   Yes   /
 b:         0         0         0 unused
 c:         0      4095      4096 NetBSD partition
 d:         0      4095      4096 Whole disk
 e:         3        33        30 Linux Ext2
 f:         0         0         0 unused
 g: Show all unused partitions
 h: Change input units (sectors/cylinders/MB)
>x: Partition sizes ok

You may choose whatever options you want as long as the Linux Ext2 partition is preserved as-is. If the boot partition is formatted or removed, however, you will be unable to boot.

Note that in the above example, the boot partition (e) is actually in lower-numbered sectors, with the NetBSD root partition (a) later in the disk. This does not bother NetBSD, and \todo perhaps is necessary for grub. Also note that in addition to disklabel, there is an MBR partition table, with two "Linux" (sysid 131) partitions. The first is the boot partition, aliased by e above, and the second aliases the NetBSD a partition.

\todo Explain why the second, large, Linux partition isn't of type NetBSD.

Partitioning for pv-grub (for NetBSD 9.0 and above)

NetBSD 9.0 adds a screen that lets you set just the partition sizes. Ignore it, by selecting "x" to abort. The subsequent screen will let you edit your partitions in a manner similar to what is done for NetBSD 8.1 and below.

NetBSD now shows partition sizes in sectors. If you're more comfortable with megabytes, you can select that with the "change input units" option on the partitioning screens. Note that the unit is called megabyte in the NetBSD menus, though it is actually the mebibyte.

In NetBSD 9 and greater, the first EXT2 partition is partition c, and the second EXT2 partition is partition d.

  • Select partition d, and delete it.
  • Then select partition a. Values such as the filesystem type and mountpoint are already set.
  • Change the start to "c", I.E., the end of partition c.
  • Change the size to -1.

Partitioning for grub2

Your root device should be on partition 'a'. To our best knowledge, you may install with whatever options you choose as long as the first partition has room for the netbsd kernel (approximately 8MiB) and the file system is compatible with grub2.
Please refer to for more information on partitioning

Example of working partition scheme:

 We now have your BSD-disklabel partitions as:
 This is your last chance to change them.
    Start  MB   End  MB  Size  MB FS type    Newfs Mount Mount point
    --------- --------- --------- ---------- ----- ----- -----------
 a:         0      2815      2816 FFSv2      Yes   Yes   /
 b:      2816      3071       256 swap
 c:         0      3071      3072 NetBSD partition
 d:         0      3071      3072 Whole disk
 e:         0         0         0 unused

Continuing Install

Only choices that need to be a particular value are called out here.

NetBSD 6

  • For "Bootblocks selection" , select "Use existing bootblocks"
  • "Install from" FTP or HTTP
  • Press enter to use the xennet0 device
  • Press enter for the "Network media type"
  • Select "yes" for DHCP configuration
  • Select "no" for IPv6 autoconfiguration

NetBSD 7 and NetBSD 8

  • For "Bootblocks selection" , select "Use existing bootblocks"
  • "Install from" FTP
  • Select "Configure network"
  • Press enter to use the xennet0 device
  • Press enter for the "Network media type"
  • Select "yes" for auto configuration
  • Select "Get distribution"

Be sure to add at least one user account. On NetBSD 7, root login is disabled by default even if you set the root password. If you wish to log in as root you must specifically enable root login after you've logged in with the new user.

Fixing IPv6

You also need to disable SLAAC privacy addresses for the target system. From the utility menu, select "Run /bin/sh", and run the following sequence of commands at the shell prompt:

mount /dev/xbd0a /mnt
sed -i 's/^slaac private/slaac hwaddr/' /mnt/etc/dhcpcd.conf
umount /mnt

Finishing install for grub2 bootloader only

After finishing the install, you will need to manually add the Xen kernel. Go to the "Utility Menu" and Enter a shell. Perform the following:

mount /dev/xbd0a /mnt
chroot /mnt
#NetBSD 7 (amd64)
#NetBSD 7 (i386)
#NetBSD 8 (amd64)
#NetBSD 8 (i386)
#Do not use if this fails
# Replace XEN3_DOMU.gz with XEN3PAE_DOMU.gz if on i386
grep "$(/usr/bin/cksum -a md5 netbsd-XEN3_DOMU.gz)" MD5
#Do not use if this fails
# Replace XEN3_DOMU.gz with XEN3PAE_DOMU.gz if on i386.
grep "$(/usr/bin/cksum -a sha512 netbsd-XEN3_DOMU.gz)" SHA512
mkdir /grub
echo "set default=0
set timeout=5
menuentry 'NetBSD, with kernel netbsd-XEN3_DOMU.gz ' {
        linux /netbsd-XEN3_DOMU.gz
}" > /grub/grub.cfg
rm MD5
rm SHA512
umount /mnt

Select "Back to main menu" and then "Halt the system". Wait for the VM to reboot.
Type 'ctrl-]' to exit back to the management console. From the management console, select

    4. force power off (destroy/hard shutdown)


set bootloader, rescue mode, or netboot installer

and select "GRUB2" as the bootloader. Go back to the main menu and select

    2. create/start, opens OOB console (try this if the machine is not running)

to start your VM.

Rescuing NetBSD install

For the legacy management console, the shell available from the NetBSD installer from the initial pv-grub boot menu may be used as a minimal rescue image, if the boot partition is intact and the grub config file is able to point to that install kernel.

If you are on the new management console, there's an additional option for rescuing that will work even if you're using GRUB2, and should work even if you have broken your boot partition. Select "set bootloader, rescue mode, or netboot installer". From the "BSD installers" menu, select the option corresponding to your version of NetBSD. You can then boot into that installer and use the shell for rescue purposes.

Loadable kernel modules prior to NetBSD 8.0

For NetBSD 7.x and older, loadable kernel modules for xen needed to be built with -DXEN, and the default build did not do this. See Among other things, this renders pf firewalling unusable under the default NetBSD kernel, as loading the pf module (modload /usr/lkm/pf.o) does not work. Building a new kernel with pf built-in should work, see (Alternatively, one can build modules with -DXEN, but almost certainly one should update to 8.1 instead.)

However, for NetBSD 8.0 and later, loadable kernel modules no longer have a notion of being for Xen or not for Xen, and do work under Xen, so the above note no longer applies.