From owner-freebsd-jail@FreeBSD.ORG Sun Mar 18 23:47:18 2012 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id C6519106566B for ; Sun, 18 Mar 2012 23:47:18 +0000 (UTC) (envelope-from girgen@FreeBSD.org) Received: from melon.pingpong.net (melon.pingpong.net [79.136.116.200]) by mx1.freebsd.org (Postfix) with ESMTP id 4893E8FC19 for ; Sun, 18 Mar 2012 23:47:18 +0000 (UTC) Received: from c-a557e155.1521-1-64736c12.cust.bredbandsbolaget.se (c-a557e155.1521-1-64736c12.cust.bredbandsbolaget.se [85.225.87.165]) by melon.pingpong.net (Postfix) with ESMTPA id B39D2223A4 for ; Mon, 19 Mar 2012 00:47:10 +0100 (CET) Message-ID: <4F6673FD.2040809@FreeBSD.org> Date: Mon, 19 Mar 2012 00:47:09 +0100 From: Palle Girgensohn User-Agent: Postbox 3.0.3 (Macintosh/20120304) MIME-Version: 1.0 To: freebsd-jail@freebsd.org X-Enigmail-Version: 1.2.2 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Subject: VMNET - problem with epair in jail, cannot ping itself? X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Mar 2012 23:47:18 -0000 Hi! When I create an epair and pu one end inside a jail, and give that interface an IP address, the jail still seems to want to use the lo0 interface to route traffic to that interface on the inside. Everything else works, I can set up bridges just like it would be an ethernet switch, add services on the inside, it is all fine, except this little annoying bug(?). See here: [root@hostname /home/girgen]# ifconfig epair create epair0a [root@hostname /home/girgen]# jail -c vnet name=bar host.hostname=bar path=/ persist [root@hostname /home/girgen]# jls JID IP Address Hostname Path 1 - bar / [root@hostname /home/girgen]# ifconfig epair0b vnet bar [root@hostname /home/girgen]# ifconfig -a bce0: flags=8843 metric 0 mtu 1500 options=c01bb ether 00:23:7d:23:9d:44 inet 1.2.3.144 netmask 0xffffffc0 broadcast 1.2.3.191 inet6 fe80::223:7dff:fe23:9d44%bce0 prefixlen 64 scopeid 0x1 nd6 options=29 media: Ethernet autoselect (1000baseT ) status: active bce1: flags=8802 metric 0 mtu 1500 options=c01bb ether 00:23:7d:23:9d:42 nd6 options=29 media: Ethernet autoselect lo0: flags=8049 metric 0 mtu 16384 options=3 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x9 inet 127.0.0.1 netmask 0xff000000 nd6 options=21 epair0a: flags=8842 metric 0 mtu 1500 options=8 ether 02:f9:05:00:0a:0a nd6 options=29 media: Ethernet 10Gbase-T (10Gbase-T ) status: active [root@hostname /home/girgen]# jexec bar ifconfig -a lo0: flags=8008 metric 0 mtu 16384 options=3 nd6 options=21 epair0b: flags=8842 metric 0 mtu 1500 options=8 ether 02:f9:05:00:0b:0b nd6 options=21 media: Ethernet 10Gbase-T (10Gbase-T ) status: active [root@hostname /home/girgen]# jexec bar ifconfig epair0b 10.1.1.2 netmask 0xffffff00 up [root@hostname /home/girgen]# jexec bar ping 10.1.1.2 PING 10.1.1.2 (10.1.1.2): 56 data bytes ^C --- 10.1.1.2 ping statistics --- 3 packets transmitted, 0 packets received, 100.0% packet loss [root@hostname /home/girgen]# jexec bar route -n get 10.1.1.2 route to: 10.1.1.2 destination: 10.1.1.2 interface: lo0 flags: recvpipe sendpipe ssthresh rtt,msec mtu weight expire 0 0 0 0 16384 1 0 [root@hostname /home/girgen]# Now why would the jail think that lo0 is the way to go to find 10.1.1.2? This is a minimal setup, adding an outside address, routing and all other things work, but the jail still tries lo0 to contact itself, no matter if it is ping or regular tcp traffic. Is this a bug or am I missing something? The jail can ping any address in the world, but cannot contact itself. Ideas? Palle From owner-freebsd-jail@FreeBSD.ORG Mon Mar 19 07:50:27 2012 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 703F21065675 for ; Mon, 19 Mar 2012 07:50:27 +0000 (UTC) (envelope-from nvass@gmx.com) Received: from mailout-eu.gmx.com (mailout-eu.gmx.com [213.165.64.42]) by mx1.freebsd.org (Postfix) with SMTP id E633C8FC0C for ; Mon, 19 Mar 2012 07:50:26 +0000 (UTC) Received: (qmail invoked by alias); 19 Mar 2012 07:50:19 -0000 Received: from g230069002.adsl.alicedsl.de (EHLO [192.168.178.28]) [92.230.69.2] by mail.gmx.com (mp-eu001) with SMTP; 19 Mar 2012 08:50:19 +0100 X-Authenticated: #46156728 X-Provags-ID: V01U2FsdGVkX1/qLJF0lo7qyJI0YAjMrXoKjh8kn3Ib4a4l9U41gw x0PSe+kvDiWcoy Message-ID: <4F66E535.9010607@gmx.com> Date: Mon, 19 Mar 2012 08:50:13 +0100 From: Nikos Vassiliadis User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.17) Gecko/20110414 Thunderbird/3.1.10 MIME-Version: 1.0 To: Palle Girgensohn References: <4F6673FD.2040809@FreeBSD.org> In-Reply-To: <4F6673FD.2040809@FreeBSD.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Y-GMX-Trusted: 0 Cc: freebsd-jail@freebsd.org Subject: Re: VMNET - problem with epair in jail, cannot ping itself? X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Mar 2012 07:50:27 -0000 On 3/19/2012 12:47 AM, Palle Girgensohn wrote: > Hi! > > When I create an epair and pu one end inside a jail, and give that > interface an IP address, the jail still seems to want to use the lo0 > interface to route traffic to that interface on the inside. > > Everything else works, I can set up bridges just like it would be an > ethernet switch, add services on the inside, it is all fine, except this > little annoying bug(?). > > See here: > > [root@hostname /home/girgen]# ifconfig epair create > epair0a > [root@hostname /home/girgen]# jail -c vnet name=bar host.hostname=bar > path=/ persist > [root@hostname /home/girgen]# jls > JID IP Address Hostname Path > 1 - bar / > [root@hostname /home/girgen]# ifconfig epair0b vnet bar > [root@hostname /home/girgen]# ifconfig -a > bce0: flags=8843 metric 0 mtu 1500 > options=c01bb > ether 00:23:7d:23:9d:44 > inet 1.2.3.144 netmask 0xffffffc0 broadcast 1.2.3.191 > inet6 fe80::223:7dff:fe23:9d44%bce0 prefixlen 64 scopeid 0x1 > nd6 options=29 > media: Ethernet autoselect (1000baseT) > status: active > bce1: flags=8802 metric 0 mtu 1500 > options=c01bb > ether 00:23:7d:23:9d:42 > nd6 options=29 > media: Ethernet autoselect > lo0: flags=8049 metric 0 mtu 16384 > options=3 > inet6 ::1 prefixlen 128 > inet6 fe80::1%lo0 prefixlen 64 scopeid 0x9 > inet 127.0.0.1 netmask 0xff000000 > nd6 options=21 > epair0a: flags=8842 metric 0 mtu 1500 > options=8 > ether 02:f9:05:00:0a:0a > nd6 options=29 > media: Ethernet 10Gbase-T (10Gbase-T) > status: active > [root@hostname /home/girgen]# jexec bar ifconfig -a > lo0: flags=8008 metric 0 mtu 16384 > options=3 > nd6 options=21 > epair0b: flags=8842 metric 0 mtu 1500 > options=8 > ether 02:f9:05:00:0b:0b > nd6 options=21 > media: Ethernet 10Gbase-T (10Gbase-T) > status: active > [root@hostname /home/girgen]# jexec bar ifconfig epair0b 10.1.1.2 > netmask 0xffffff00 up > [root@hostname /home/girgen]# jexec bar ping 10.1.1.2 > PING 10.1.1.2 (10.1.1.2): 56 data bytes > ^C > --- 10.1.1.2 ping statistics --- > 3 packets transmitted, 0 packets received, 100.0% packet loss > [root@hostname /home/girgen]# jexec bar route -n get 10.1.1.2 > route to: 10.1.1.2 > destination: 10.1.1.2 > interface: lo0 > flags: > recvpipe sendpipe ssthresh rtt,msec mtu weight expire > 0 0 0 0 16384 1 0 > [root@hostname /home/girgen]# > > > > Now why would the jail think that lo0 is the way to go to find 10.1.1.2? That's because 10.1.1.2 is a local address for jail bar and all local addresses are reachable via lo0. Keep in mind that this is the vnet's lo0 and has nothing to do with the host's lo0. Just "up" your vnet's lo0 interface and everything will be ok. The lo0 loopback interface is prerequisite for networking. HTH, Nikos From owner-freebsd-jail@FreeBSD.ORG Mon Mar 19 08:04:46 2012 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 542E31065670 for ; Mon, 19 Mar 2012 08:04:46 +0000 (UTC) (envelope-from girgen@FreeBSD.org) Received: from melon.pingpong.net (melon.pingpong.net [79.136.116.200]) by mx1.freebsd.org (Postfix) with ESMTP id E3F238FC16 for ; Mon, 19 Mar 2012 08:04:45 +0000 (UTC) Received: from c-a557e155.1521-1-64736c12.cust.bredbandsbolaget.se (c-a557e155.1521-1-64736c12.cust.bredbandsbolaget.se [85.225.87.165]) by melon.pingpong.net (Postfix) with ESMTPA id 893CF21DA0; Mon, 19 Mar 2012 09:04:44 +0100 (CET) Message-ID: <4F66E89B.9090704@FreeBSD.org> Date: Mon, 19 Mar 2012 09:04:43 +0100 From: Palle Girgensohn User-Agent: Postbox 3.0.3 (Macintosh/20120304) MIME-Version: 1.0 To: freebsd-jail@freebsd.org References: <4F6673FD.2040809@FreeBSD.org> <4F66E535.9010607@gmx.com> In-Reply-To: <4F66E535.9010607@gmx.com> X-Enigmail-Version: 1.2.2 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Cc: Subject: Re: VMNET - problem with epair in jail, cannot ping itself? X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Mar 2012 08:04:46 -0000 Nikos Vassiliadis skrev: > On 3/19/2012 12:47 AM, Palle Girgensohn wrote: >> Hi! >> >> When I create an epair and pu one end inside a jail, and give that >> interface an IP address, the jail still seems to want to use the lo0 >> interface to route traffic to that interface on the inside. >> >> Everything else works, I can set up bridges just like it would be an >> ethernet switch, add services on the inside, it is all fine, except this >> little annoying bug(?). >> >> See here: >> >> [root@hostname /home/girgen]# ifconfig epair create >> epair0a >> [root@hostname /home/girgen]# jail -c vnet name=bar host.hostname=bar >> path=/ persist >> [root@hostname /home/girgen]# jls >> JID IP Address Hostname Path >> 1 - bar / >> [root@hostname /home/girgen]# ifconfig epair0b vnet bar >> [root@hostname /home/girgen]# ifconfig -a >> bce0: flags=8843 metric 0 mtu >> 1500 >> options=c01bb >> >> ether 00:23:7d:23:9d:44 >> inet 1.2.3.144 netmask 0xffffffc0 broadcast 1.2.3.191 >> inet6 fe80::223:7dff:fe23:9d44%bce0 prefixlen 64 scopeid 0x1 >> nd6 options=29 >> media: Ethernet autoselect (1000baseT) >> status: active >> bce1: flags=8802 metric 0 mtu 1500 >> options=c01bb >> >> ether 00:23:7d:23:9d:42 >> nd6 options=29 >> media: Ethernet autoselect >> lo0: flags=8049 metric 0 mtu 16384 >> options=3 >> inet6 ::1 prefixlen 128 >> inet6 fe80::1%lo0 prefixlen 64 scopeid 0x9 >> inet 127.0.0.1 netmask 0xff000000 >> nd6 options=21 >> epair0a: flags=8842 metric 0 mtu >> 1500 >> options=8 >> ether 02:f9:05:00:0a:0a >> nd6 options=29 >> media: Ethernet 10Gbase-T (10Gbase-T) >> status: active >> [root@hostname /home/girgen]# jexec bar ifconfig -a >> lo0: flags=8008 metric 0 mtu 16384 >> options=3 >> nd6 options=21 >> epair0b: flags=8842 metric 0 mtu >> 1500 >> options=8 >> ether 02:f9:05:00:0b:0b >> nd6 options=21 >> media: Ethernet 10Gbase-T (10Gbase-T) >> status: active >> [root@hostname /home/girgen]# jexec bar ifconfig epair0b 10.1.1.2 >> netmask 0xffffff00 up >> [root@hostname /home/girgen]# jexec bar ping 10.1.1.2 >> PING 10.1.1.2 (10.1.1.2): 56 data bytes >> ^C >> --- 10.1.1.2 ping statistics --- >> 3 packets transmitted, 0 packets received, 100.0% packet loss >> [root@hostname /home/girgen]# jexec bar route -n get 10.1.1.2 >> route to: 10.1.1.2 >> destination: 10.1.1.2 >> interface: lo0 >> flags: >> recvpipe sendpipe ssthresh rtt,msec mtu weight expire >> 0 0 0 0 16384 1 0 >> [root@hostname /home/girgen]# >> >> >> >> Now why would the jail think that lo0 is the way to go to find 10.1.1.2? > > That's because 10.1.1.2 is a local address for jail bar and all local > addresses are reachable via lo0. Keep in mind that this is the vnet's > lo0 and has nothing to do with the host's lo0. Just "up" your vnet's lo0 > interface and everything will be ok. The lo0 loopback interface is > prerequisite for networking. > > HTH, Nikos Ah, OK, thanks. I had not grasped that. But it does not work? [root@hostname /home/girgen]# jexec bar ifconfig lo0 localhost up [root@hostname /home/girgen]# jexec bar ifconfig -a lo0: flags=8049 metric 0 mtu 16384 options=3 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1 inet 127.0.0.1 netmask 0xff000000 nd6 options=21 epair0b: flags=8843 metric 0 mtu 1500 options=8 ether 02:f9:05:00:0b:0b inet6 fe80::f9:5ff:fe00:b0b%epair0b prefixlen 64 scopeid 0x2 inet 10.1.1.2 netmask 0xffffff00 broadcast 10.1.1.255 nd6 options=21 media: Ethernet 10Gbase-T (10Gbase-T ) status: active [root@hostname /home/girgen]# jexec bar ping 10.1.1.2 PING 10.1.1.2 (10.1.1.2): 56 data bytes ^C --- 10.1.1.2 ping statistics --- 3 packets transmitted, 0 packets received, 100.0% packet loss [root@hostname /home/girgen]# jexec bar ping localhost PING localhost (127.0.0.1): 56 data bytes 64 bytes from 127.0.0.1: icmp_seq=0 ttl=64 time=0.045 ms 64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.030 ms ^C --- localhost ping statistics --- 2 packets transmitted, 2 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 0.030/0.037/0.045/0.007 ms [root@hostname /home/girgen]# From owner-freebsd-jail@FreeBSD.ORG Mon Mar 19 08:10:59 2012 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 5FA46106567B for ; Mon, 19 Mar 2012 08:10:59 +0000 (UTC) (envelope-from nvass@gmx.com) Received: from mailout-eu.gmx.com (mailout-eu.gmx.com [213.165.64.42]) by mx1.freebsd.org (Postfix) with SMTP id D48878FC1A for ; Mon, 19 Mar 2012 08:10:58 +0000 (UTC) Received: (qmail invoked by alias); 19 Mar 2012 08:10:57 -0000 Received: from g230069002.adsl.alicedsl.de (EHLO [192.168.178.28]) [92.230.69.2] by mail.gmx.com (mp-eu005) with SMTP; 19 Mar 2012 09:10:57 +0100 X-Authenticated: #46156728 X-Provags-ID: V01U2FsdGVkX1/5iJpE5CH5KNA4f4NU6gqLKzeIpoFHPwWoqD1Fop +dBboumePAZRxV Message-ID: <4F66EA0F.6080104@gmx.com> Date: Mon, 19 Mar 2012 09:10:55 +0100 From: Nikos Vassiliadis User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.17) Gecko/20110414 Thunderbird/3.1.10 MIME-Version: 1.0 To: Palle Girgensohn References: <4F6673FD.2040809@FreeBSD.org> <4F66E535.9010607@gmx.com> <4F66E89B.9090704@FreeBSD.org> In-Reply-To: <4F66E89B.9090704@FreeBSD.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Y-GMX-Trusted: 0 Cc: freebsd-jail@freebsd.org Subject: Re: VMNET - problem with epair in jail, cannot ping itself? X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Mar 2012 08:10:59 -0000 On 3/19/2012 9:04 AM, Palle Girgensohn wrote: > > > Nikos Vassiliadis skrev: >> On 3/19/2012 12:47 AM, Palle Girgensohn wrote: >>> Hi! >>> >>> When I create an epair and pu one end inside a jail, and give that >>> interface an IP address, the jail still seems to want to use the lo0 >>> interface to route traffic to that interface on the inside. >>> >>> Everything else works, I can set up bridges just like it would be an >>> ethernet switch, add services on the inside, it is all fine, except this >>> little annoying bug(?). >>> >>> See here: >>> >>> [root@hostname /home/girgen]# ifconfig epair create >>> epair0a >>> [root@hostname /home/girgen]# jail -c vnet name=bar host.hostname=bar >>> path=/ persist >>> [root@hostname /home/girgen]# jls >>> JID IP Address Hostname Path >>> 1 - bar / >>> [root@hostname /home/girgen]# ifconfig epair0b vnet bar >>> [root@hostname /home/girgen]# ifconfig -a >>> bce0: flags=8843 metric 0 mtu >>> 1500 >>> options=c01bb >>> >>> ether 00:23:7d:23:9d:44 >>> inet 1.2.3.144 netmask 0xffffffc0 broadcast 1.2.3.191 >>> inet6 fe80::223:7dff:fe23:9d44%bce0 prefixlen 64 scopeid 0x1 >>> nd6 options=29 >>> media: Ethernet autoselect (1000baseT) >>> status: active >>> bce1: flags=8802 metric 0 mtu 1500 >>> options=c01bb >>> >>> ether 00:23:7d:23:9d:42 >>> nd6 options=29 >>> media: Ethernet autoselect >>> lo0: flags=8049 metric 0 mtu 16384 >>> options=3 >>> inet6 ::1 prefixlen 128 >>> inet6 fe80::1%lo0 prefixlen 64 scopeid 0x9 >>> inet 127.0.0.1 netmask 0xff000000 >>> nd6 options=21 >>> epair0a: flags=8842 metric 0 mtu >>> 1500 >>> options=8 >>> ether 02:f9:05:00:0a:0a >>> nd6 options=29 >>> media: Ethernet 10Gbase-T (10Gbase-T) >>> status: active >>> [root@hostname /home/girgen]# jexec bar ifconfig -a >>> lo0: flags=8008 metric 0 mtu 16384 >>> options=3 >>> nd6 options=21 >>> epair0b: flags=8842 metric 0 mtu >>> 1500 >>> options=8 >>> ether 02:f9:05:00:0b:0b >>> nd6 options=21 >>> media: Ethernet 10Gbase-T (10Gbase-T) >>> status: active >>> [root@hostname /home/girgen]# jexec bar ifconfig epair0b 10.1.1.2 >>> netmask 0xffffff00 up >>> [root@hostname /home/girgen]# jexec bar ping 10.1.1.2 >>> PING 10.1.1.2 (10.1.1.2): 56 data bytes >>> ^C >>> --- 10.1.1.2 ping statistics --- >>> 3 packets transmitted, 0 packets received, 100.0% packet loss >>> [root@hostname /home/girgen]# jexec bar route -n get 10.1.1.2 >>> route to: 10.1.1.2 >>> destination: 10.1.1.2 >>> interface: lo0 >>> flags: >>> recvpipe sendpipe ssthresh rtt,msec mtu weight expire >>> 0 0 0 0 16384 1 0 >>> [root@hostname /home/girgen]# >>> >>> >>> >>> Now why would the jail think that lo0 is the way to go to find 10.1.1.2? >> >> That's because 10.1.1.2 is a local address for jail bar and all local >> addresses are reachable via lo0. Keep in mind that this is the vnet's >> lo0 and has nothing to do with the host's lo0. Just "up" your vnet's lo0 >> interface and everything will be ok. The lo0 loopback interface is >> prerequisite for networking. >> >> HTH, Nikos > > Ah, OK, thanks. I had not grasped that. > > But it does not work? > > [root@hostname /home/girgen]# jexec bar ifconfig lo0 localhost up > [root@hostname /home/girgen]# jexec bar ifconfig -a > lo0: flags=8049 metric 0 mtu 16384 > options=3 > inet6 ::1 prefixlen 128 > inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1 > inet 127.0.0.1 netmask 0xff000000 > nd6 options=21 > epair0b: flags=8843 metric 0 mtu > 1500 > options=8 > ether 02:f9:05:00:0b:0b > inet6 fe80::f9:5ff:fe00:b0b%epair0b prefixlen 64 scopeid 0x2 > inet 10.1.1.2 netmask 0xffffff00 broadcast 10.1.1.255 > nd6 options=21 > media: Ethernet 10Gbase-T (10Gbase-T) > status: active > [root@hostname /home/girgen]# jexec bar ping 10.1.1.2 > PING 10.1.1.2 (10.1.1.2): 56 data bytes > ^C > --- 10.1.1.2 ping statistics --- > 3 packets transmitted, 0 packets received, 100.0% packet loss > [root@hostname /home/girgen]# jexec bar ping localhost > PING localhost (127.0.0.1): 56 data bytes > 64 bytes from 127.0.0.1: icmp_seq=0 ttl=64 time=0.045 ms > 64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.030 ms > ^C > --- localhost ping statistics --- > 2 packets transmitted, 2 packets received, 0.0% packet loss > round-trip min/avg/max/stddev = 0.030/0.037/0.045/0.007 ms > [root@hostname /home/girgen]# Yes, that's somehow normal. You have to "up" lo0 before any other interface initialization take place. Otherwise the routes to self do not work properly. So, in vnet bar do: ifconfig epair0b 10.1.1.200 ifconfig epair0b 10.1.1.2 and things will hopefully work. Nikos From owner-freebsd-jail@FreeBSD.ORG Mon Mar 19 09:16:17 2012 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 67EA21065670 for ; Mon, 19 Mar 2012 09:16:17 +0000 (UTC) (envelope-from girgen@FreeBSD.org) Received: from melon.pingpong.net (melon.pingpong.net [79.136.116.200]) by mx1.freebsd.org (Postfix) with ESMTP id 0356F8FC08 for ; Mon, 19 Mar 2012 09:16:16 +0000 (UTC) Received: from girgBook.local (citron.pingpong.net [195.178.173.66]) by melon.pingpong.net (Postfix) with ESMTPA id A3F32226E7; Mon, 19 Mar 2012 10:16:14 +0100 (CET) Message-ID: <4F66F95B.108@FreeBSD.org> Date: Mon, 19 Mar 2012 10:16:11 +0100 From: Palle Girgensohn User-Agent: Postbox 3.0.3 (Macintosh/20120304) MIME-Version: 1.0 To: Nikos Vassiliadis References: <4F6673FD.2040809@FreeBSD.org> <4F66E535.9010607@gmx.com> <4F66E89B.9090704@FreeBSD.org> <4F66EA0F.6080104@gmx.com> In-Reply-To: <4F66EA0F.6080104@gmx.com> X-Enigmail-Version: 1.2.2 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Cc: freebsd-jail@freebsd.org Subject: Re: VMNET - problem with epair in jail, cannot ping itself? X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Mar 2012 09:16:17 -0000 Nikos Vassiliadis skrev: > On 3/19/2012 9:04 AM, Palle Girgensohn wrote: >> >> >> Nikos Vassiliadis skrev: >>> On 3/19/2012 12:47 AM, Palle Girgensohn wrote: >>>> Hi! >>>> >>>> When I create an epair and pu one end inside a jail, and give that >>>> interface an IP address, the jail still seems to want to use the lo0 >>>> interface to route traffic to that interface on the inside. >>>> >>>> Everything else works, I can set up bridges just like it would be an >>>> ethernet switch, add services on the inside, it is all fine, except >>>> this >>>> little annoying bug(?). >>>> >>>> See here: >>>> >>>> [root@hostname /home/girgen]# ifconfig epair create >>>> epair0a >>>> [root@hostname /home/girgen]# jail -c vnet name=bar host.hostname=bar >>>> path=/ persist >>>> [root@hostname /home/girgen]# jls >>>> JID IP Address Hostname Path >>>> 1 - bar / >>>> [root@hostname /home/girgen]# ifconfig epair0b vnet bar >>>> [root@hostname /home/girgen]# ifconfig -a >>>> bce0: flags=8843 metric 0 mtu >>>> 1500 >>>> >>>> options=c01bb >>>> >>>> >>>> ether 00:23:7d:23:9d:44 >>>> inet 1.2.3.144 netmask 0xffffffc0 broadcast 1.2.3.191 >>>> inet6 fe80::223:7dff:fe23:9d44%bce0 prefixlen 64 scopeid 0x1 >>>> nd6 options=29 >>>> media: Ethernet autoselect (1000baseT) >>>> status: active >>>> bce1: flags=8802 metric 0 mtu 1500 >>>> >>>> options=c01bb >>>> >>>> >>>> ether 00:23:7d:23:9d:42 >>>> nd6 options=29 >>>> media: Ethernet autoselect >>>> lo0: flags=8049 metric 0 mtu 16384 >>>> options=3 >>>> inet6 ::1 prefixlen 128 >>>> inet6 fe80::1%lo0 prefixlen 64 scopeid 0x9 >>>> inet 127.0.0.1 netmask 0xff000000 >>>> nd6 options=21 >>>> epair0a: flags=8842 metric 0 mtu >>>> 1500 >>>> options=8 >>>> ether 02:f9:05:00:0a:0a >>>> nd6 options=29 >>>> media: Ethernet 10Gbase-T (10Gbase-T) >>>> status: active >>>> [root@hostname /home/girgen]# jexec bar ifconfig -a >>>> lo0: flags=8008 metric 0 mtu 16384 >>>> options=3 >>>> nd6 options=21 >>>> epair0b: flags=8842 metric 0 mtu >>>> 1500 >>>> options=8 >>>> ether 02:f9:05:00:0b:0b >>>> nd6 options=21 >>>> media: Ethernet 10Gbase-T (10Gbase-T) >>>> status: active >>>> [root@hostname /home/girgen]# jexec bar ifconfig epair0b 10.1.1.2 >>>> netmask 0xffffff00 up >>>> [root@hostname /home/girgen]# jexec bar ping 10.1.1.2 >>>> PING 10.1.1.2 (10.1.1.2): 56 data bytes >>>> ^C >>>> --- 10.1.1.2 ping statistics --- >>>> 3 packets transmitted, 0 packets received, 100.0% packet loss >>>> [root@hostname /home/girgen]# jexec bar route -n get 10.1.1.2 >>>> route to: 10.1.1.2 >>>> destination: 10.1.1.2 >>>> interface: lo0 >>>> flags: >>>> recvpipe sendpipe ssthresh rtt,msec mtu weight >>>> expire >>>> 0 0 0 0 16384 1 0 >>>> [root@hostname /home/girgen]# >>>> >>>> >>>> >>>> Now why would the jail think that lo0 is the way to go to find >>>> 10.1.1.2? >>> >>> That's because 10.1.1.2 is a local address for jail bar and all local >>> addresses are reachable via lo0. Keep in mind that this is the vnet's >>> lo0 and has nothing to do with the host's lo0. Just "up" your vnet's lo0 >>> interface and everything will be ok. The lo0 loopback interface is >>> prerequisite for networking. >>> >>> HTH, Nikos >> >> Ah, OK, thanks. I had not grasped that. >> >> But it does not work? >> >> [root@hostname /home/girgen]# jexec bar ifconfig lo0 localhost up >> [root@hostname /home/girgen]# jexec bar ifconfig -a >> lo0: flags=8049 metric 0 mtu 16384 >> options=3 >> inet6 ::1 prefixlen 128 >> inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1 >> inet 127.0.0.1 netmask 0xff000000 >> nd6 options=21 >> epair0b: flags=8843 metric 0 mtu >> 1500 >> options=8 >> ether 02:f9:05:00:0b:0b >> inet6 fe80::f9:5ff:fe00:b0b%epair0b prefixlen 64 scopeid 0x2 >> inet 10.1.1.2 netmask 0xffffff00 broadcast 10.1.1.255 >> nd6 options=21 >> media: Ethernet 10Gbase-T (10Gbase-T) >> status: active >> [root@hostname /home/girgen]# jexec bar ping 10.1.1.2 >> PING 10.1.1.2 (10.1.1.2): 56 data bytes >> ^C >> --- 10.1.1.2 ping statistics --- >> 3 packets transmitted, 0 packets received, 100.0% packet loss >> [root@hostname /home/girgen]# jexec bar ping localhost >> PING localhost (127.0.0.1): 56 data bytes >> 64 bytes from 127.0.0.1: icmp_seq=0 ttl=64 time=0.045 ms >> 64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.030 ms >> ^C >> --- localhost ping statistics --- >> 2 packets transmitted, 2 packets received, 0.0% packet loss >> round-trip min/avg/max/stddev = 0.030/0.037/0.045/0.007 ms >> [root@hostname /home/girgen]# > > Yes, that's somehow normal. You have to "up" lo0 before any > other interface initialization take place. Otherwise the > routes to self do not work properly. So, in vnet bar do: > ifconfig epair0b 10.1.1.200 > ifconfig epair0b 10.1.1.2 > > and things will hopefully work. > > Nikos Ah, lovely. Thanks a lot! Cheers, Palle From owner-freebsd-jail@FreeBSD.ORG Mon Mar 19 11:07:15 2012 Return-Path: Delivered-To: freebsd-jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8AA791065675 for ; Mon, 19 Mar 2012 11:07:15 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 3462E8FC17 for ; Mon, 19 Mar 2012 11:07:15 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q2JB7FuD033618 for ; Mon, 19 Mar 2012 11:07:15 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q2JB7EML033616 for freebsd-jail@FreeBSD.org; Mon, 19 Mar 2012 11:07:14 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 19 Mar 2012 11:07:14 GMT Message-Id: <201203191107.q2JB7EML033616@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-jail@FreeBSD.org Cc: Subject: Current problem reports assigned to freebsd-jail@FreeBSD.org X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Mar 2012 11:07:15 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- p bin/165515 jail [jail][patch] "jail: unknown parameter: allow.nomount" p bin/161957 jail jls(8): jls -v doesn't show anything if system compile o kern/159918 jail [jail] inter-jail communication failure o kern/156111 jail [jail] procstat -b not supported in jail o misc/155765 jail [patch] `buildworld' does not honors WITHOUT_JAIL o conf/154246 jail [jail] [patch] Bad symlink created if devfs mount poin o conf/149050 jail [jail] rcorder ``nojail'' too coarse for Jail+VNET s conf/142972 jail [jail] [patch] Support JAILv2 and vnet in rc.d/jail o conf/141317 jail [patch] uncorrect jail stop in /etc/rc.d/jail o kern/133265 jail [jail] is there a solution how to run nfs client in ja o kern/119842 jail [smbfs] [jail] "Bad address" with smbfs inside a jail o bin/99566 jail [jail] [patch] fstat(1) according to specified jid o bin/32828 jail [jail] w(1) incorrectly handles stale utmp slots with 13 problems total. From owner-freebsd-jail@FreeBSD.ORG Thu Mar 22 17:18:51 2012 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 97C01106566B for ; Thu, 22 Mar 2012 17:18:51 +0000 (UTC) (envelope-from nvass@gmx.com) Received: from mailout-eu.gmx.com (mailout-eu.gmx.com [213.165.64.42]) by mx1.freebsd.org (Postfix) with SMTP id E59488FC0A for ; Thu, 22 Mar 2012 17:18:50 +0000 (UTC) Received: (qmail invoked by alias); 22 Mar 2012 17:18:42 -0000 Received: from g230066166.adsl.alicedsl.de (EHLO [192.168.178.28]) [92.230.66.166] by mail.gmx.com (mp-eu001) with SMTP; 22 Mar 2012 18:18:42 +0100 X-Authenticated: #46156728 X-Provags-ID: V01U2FsdGVkX1/SnxwN+QDSA5Ng42ztPJFDtECocLmwOlj+VRHJre xvCrs7DziMAVhk Message-ID: <4F6B5EE6.8080006@gmx.com> Date: Thu, 22 Mar 2012 18:18:30 +0100 From: Nikos Vassiliadis User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.17) Gecko/20110414 Thunderbird/3.1.10 MIME-Version: 1.0 To: FreeBSD-Jail Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Y-GMX-Trusted: 0 Subject: jail name is interpreted as jid when numeric X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Mar 2012 17:18:51 -0000 Hi, I found this somehow strange behavior and I am reporting it just to hear your opinions. > lab# jail -c name=asd persist > lab# jail -c name=asd.asd persist asd is interpreted as jail asd.asd > lab# jail -c name=asd.asd.1 persist > jail: jail 1 already exists 1 is interpreted as jail 1 This has to do with the fact that a numeric name is interpreted as jid and this breaks the dot-seperated hierarchical jails concept. I find this behavior somehow strange. Is it intended or it's bug? Thanks for your insights, Nikos From owner-freebsd-jail@FreeBSD.ORG Fri Mar 23 14:59:17 2012 Return-Path: Delivered-To: freebsd-jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 806B6106564A for ; Fri, 23 Mar 2012 14:59:17 +0000 (UTC) (envelope-from jamie@FreeBSD.org) Received: from m2.gritton.org (gritton.org [64.34.175.71]) by mx1.freebsd.org (Postfix) with ESMTP id 3D4138FC1C for ; Fri, 23 Mar 2012 14:59:16 +0000 (UTC) Received: from guppy.corp.verio.net (fw.oremut02.us.wh.verio.net [198.65.168.24]) (authenticated bits=0) by m2.gritton.org (8.14.4/8.14.4) with ESMTP id q2NEdKZq019008; Fri, 23 Mar 2012 08:39:21 -0600 (MDT) (envelope-from jamie@FreeBSD.org) Message-ID: <4F6C8B13.1000508@FreeBSD.org> Date: Fri, 23 Mar 2012 08:39:15 -0600 From: Jamie Gritton User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:9.0) Gecko/20120126 Thunderbird/9.0 MIME-Version: 1.0 To: Nikos Vassiliadis References: <4F6B5EE6.8080006@gmx.com> In-Reply-To: <4F6B5EE6.8080006@gmx.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: FreeBSD-Jail Subject: Re: jail name is interpreted as jid when numeric X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Mar 2012 14:59:17 -0000 It might seem clear with the dot-separated names that asd.asd.1 isn't the same as jail 1. But looking from the viewpoint of asd.asd, that jail would simply be "1". As jails may be referred to by either number or name, it made sense to exclude jails whose name was a number, except in the special case of it being the same as the jid. Otherwise there's the confusion of a jail having two different numbers (one really being a name), or of a number referring to two different jails. So while this does seem to break the dot-separate namespace concept, it's necessary because jails aren't always referred to by the full hierarchical name. - Jamie On 03/22/12 11:18, Nikos Vassiliadis wrote: > I found this somehow strange behavior and I am reporting it > just to hear your opinions. > >> lab# jail -c name=asd persist >> lab# jail -c name=asd.asd persist > > asd is interpreted as jail asd.asd > >> lab# jail -c name=asd.asd.1 persist >> jail: jail 1 already exists > > 1 is interpreted as jail 1 > > This has to do with the fact that a numeric name is interpreted as jid > and this breaks the dot-seperated hierarchical jails concept. > I find this behavior somehow strange. Is it intended or it's bug? > > Thanks for your insights, Nikos From owner-freebsd-jail@FreeBSD.ORG Fri Mar 23 19:09:28 2012 Return-Path: Delivered-To: freebsd-jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id B3A0E106564A for ; Fri, 23 Mar 2012 19:09:28 +0000 (UTC) (envelope-from nvass@gmx.com) Received: from mailout-eu.gmx.com (mailout-eu.gmx.com [213.165.64.42]) by mx1.freebsd.org (Postfix) with SMTP id 0AB6E8FC14 for ; Fri, 23 Mar 2012 19:09:27 +0000 (UTC) Received: (qmail invoked by alias); 23 Mar 2012 19:09:21 -0000 Received: from g229014139.adsl.alicedsl.de (EHLO [192.168.178.28]) [92.229.14.139] by mail.gmx.com (mp-eu005) with SMTP; 23 Mar 2012 20:09:21 +0100 X-Authenticated: #46156728 X-Provags-ID: V01U2FsdGVkX1/rbBJwdHrrBHct0T4/+zLNPnPgNTXSiKfS78IGCD YbTuY8RA7dRg8D Message-ID: <4F6CCA4F.3020708@gmx.com> Date: Fri, 23 Mar 2012 20:09:03 +0100 From: Nikos Vassiliadis User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.17) Gecko/20110414 Thunderbird/3.1.10 MIME-Version: 1.0 To: Jamie Gritton References: <4F6B5EE6.8080006@gmx.com> <4F6C8B13.1000508@FreeBSD.org> In-Reply-To: <4F6C8B13.1000508@FreeBSD.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Y-GMX-Trusted: 0 Cc: FreeBSD-Jail Subject: Re: jail name is interpreted as jid when numeric X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Mar 2012 19:09:28 -0000 I see. I wasn't sure what it was, hence the question. Thanks for the explanation Jamie. On 3/23/2012 3:39 PM, Jamie Gritton wrote: > It might seem clear with the dot-separated names that asd.asd.1 isn't > the same as jail 1. But looking from the viewpoint of asd.asd, that jail > would simply be "1". As jails may be referred to by either number or > name, it made sense to exclude jails whose name was a number, except in > the special case of it being the same as the jid. Otherwise there's the > confusion of a jail having two different numbers (one really being a > name), or of a number referring to two different jails. > > So while this does seem to break the dot-separate namespace concept, > it's necessary because jails aren't always referred to by the full > hierarchical name. > > - Jamie > > > On 03/22/12 11:18, Nikos Vassiliadis wrote: >> I found this somehow strange behavior and I am reporting it >> just to hear your opinions. >> >>> lab# jail -c name=asd persist >>> lab# jail -c name=asd.asd persist >> >> asd is interpreted as jail asd.asd >> >>> lab# jail -c name=asd.asd.1 persist >>> jail: jail 1 already exists >> >> 1 is interpreted as jail 1 >> >> This has to do with the fact that a numeric name is interpreted as jid >> and this breaks the dot-seperated hierarchical jails concept. >> I find this behavior somehow strange. Is it intended or it's bug? >> >> Thanks for your insights, Nikos