Introduction to FreeBSD

light introduction to FreeBSD

FreeBSD: Not a Linux Distro, George Neville-Neil

FreeBSD is not a Linux distribution: Philip Paes

Convincing a Linux guy to use FreeBSD :-)

FreeBSD Kernel Internals, Dr. Marshall Kirk McKusick

An Overview of Locking in the FreeBSD Kernel - Kirk McKusick, EuroBSDcon 2012

An Overview of Security in the FreeBSD Kernel, Dr. Marshall Kirk McKusick

A Narrative History of BSD, Dr. Kirk McKusick

Systems, Science and FreeBSD, George Neville-Neil

The Realities of DTrace on FreeBSD, by George Neville Neil (EuroBSDcon 2017)

Tuning FreeBSD for routing and firewalling, by Olivier Cochard-Labbé (EuroBSDcon 2017)

Brian Kidney: The Realities of DTrace on FreeBSD - BSDCan 2017

What is FreeBSD by Gavin Atkinson

Case Study: Switching from Linux to FreeBSD

Jordan Hubbard - FreeBSD: The Next 10 Years

Rick Reed - WhatsApp: Half a billion unsuspecting FreeBSD users

LFNW 2018: Switching to the BSDs: A crash course in FreeBSD, FreeNAS, TrueOS and OpenBSD

Michael W. Lucas talks FreeBSD

The Trouble with FreeBSD

An introduction to the implementation of ZFS by Kirk McKusick

ZFS Internals Overview by Kirk McKusick

P01A: Institutionalizing FreeBSD Isolated and Virtualized Hosts -- Michael Dexter

P02A: Tuning FreeBSD for routing and firewalling -- Olivier Cochard Labbe

P03A: PC BSD evolves into TrueOS - Kris Moore

P04A: FreeBSD ARM32ARM64 Porting to a new board - Emmanuel Vadot

P05A: Profiling the FreeBSD kernel boot -- Colin Percival

P06A: Role based Access Control in BCHS Web Applications -- Kristaps Dzonsons

P07A: OpenBSD/x-ray: OpenBSD on medical x-ray machines -- Henning Brauer

P08A: Improving netdump hardware support and performance with iflib -- Sam Gwydir

P09A: Introducing FreeBSD VPC -- Sean Chittenden

AsiaBSDCon 2018 Work in Progress Session and Closing

AsiaBSDCon 2017 Opening - Hiroki Sato

P01A: Understandings NFSv4 ACLs - John Hixson

P01B: Bulk building in the many core era - Joerg Sonnenberger

P01C: OpenBSD pf+rdomains create splendid multi tenancy firewalls - Philipp Buehler

FreeBSD network tuning

Network performance

https://cooltrainer.org/a-freebsd-desktop-howto/

http://www.packetwatch.net/documents/guides/2008030201.php

Firewalling with OpenBSD's PF packet filter

Building-bsd-home-router-pt-4-installing-pfsense/

comparative-introduction-to-freebsd-for-linux-users

How to clean and rebuild all ports with Portmaster

http://www.wonkity.com/~wblock/docs/html/disksetup.html

schedule-tasks-with-crontab

Freebsd router step by step

The pain of a Realtek (RTL8111/RTL8168) ethernet card

Mounting drive with ext4 filesystem

Change permissions

Freebsd on the Thinkpad x240

How to Become a FreeBSD Committer

Boot Freebsd

Debug System Call

Open System Call

https://www.digitalocean.com/community/tutorials/how-to-install-and-manage-ports-on-freebsd-10-1

https://bsdimp.blogspot.cz/2007/10/building-bootable-freebsdi386-images.html

https://www.cl.cam.ac.uk/research/security/ctsrd/pdfs/201403-asiabsdcon2014-freebsd-smp-boot.pdf

https://www.bsdcan.org/2008/schedule/attachments/49_2008_uboot_freebsd.pdf

http://www.strugglingcoder.info/index.php/category/freebsd/

http://www.isysop.com/unpacking-and-repacking-u-boot-uimage-files/

http://www.isysop.com/unpacking-and-repacking-u-boot-images-part-2/

https://github.com/bitboss-ca/freebsd-arm-tools

http://blog.khubla.com/freebsd/building-u-boot-for-chromebook

http://www.nikoopour.com/2015/03/

https://raybsd.blogspot.cz/2012/12/

http://distkeys.com/blog/2014/08/03/inside-freebsd/

https://www.bidouilliste.com/blog/2015/11/27/Porting-FreeBSD-to-a-new-ARM-Board-Part-1/

https://www.bidouilliste.com/blog/2015/11/27/Porting-FreeBSD-to-a-new-ARM-Board-Part-2/

https://www.bidouilliste.com/blog/2015/11/27/Porting-FreeBSD-to-a-new-ARM-Board-Part-3/

Netbooting ARM/MIPS devices: server setup Netbooting ARM/MIPS devices: kinds of kernel and u-boot

https://bsdmag.org/basic-unix-queuing-techniques/

https://bsdmag.org/unix-kernel-system-calls/

https://bsdmag.org/dynamic-memory-allocation-unix-systems/

https://backtrace.io/blog/backtrace/improving-freebsd-kernel-debugging/

https://gist.github.com/bijanebrahimi/f2eb0c620d81aa6234e121a0ddd88cc2

https://forums.freebsd.org/threads/ctl-alt-esc-not-taking-me-to-kernel-debugger.40111/

https://riptutorial.com/freebsd/example/23734/download-the-latest-source-code

https://elkamika.blogspot.com/2019/06/freebsd-kernel-remote-debugging-part1.html?m=1

https://blog.hostileadmin.com/2012/09/25/so-you-want-a-freebsd-debugging-kernel/

https://bsdmag.org/beyond-bios-the-extended-firmware-interface-efi/

Creating a FreeBSD Port Patch

Build your own FreeBSD ports and make packages out of them using jails, poudriere and portshaker

Building Packages with Poudriere

Poudriere wiki

Making a New Port

Debian in FreeBSD Jail

https://clinta.github.io/freebsd-jails-the-hard-way/

https://www.cyberciti.biz/faq/howto-setup-freebsd-jail-with-ezjail/

https://www.cyberciti.biz/faq/how-to-install-and-configure-jails-on-freenas-corral-10/

https://gundersen.net/32bit-jail-on-64bit-freebsd/

https://medium.com/chris-opperwall/quick-jail-updating-in-freebsd-f7c6bb52c6de

https://www.kirkg.us/posts/how-to-configure-a-freebsd-jail-on-a-digital-ocean-droplet/

https://www.cockroachlabs.com/blog/critters-in-a-jar-running-cockroachdb-in-a-freebsd-jail/

https://www.cyberciti.biz/faq/how-to-configure-a-freebsd-jail-with-vnet-and-zfs/

https://wiki.jriver.com/index.php/Mixing

https://people.freebsd.org/~ariff/SOUND_4.TXT.html

Steam on FreeBSD

https://bsdmag.org/5374-2/

https://wiki.freebsd.org/TuningPowerConsumption

Comment out Nvidia-related parts from your xorg.conf :

...

Section "Device"
    Identifier  "Card0"
    Driver      "intel"
    BusID       "PCI:0:2:0"
EndSection

#Section "Device"
#   Identifier  "Card1"
#   Driver      "nvidia"
#   BusID       "PCI:1:0:0"
#EndSection

...

Then add the following bits to rc.conf(5) :

kld_list='i915kms'

ntpdate_enable="YES"
ntpdate_hosts="in.pool.ntp.org"

Or manually update time and date

ntpdate -b pool.ntp.org
sudo service ntpd start

# sysctl hw.syscons.bell=0

or if you use XFCE

set bell-style none

You must add line in /etc/shells for example fish shell

/usr/local/bin/fish

Change shell and path your favorite shell

chsh -s /usr/local/bin/fish

Cool aliases

If you need PATH for example compiler or some options

# ASAN settings
set -x ASAN_SYMBOLIZER_PATH /usr/local/llvm50/bin/llvm-symbolizer
set -x ASAN_OPTIONS verbosity=1
set -x ASAN_OPTIONS symbolize=1
set -x ASAN_OPTIONS detect_stack_use_after_scope=1

# UBSAN settings
set -x UBSAN_SYMBOLIZER_PATH /usr/local/llvm50/bin/llvm-symbolizer
set -x UBSAN_OPTIONS verbosity=2

# MSAN
set -x MSAN_SYMBOLIZER_PATH /usr/local/llvm50/bin/llvm-symbolizer
set -x MSAN_OPTIONS fsanitize-memory-track-origins=2
set -x MSAN_OPTIONS verbosity=2
set -x MSAN_OPTIONS symbolize=1

set constantshow
set smooth
set autoindent
set casesensitive
set historylog
set morespace

syntax "comments" ".*"
color blue "^#.*"

## nanorc files
include "/usr/local/share/nano/asm.nanorc"
include "/usr/local/share/nano/awk.nanorc"
include "/usr/local/share/nano/c.nanorc"
include "/usr/local/share/nano/cmake.nanorc"
include "/usr/local/share/nano/css.nanorc"
include "/usr/local/share/nano/debian.nanorc"
include "/usr/local/share/nano/fortran.nanorc"
include "/usr/local/share/nano/gentoo.nanorc"
include "/usr/local/share/nano/groff.nanorc"
include "/usr/local/share/nano/html.nanorc"
include "/usr/local/share/nano/java.nanorc"
include "/usr/local/share/nano/makefile.nanorc"
include "/usr/local/share/nano/man.nanorc"
include "/usr/local/share/nano/mgp.nanorc"
include "/usr/local/share/nano/mutt.nanorc"
include "/usr/local/share/nano/nanorc.nanorc"
include "/usr/local/share/nano/objc.nanorc"
include "/usr/local/share/nano/ocaml.nanorc"
include "/usr/local/share/nano/patch.nanorc"
include "/usr/local/share/nano/perl.nanorc"
include "/usr/local/share/nano/php.nanorc"
include "/usr/local/share/nano/pov.nanorc"
include "/usr/local/share/nano/python.nanorc"
include "/usr/local/share/nano/ruby.nanorc"
include "/usr/local/share/nano/sh.nanorc"
include "/usr/local/share/nano/tcl.nanorc"
include "/usr/local/share/nano/tex.nanorc"
include "/usr/local/share/nano/xml.nanorc"

I cannot debug C/C++ programs because message “No symbol table is loaded. Use the \”file\“ command” …

Best solution is install devel/gdb with path /usr/local/bin/gdb

# ls /dev/da*
# mount_msdosfs /dev/da0 /media/usb

mount -av

Fuse-ext2 mounts an ext2/ext3/ext4 partition or image file

For control kernels fuse modules is command:

kldstat

If you don't have fuse.ko module in the kernel you use this command

kldload fuse

Then mount your partition

fuse-ext2  /dev/your_partition /media/

For mounting ntfs file system you must kernel module loaded.

For control kernels fuse modules is command:

kldstat

and load FUSE kernel module:

kldload fuse

and then you can mount ntfs filesystem.

# ls /dev/da*
# ntfs-3g  /dev/your_partition  /mnt/

Uncomment in config file in /etc/auto_master

/media        -media        -nosuid

Add lines to /etc/devd.conf

notify 100 {
    match "system" "GEOM";
    match "subsystem" "DEV";
    action "/usr/sbin/automount -c";
};

Reload service

service automount reload
service devd restart

and added configuration /etc/rc.conf

autofs_enable="YES"

portmaster -L - Check all update for ports
portmaster -a - Upgrade ports
portmaster -af - Rebuild of installed application

Create it ports tree for poudriere

poudriere ports -c

Configure poudriere, file system, ram, etc…

/usr/local/etc/poudriere.conf

List port tree

poudriere ports -l

PORTSTREE METHOD   TIMESTAMP           PATH
default   portsnap 2019-07-10 21:47:49 /usr/local/poudriere/ports/default

Create it jail for build and the target system

poudriere jail -c -j freebsd_11-2x64 -v 11.2-RELEASE -a amd64

List the jails

sudo poudriere jail -l

JAILNAME        VERSION          ARCH  METHOD TIMESTAMP           PATH
freebsd_11-2x64 11.2-RELEASE-p11 amd64 ftp    2019-07-10 20:48:07 /usr/local/poudriere/jails/freebsd_11-2x64

Copy your port files to /usr/local/poudriere/default/ and then build it port for example

sudo poudriere testport -o lang/halide -j freebsd_11-2x64

Just put the following line to /etc/make.conf. Then recompile port with debug symbol.

WITH_DEBUG=    yes

more information in

/usr/ports/Mk/bsd.port.mk

Debug makefile for your port

make -d A

How to fast setup MYSQL Database

The first step is the installation

sudo pkg install mysql56-server

next step is enable in /etc/rc.conf

sudo sysrc mysql_enable=yes

Remember to run mysql_upgrade the first time you start the MySQL server after an upgrade from an earlier version.

Now start MYSQL Server

sudo service mysql-server start

then set database

sudo mysql_secure_installation

Simple script for create jail on zfs filesystem

#!/bin/sh
 
########################################################################
# Donwload amd64 base, ports tree FreeBSD OS
# and unpack base OS to your jail folder
########################################################################
 
set +x
 
name_jail="freebsd11_2"
arch_jail="amd64"
version_jail="11.2-RELEASE"
 
# Create new zfs dataset for jail - only once
#zfs create -o mountpoint=/usr/local/jails zroot/jails
 
# Create jail folder
zfs create zroot/jails/$name_jail
 
rm  /tmp/base.txz
rm  /tmp/ports.txz
 
echo "Fetching package from FreeBSD server ..."
 
fetch ftp://ftp.freebsd.org/pub/FreeBSD/releases/$arch_jail/$version_jail/base.txz -o /tmp/base.txz
fetch ftp://ftp.freebsd.org/pub/FreeBSD/releases/$arch_jail/$version_jail/ports.txz -o /tmp/ports.txz
 
mkdir -p /usr/local/jails/$name_jail
 
echo "Unpacking Freebsd base OS ..."
tar -xf /tmp/base.txz -C /usr/local/jails/$name_jail
tar -xf /tmp/ports.txz -C /usr/local/jails/$name_jail
 
cp /etc/resolv.conf /usr/local/jails/$name_jail/etc

#!/bin/sh
 
########################################################################
# Donwload i386 base, ports tree FreeBSD OS
# and unpack base OS to your jail folder
########################################################################
 
set +x
 
name_jail="freebsd386"
arch_jail="i386"
version_jail="11.2-RELEASE"
 
# Create new zfs dataset for jail - only once
#zfs create -o mountpoint=/usr/local/jails zroot/jails
 
# Create jail folder
zfs create zroot/jails/$name_jail
 
rm /tmp/base.txz
rm /tmp/ports.txz
 
echo "Fetching package from FreeBSD server ..."
 
fetch ftp://ftp.freebsd.org/pub/FreeBSD/releases/$arch_jail/$version_jail/base.txz -o /tmp/base.txz
fetch ftp://ftp.freebsd.org/pub/FreeBSD/releases/$arch_jail/$version_jail/ports.txz -o /tmp/ports.txz
 
mkdir -p /usr/local/jails/$name_jail
 
echo "Unpacking Freebsd base OS ..."
tar -xf /tmp/base.txz -C /usr/local/jails/$name_jail
tar -xf /tmp/ports.txz -C /usr/local/jails/$name_jail
 
cp /etc/resolv.conf /usr/local/jails/$name_jail/etc
 
echo "Done"

/etc/jail.conf

# /etc/jail.conf

# Global settings applied to all jails.

exec.start = "/bin/sh /etc/rc";
exec.stop = "/bin/sh /etc/rc.shutdown";
exec.clean;
mount.devfs;
allow.raw_sockets;

# The jail definition for freebsd386
freebsd386 {
    host.hostname = "freebsd386.domain.local";
    path = "/usr/local/jails/freebsd386";
    interface = "lagg0";
    ip4.addr = 10.0.2.15;
}

Packet forwarding

/etc/pf.conf

# /etc/pf.conf
#Define the interfaces
ext_if = "em0"
int_if = "lagg0"
jail_net = $int_if:network

#Define the NAT for the jails
nat on $ext_if from $jail_net to any -> ($ext_if)

Run jail

bsd@ ~> sudo jail -c freebsd386
bsd@ ~> jls
bsd@ ~> sudo jail -m jid=1 (number of jail)

http://tate.cx/improving-zfs-performance/

zpool import

For control command mount.

zpool import -fR /media zroot

If you will have i386 OS you must set wm.kmem_size=“512M” and vm.kmem_size_max=“” is minimal value.

This is little tunables more information on http://www.freebsd.cz/doc/handbook/zfs-advanced.html

vfs.zfs.prefetch_disable=0
vm.kmem_size="512M"
vm.kmem_size_max="768M"
vfs.zfs.arc_max="40M"
vfs.zfs.vdev.cache.size="5M"

We added space for virtual disk (VirtualBox, or other) but we have disk CORRUPT

lol@ ~/> gpart show ada0
=>      40  41942960  ada0  GPT  (39G) [CORRUPT]
        40      1024     1  freebsd-boot  (512K)
      1064       984        - free -  (492K)
      2048   4194304     2  freebsd-swap  (2.0G)
   4196352  37744640     3  freebsd-zfs  (18G)
  41940992      2008        - free -  (1.0M)

Fix is easy :

gpart recover ada0

Now we need resize partion 3.

lol@ ~/> gpart show 
=>      40  81919920  ada0  GPT  (39G)
        40      1024     1  freebsd-boot  (512K)
      1064       984        - free -  (492K)
      2048   4194304     2  freebsd-swap  (2.0G)
   4196352  37744640     3  freebsd-zfs  (18G)
  41940992  39978968        - free -  (19G)

lol@ ~/> zpool list
NAME    SIZE  ALLOC   FREE  EXPANDSZ   FRAG    CAP  DEDUP  HEALTH  ALTROOT
zroot  17.9G  17.3G   621M         -    76%    96%  1.00x  ONLINE  -

For device is Busy , we have set this value:

lol@ ~/> sysctl kern.geom.debugflags=16
kern.geom.debugflags: 0 -> 16

Now resize partition number 3

lol@ ~/> gpart show 
=>      40  81919920  ada0  GPT  (39G)
        40      1024     1  freebsd-boot  (512K)
      1064       984        - free -  (492K)
      2048   4194304     2  freebsd-swap  (2.0G)
   4196352  37744640     3  freebsd-zfs  (18G)
  41940992  39978968        - free -  (19G)

lol@ ~/> sudo gpart resize -i 3 ada0

ada0p3 resized

lol@ ~/> gpart show 
=>      40  81919920  ada0  GPT  (39G)
        40      1024     1  freebsd-boot  (512K)
      1064       984        - free -  (492K)
      2048   4194304     2  freebsd-swap  (2.0G)
   4196352  77723608     3  freebsd-zfs  (37G)

Last step with zfs pool:

lol@ ~/> sudo zpool set autoexpand=on zroot
lol@ ~/> sudo zpool online -e zroot ada0p3 ada0p3

Control space in zpool.Size of zroot is right.

lol@ ~/> zpool list
NAME    SIZE  ALLOC   FREE  EXPANDSZ   FRAG    CAP  DEDUP  HEALTH  ALTROOT
zroot    37G  17.3G  19.7G         -    36%    46%  1.00x  ONLINE  -

lol@ ~/Desktop> sudo sysctl kern.geom.debugflags=0
kern.geom.debugflags: 16 -> 0

Added line with kernel module to /boot/loader.conf

vboxdrv_load="YES"

Added line for bridged or host-only networking to /etc/rc.conf

vboxnet_enable="YES"

Added to group

pw groupmod vboxusers -m yourusername
chown root:vboxusers /dev/vboxnetctl
chmod 0660 /dev/vboxnetctl

Permanent permisions added lines to /etc/devfs.conf

own     vboxnetctl root:vboxusers
perm    vboxnetctl 0660

Write to /etc/rc.conf

vboxguest_enable="YES"
vboxservice_enable="YES"

pciconf -l - look for if see wifi hardware
sudo ifconfig wlan0 create wlandev wpi0
sudo wpa_supplicant -i wlan0 -c /etc/wpa_supplicant.conf

Add kernel module to /boot/loader.conf

# Kernel module for wifi 
if_ath_load="YES"
if_iw_load="YES"

# Next wifi kernel modules
wlan_wep_load="YES"
wlan_ccmp_load="YES"
wlan_tkip_load="YES"

Add to configure /etc/rc.conf this lines. Configure you wifi device.

wlans_run0="wlan0"
create_args_wlan0="wlanmode sta country CZ indoor"

Look to your hardware if you have drivers.

# Look for if see wifi hardware (wpi, run0)
pciconf -l 

# Create a device with name wlan0
sudo ifconfig wlan0 create wlandev wpi0

# Create wpa_supplicant configure file with ssid network 
sudo wpa_supplicant -i wlan0 -c /etc/wpa_supplicant.conf

# Scan your wifi networks
ifconfig wlan0 up scan 
SSID/MESH ID    BSSID              CHAN RATE   S:N     INT CAPS
lol        00:13:46:49:41:76   11   54M -90:96   100 EPS  WPA WME
trololo    00:11:95:c3:0d:ac    1   54M -83:96   100 EPS  WPA

# IP address from DHCP server
sudo dhclient wlan0

Install CD -> Partition -> Shell

gpart create -s gpt vtbd0
gpart add -t freebsd-boot -s 512k -a 4k vtbd0
gpart add -t freebsd-ufs -a 1M vtbd0
gpart bootcode -b /boot/pmbr -p /boot/gptboot -i 1 vtbd0

geli init -b -g vtbd0p2
geli attach vtbd0p2

newfs -j /dev/vtbd0p2.eli
mount /dev/vtbd0p2.eli /mnt

- /tmp/bsdinstall_etc/fstab
/dev/vtbd0p2.eli / ufs rw,noatime 1 1

- /tmp/bsdinstall_boot/loader.conf
geom_eli_load="YES"

exit (installer will continue)

Change  /dev/vtbd0p2.eli to gptid/rawuuid (gpart list):
/dev/gptid/015ceb9a-90a4-11e6-b8fc-1392a9ed1847 / ufs rw,noatime 1 1

sudo pkg install subversion  
sudo svn checkout https://svn0.us-east.FreeBSD.org/base/stable/you_version_system /usr/src
svn up /usr/src

profiling_debugging_freebsd_kernel_321772.pdf

}

Simple kernel module.
https://github.com/Martinfx/FreeBSD-Kernel-module

To check the status of the securelevel on a running system: Add to /etc/sysctl.conf

kern.securelevel=2
security.bsd.see_other_uids=0
security.bsd.stack_guard_page=1
net.inet.ip.random_id=1

more : http://www.freebsd.cz/doc/faq/security.html

Tracking information such as CPU statistics and executed commands.

touch /var/account/acct
chmod 600 /var/account/acct
accton /var/account/acct
echo 'accounting_enable="YES"' >> /etc/rc.conf

If you use notebooks, is better enable acpi driver in /boot/loader.conf For IBM notebooks is command:

acpi_ibm_load="YES"

If you use notebooks, is better enable acpi driver in /boot/loader.conf For HP notebooks is command:

acpi_hp_load="YES"

More : https://www.freebsd.org/cgi/man.cgi?acpi_ibm

# kldload linux
# kldload linux64

# kldstat - you can look for modules
 1   72 0xffffffff80200000 1fa7c38  kernel
 2    1 0xffffffff821a9000 30aec0   zfs.ko
 3    2 0xffffffff824b4000 adc0     opensolaris.ko
...
23    1 0xffffffff827bc000 389f4    linux64.ko

and add line to /etc/rc.conf:
linux_enable="YES"

If You are not able to authenticate via ssh and message “Too many authentication failures” is logged in /var/log/auth.log you probably have more than 2 keys loaded in your ssh agent that are failing to authenticate. To solve this unload keys you are not using from ssh agent (ssh-add -d path/ ssh-add -D), use ssh -i path_to_key or create an appropriate section in your ~/.ssh/config with IdentityFile.

The fatal double fault is a problem on FreeBSD - i386 with ZFS file system.

As described in /usr/src/UPDATING entry 20121223, rebuilding the kernel with options KSTACK_PAGES=4 has been observed to resolve the boot-time crash. This, however, is not an ideal solution for inclusion in the GENERIC kernel configuration, as increasing KSTACK_PAGES implicitly decreases available usermode threads in an environment that is already resource-starved.

You must do this steps for new kernel:

# mkdir -p /usr/src
# svnlite co svn://svn.freebsd.org/base/releng/10.2 /usr/src
# make -C /usr/src kernel-toolchain
# printf "include GENERIC\noptions KSTACK_PAGES=4\n" > /usr/src/sys/i386/conf/ZFS
# make -C /usr/src buildkernel KERNCONF=ZFS
# make -C /usr/src installkernel KERNCONF=ZFS

For FreeBSD 10.3 - More information on page https://www.freebsd.org/releases/10.3R/errata.html For FreeBSD 11.0 - More information on page https://www.freebsd.org/releases/11.0R/errata.html

If is a problem with boot on FreeBSD and cannot run the system. Back to FreeBSD menu and choose option 3. ( Escape to loader prompt ) For help in command line is command help or ? (list of commands ) help set are options for the command set

For boot from CD is commnad

set boot_cdrom (for mount filesystem)
boot

Look for a mounted filesystem with command mount.If you haven't zfs filesystem mounted you must run command and connect zpool :

zpool import -f zroot

Boot live system …

geli attach /dev/ada0p3
password: 

The command mount only part of filesystem. For example /usr; /tmp; /var; but not /boot

zpool import -f /mnt zroot

The command mount /boot etc..

zfs mount zroot/ROOT/default