flashrd is an OpenBSD installer tailored for flash-backed devices that have at least 1Gb of flash and 128Mb of RAM. Here's the project's homepage.
Download the flashrd binary images.
Backup the existing flash cards using dd.
dd the new flashrd images to the existing flash cards.
Mount the flash cards, boot into single user mode, or boot the flash card using qemu, then modify /etc/ttys as follows:
19c19 < tty00 "/usr/libexec/getty std.9600" unknown off --- > tty00 "/usr/libexec/getty std.9600" vt220 on secure
Add this to /flash/etc/boot.conf: (/flash is on /dev/wd0a)
set timeout 5 stty com0 9600 set tty com0
Plug the flash cards into the existing devices, boot as follows:
boot> set tty com0 switching console to com0 >> OpenBSD/i386 BOOT 3.02 boot> boot booting hd0a:/bsd: 10707316+1055248 [52+360656+344597]=0xbe4014 entry point at 0x200120
To boot the older flash images, "boot -s" and then "/stand/rc" or "sh /etc/rc". If you need to use the network, remember to do "pfctl -d".
Once you have a serial console on the new image, copy /etc/hostname.*, /etc/ssh/*key*, and /root/.ssh/authorized_keys to the new image from the old image. Upon reboot you should be able to log in.
Files to copy from /etc:
hosts x dhcpd.conf x resolv.conf x myname x rc.conf.local x pf.conf x localtime x snmpd.conf x rtadvd.conf x hostname.* master.passwd x ntpd.conf x passwd x ttys x sysctl.conf x mygate x dnsmasq.conf x
Packages to install:
export PKG_PATH=ftp://ftp.openbsd.org/pub/OpenBSD/4.7/packages/i386/ pkg_add -v dnsmasq lsof curl bash iperf isc-dhcp-server net-snmp ngrep bwm-ng
Sonic has a example ipv6 tunnel configuration generator for OpenBSD, but it only gives the pre-4.7 syntax. Here's how r00ter is configured, and these settings should work for any 4.7 or up installation, including recent flashrd builds.
Note that regardless of what the ISP tells you to use as your subnet, you have to use a prefix length of /64 for automatic address configuration to work. If you have a DHCPv6 server you can do whatever you want, though.
tunnel 188.8.131.52 184.108.40.206 inet6 alias 2001:5a8:0:1::ac7 prefixlen 127
/etc/pf.conf: You also have to make sure that any nat rules for your regular IPv4 traffic explicitly say "inet" only instead of all protocols, otherwise pf will try to nat the ipv6 packets too.
pass in quick on gif0 inet6 keep state pass in quick on $ext_if proto ipv6 pass out quick on $ext_if proto ipv6