From owner-freebsd-jail@freebsd.org Mon Jul 22 20:26:34 2019 Return-Path: Delivered-To: freebsd-jail@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 60E61BB29B for ; Mon, 22 Jul 2019 20:26:34 +0000 (UTC) (envelope-from wayne@post.wayne47.com) Received: from post.wayne47.com (post.wayne47.com [198.11.56.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "post.wayne47.com", Issuer "post.wayne47.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 8D07189BCD for ; Mon, 22 Jul 2019 20:26:33 +0000 (UTC) (envelope-from wayne@post.wayne47.com) Received: from post.wayne47.com (post.wayne47.com [198.11.56.11]) by post.wayne47.com (8.15.2/8.15.2) with ESMTPS id x6MKNR6D008815 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for ; Mon, 22 Jul 2019 16:23:27 -0400 (EDT) (envelope-from wayne@post.wayne47.com) Received: (from wayne@localhost) by post.wayne47.com (8.15.2/8.15.2/Submit) id x6MKNRVd008464 for freebsd-jail@freebsd.org; Mon, 22 Jul 2019 16:23:27 -0400 (EDT) (envelope-from wayne) Date: Mon, 22 Jul 2019 16:23:27 -0400 From: Mike Wayne To: freebsd-jail@freebsd.org Subject: Binary jail install/maintain/upgrade code (plus ezjail replacement) Message-ID: <20190722202327.GU13044@post.wayne47.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.10.1 (2018-07-13) X-Rspamd-Queue-Id: 8D07189BCD X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; spf=pass (mx1.freebsd.org: domain of wayne@post.wayne47.com designates 198.11.56.11 as permitted sender) smtp.mailfrom=wayne@post.wayne47.com X-Spamd-Result: default: False [-1.69 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.97)[-0.973,0]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:198.11.56.11]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-jail@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-0.99)[-0.991,0]; RCVD_TLS_LAST(0.00)[]; NEURAL_SPAM_SHORT(0.29)[0.292,0]; MX_GOOD(-0.01)[post.wayne47.com]; DMARC_NA(0.00)[wayne47.com]; IP_SCORE(-0.01)[country: US(-0.05)]; FORGED_SENDER(0.30)[FreeBSD_jail@wayne47.com,wayne@post.wayne47.com]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:2015, ipnet:198.11.56.0/24, country:US]; FROM_NEQ_ENVFROM(0.00)[FreeBSD_jail@wayne47.com,wayne@post.wayne47.com]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Jul 2019 20:26:34 -0000 A while ago I discovered that jails installed as purely binary jails (where /usr/src is not installed) using ezjail can never be upgraded. This led to a lot of investigation where I also discovered that freebsd-update can not update a jail from the host. This means that jails with no Internet access (used for local access only) can not be easily upgraded. To deal with this, I developed replacement code with these features: - The layout of a jail is built to be almost exactly what ezjail creates, including symlinks and nullfs mounts, changing basejail to BaseJail and newjail to NewJail. This permits both ezjail and this system to run in parallel on the same system. - Runs on UFS. This is a hard design requirement as I need to be able to run multiple jails in VFS systems with 512MB RAM and 10GB disk space. Plus I need dump/restore which ZFS does not support. - There are no package dependencies at all, everything is done using code in base. - The entire system is contained in one file, though it does write support files as it does its work. - Jails are currently installed using whatever distribution is already downloaded. An option is provided to determine which release will be installed before installation (needs work). - Jails are installed and upgraded using free-bsdupdate. /usr/src is never required. - ALL work is done from the host. No jail needs Internet access to be installed or upgraded. - Because of the way upgrades are done, jails MUST not be running to be upgraded. Sanity checks are provided to help prevent user errors. - Jails and the base system can be checked with freebsd-update IDS. - While not presently implemented, I plan to support upgrading binary-only jails which were installed with ezjail. At this point, things seem to be working. This is NOT ready for public release so I am not posting code here. I'd like to find one or two people who are willing to work with what I have, going through the install/upgrade process a bunch of times and tell me what I've done wrong and suggest improvements. Cautions: - There will have to be some discussion between us to understand how things work. Documentation is very limited. - There are some VERY ugly hacks going to to make all this work. - If your response is "you should use ZFS" please don't respond. If this sounds like something you would like to help out with, and you have some time to dedicate to it, please contact me directly and we'll get started. From owner-freebsd-jail@freebsd.org Wed Jul 24 16:12:20 2019 Return-Path: Delivered-To: freebsd-jail@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 080F3B0FE2 for ; Wed, 24 Jul 2019 16:12:20 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id DF2C38CC5C for ; Wed, 24 Jul 2019 16:12:19 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id DEB40B0FE1; Wed, 24 Jul 2019 16:12:19 +0000 (UTC) Delivered-To: jail@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id DE676B0FE0 for ; Wed, 24 Jul 2019 16:12:19 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C2DF08CC5A for ; Wed, 24 Jul 2019 16:12:19 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 9EA9B18F3F for ; Wed, 24 Jul 2019 16:12:19 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id x6OGCJ0D034485 for ; Wed, 24 Jul 2019 16:12:19 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id x6OGCJK4034472 for jail@FreeBSD.org; Wed, 24 Jul 2019 16:12:19 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 239417] ARP ping fails from the host to bridged vnet jails Date: Wed, 24 Jul 2019 16:12:19 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 12.0-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: linimon@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: assigned_to cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-Rspamd-Queue-Id: C2DF08CC5A X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.98 / 15.00]; local_wl_from(0.00)[freebsd.org]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; NEURAL_HAM_SHORT(-0.98)[-0.979,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US]; NEURAL_HAM_LONG(-1.00)[-1.000,0] X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Jul 2019 16:12:20 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D239417 Mark Linimon changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|bugs@FreeBSD.org |net@FreeBSD.org CC| |jail@FreeBSD.org --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-jail@freebsd.org Wed Jul 24 16:27:43 2019 Return-Path: Delivered-To: freebsd-jail@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 064A9B1645 for ; Wed, 24 Jul 2019 16:27:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id DF0E48D3B3 for ; Wed, 24 Jul 2019 16:27:42 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id DC694B1644; Wed, 24 Jul 2019 16:27:42 +0000 (UTC) Delivered-To: jail@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id DC2F9B1643 for ; Wed, 24 Jul 2019 16:27:42 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id BE3D38D3B1 for ; Wed, 24 Jul 2019 16:27:42 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 973551915D for ; Wed, 24 Jul 2019 16:27:42 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id x6OGRgWt070413 for ; Wed, 24 Jul 2019 16:27:42 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id x6OGRgsF070412 for jail@FreeBSD.org; Wed, 24 Jul 2019 16:27:42 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 239417] ARP ping fails from the host to bridged vnet jails Date: Wed, 24 Jul 2019 16:27:42 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 12.0-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: eugen@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-Rspamd-Queue-Id: BE3D38D3B1 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.98 / 15.00]; local_wl_from(0.00)[freebsd.org]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; NEURAL_HAM_SHORT(-0.98)[-0.979,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Jul 2019 16:27:43 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D239417 Eugene Grosbein changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |eugen@freebsd.org --- Comment #1 from Eugene Grosbein --- If you mean net/arping, the PR should be for Ports & Packages and you should show output of arping -v -v ... --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-jail@freebsd.org Wed Jul 24 16:51:36 2019 Return-Path: Delivered-To: freebsd-jail@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A1995B1FB6 for ; Wed, 24 Jul 2019 16:51:36 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 5CD218E173 for ; Wed, 24 Jul 2019 16:51:34 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 1B066B1F8B; Wed, 24 Jul 2019 16:51:28 +0000 (UTC) Delivered-To: jail@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 1ABD0B1F8A for ; Wed, 24 Jul 2019 16:51:28 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 194C98E0C9 for ; Wed, 24 Jul 2019 16:51:25 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id E1ADE1956E for ; Wed, 24 Jul 2019 16:51:19 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id x6OGpJci028146 for ; Wed, 24 Jul 2019 16:51:19 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id x6OGpJjs028142 for jail@FreeBSD.org; Wed, 24 Jul 2019 16:51:19 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 239417] ARP ping fails from the host to bridged vnet jails Date: Wed, 24 Jul 2019 16:51:19 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 12.0-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: yuri@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-Rspamd-Queue-Id: 5CD218E173 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.98 / 15.00]; local_wl_from(0.00)[freebsd.org]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; NEURAL_HAM_SHORT(-0.98)[-0.981,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US]; NEURAL_HAM_LONG(-1.00)[-1.000,0] X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Jul 2019 16:51:36 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D239417 --- Comment #2 from Yuri Victorovich --- arping -v -v ,,, log: > $ arping -v -v 192.168.5.205 > arping: clock_getres() =3D 0s 1ns > arping: libnet_init() > arping: Autodetected interface sk0 > arping: libnet_init(sk0) > Timestamp types: > Name Description > arping: chroot(/var/empty): Operation not permitted > arping: setgroups(0, NULL): Operation not permitted > arping: setgid(): Operation not permitted > arping: setuid(): Operation not permitted > arping: pcap_get_selectable_fd(): 5 > This box: Interface: sk0 IP: 192.168.5.3 MAC address: 00:1c:32:3a:87= :32 > ARPING 192.168.5.205 > arping: sending packet at time 145827.861062692 > Timeout > arping: sending packet at time 145828.867484471 > Timeout > arping: sending packet at time 145829.873842180 > ^C > the PR should be for Ports & Packages But net/arping normally works, except for in this situation. In this case it doesn't get ARP responses, which seems to be a kernel probl= em because ARP responses are supposed to come from all bridged peers. arping of the same jail from another such jail, or from outside hosts works, just not from the host where jail resides. --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-jail@freebsd.org Wed Jul 24 21:29:43 2019 Return-Path: Delivered-To: freebsd-jail@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id B5928B968D for ; Wed, 24 Jul 2019 21:29:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 94A8975C12 for ; Wed, 24 Jul 2019 21:29:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 91FF1B968A; Wed, 24 Jul 2019 21:29:43 +0000 (UTC) Delivered-To: jail@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 91BE0B9689 for ; Wed, 24 Jul 2019 21:29:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 6BF3A75C0D for ; Wed, 24 Jul 2019 21:29:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 2281C1C861 for ; Wed, 24 Jul 2019 21:29:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id x6OLThsh049783 for ; Wed, 24 Jul 2019 21:29:43 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id x6OLTgS0049782 for jail@FreeBSD.org; Wed, 24 Jul 2019 21:29:42 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 239417] ARP ping fails from the host to bridged vnet jails Date: Wed, 24 Jul 2019 21:29:42 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 12.0-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: eugen@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-Rspamd-Queue-Id: 6BF3A75C0D X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.98 / 15.00]; local_wl_from(0.00)[freebsd.org]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; NEURAL_HAM_SHORT(-0.98)[-0.980,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US]; NEURAL_HAM_LONG(-1.00)[-1.000,0] X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Jul 2019 21:29:43 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D239417 --- Comment #3 from Eugene Grosbein --- Your log shows that arping does not send packets to the bridge. It sends th= em to sk0 physical interface. No wonder it gets no answers from physical part = of bridge where target IP does not exist. You should move host's IP address from sk0 to bridge interface so apring and others send traffic through the bridge and not sk0. --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-jail@freebsd.org Thu Jul 25 19:03:12 2019 Return-Path: Delivered-To: freebsd-jail@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7C27AABCDE for ; Thu, 25 Jul 2019 19:03:12 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 5C2F890993 for ; Thu, 25 Jul 2019 19:03:12 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 5BB32ABCDC; Thu, 25 Jul 2019 19:03:12 +0000 (UTC) Delivered-To: jail@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 5A4E9ABCDA for ; Thu, 25 Jul 2019 19:03:12 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 34E2490991 for ; Thu, 25 Jul 2019 19:03:12 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 10CC832A9 for ; Thu, 25 Jul 2019 19:03:12 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id x6PJ3BSw097119 for ; Thu, 25 Jul 2019 19:03:11 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id x6PJ3BQr097116 for jail@FreeBSD.org; Thu, 25 Jul 2019 19:03:11 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 239417] ARP ping fails from the host to bridged vnet jails Date: Thu, 25 Jul 2019 19:03:12 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 12.0-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: eugen@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-Rspamd-Queue-Id: 34E2490991 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.98 / 15.00]; local_wl_from(0.00)[freebsd.org]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; NEURAL_HAM_SHORT(-0.98)[-0.978,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Jul 2019 19:03:12 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D239417 --- Comment #4 from Eugene Grosbein --- Yury, had you a chance to try with IP address moved to the bridge? I'd suggest you create the bridge at startup and assign host's IP to it. Th= en add/remove members to the brige only. --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-jail@freebsd.org Thu Jul 25 19:24:35 2019 Return-Path: Delivered-To: freebsd-jail@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 31A81AC7B8 for ; Thu, 25 Jul 2019 19:24:35 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 1239391960 for ; Thu, 25 Jul 2019 19:24:35 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 11CE5AC7B6; Thu, 25 Jul 2019 19:24:35 +0000 (UTC) Delivered-To: jail@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 119ACAC7B5 for ; Thu, 25 Jul 2019 19:24:35 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id E6E879195E for ; Thu, 25 Jul 2019 19:24:34 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id C2CEC37F7 for ; Thu, 25 Jul 2019 19:24:34 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id x6PJOYcc052892 for ; Thu, 25 Jul 2019 19:24:34 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id x6PJOYcC052891 for jail@FreeBSD.org; Thu, 25 Jul 2019 19:24:34 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 239417] ARP ping fails from the host to bridged vnet jails Date: Thu, 25 Jul 2019 19:24:34 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 12.0-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: yuri@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-Rspamd-Queue-Id: E6E879195E X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.97 / 15.00]; local_wl_from(0.00)[freebsd.org]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; NEURAL_HAM_SHORT(-0.97)[-0.970,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US]; NEURAL_HAM_LONG(-1.00)[-1.000,0] X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Jul 2019 19:24:35 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D239417 --- Comment #5 from Yuri Victorovich --- (In reply to Eugene Grosbein from comment #4) Hi Eugene, I am doing this in the context of the containerization application that I am working on, yet unannounced (https://github.com/yurivict/crate). It is alre= ady functional, but needs networking and configuration management bits to be ad= ded or fixed. It runs programs and services in jails, and connects them to network dynamically using firewall rules or bridges. The main mode of connectivity is the "blend" mode when it blends with the h= ost IP address using epair(4) and firewall rules. This doesn't involve creation= of IP addresses, and I have it working, except for some minor details. The secondary mode is the "lan" mode which creates a dedicated LAN IP addre= ss for each container. I asked this question originally for this mode. Your suggestion about moving the IP address to the bridge makes sense. The proce= ss looks a bit more invasive than I originally thought it would be, because it would involve altering the network settings, moving the IP to another inter= face for the life of container or all containers and then moving it back, as per your advise. I will try this. This is only needed to find a spare LAN IP to allocate, and is not needed for subsequent container operation. Also this "= lan" mode isn't strictly necessary because the "blend" mode should satisfy most = use cases. I just came up with it, and thought that it would be interesting to implement it too. Thank you for your help! Yuri --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-jail@freebsd.org Thu Jul 25 22:21:33 2019 Return-Path: Delivered-To: freebsd-jail@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 26061AFF7E for ; Thu, 25 Jul 2019 22:21:33 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 0403D68215 for ; Thu, 25 Jul 2019 22:21:33 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 03830AFF7D; Thu, 25 Jul 2019 22:21:33 +0000 (UTC) Delivered-To: jail@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 03314AFF7C for ; Thu, 25 Jul 2019 22:21:33 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id CF32B68212 for ; Thu, 25 Jul 2019 22:21:32 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id AADD557F7 for ; Thu, 25 Jul 2019 22:21:32 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id x6PMLWuF044920 for ; Thu, 25 Jul 2019 22:21:32 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id x6PMLWdR044899 for jail@FreeBSD.org; Thu, 25 Jul 2019 22:21:32 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 239417] ARP ping fails from the host to bridged vnet jails Date: Thu, 25 Jul 2019 22:21:32 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 12.0-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: eugen@freebsd.org X-Bugzilla-Status: Closed X-Bugzilla-Resolution: Works As Intended X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_status resolution Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-Rspamd-Queue-Id: CF32B68212 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.97 / 15.00]; local_wl_from(0.00)[freebsd.org]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; NEURAL_HAM_SHORT(-0.97)[-0.969,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US]; NEURAL_HAM_LONG(-1.00)[-1.000,0] X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Jul 2019 22:21:33 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D239417 Eugene Grosbein changed: What |Removed |Added ---------------------------------------------------------------------------- Status|New |Closed Resolution|--- |Works As Intended --- Comment #6 from Eugene Grosbein --- Closing for now. Feel free to re-open if you find it's really kernel proble= m. --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-jail@freebsd.org Fri Jul 26 21:40:52 2019 Return-Path: Delivered-To: freebsd-jail@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6448FA9F93 for ; Fri, 26 Jul 2019 21:40:52 +0000 (UTC) (envelope-from dave.mehler@gmail.com) Received: from mail-wr1-x434.google.com (mail-wr1-x434.google.com [IPv6:2a00:1450:4864:20::434]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 84270842AB for ; Fri, 26 Jul 2019 21:40:51 +0000 (UTC) (envelope-from dave.mehler@gmail.com) Received: by mail-wr1-x434.google.com with SMTP id r1so55774248wrl.7 for ; Fri, 26 Jul 2019 14:40:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=ee8HGRKssMyEgnq+HSl8cnKP0IYmLFoWATfOEuDdRIY=; b=XiarjqGWbVMw3T/9jZuMXbsQqqpVTv8hC5qC5GsTH3NZwgRzSaCNZdiYQzBX9eWdYf BeuaeYRkK4J+H9pacj+eKdu60U4IssigkXHHPF7cO9h1d4is1ZQmjijCr+uDElXoKBG2 MBIWwrwfzWxn9509oGJRwboN7pMnFptA4Llxvf3VeY11WyWvi/EyyalSSBv2q8BYhGET ytj9cHaHULHtnnWPVu93jtILyqxuSHIk0OmNwdg53Gm+oTa3auvBIW3JjC0RZELoElmJ vgAtvX8ZwGRBeSsz3y/6zX8vye9sCJfZxk/6N+430ahv/Z5CvqKlJ6uYMGW8JKzevH/a uzsA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=ee8HGRKssMyEgnq+HSl8cnKP0IYmLFoWATfOEuDdRIY=; b=ElJLnB6msiVPtL9OfCnwErE1MZxQnkqSBZF5C343xVmJUA1+uX974SOm1tQgn6tvh3 t/jfMmpEDM2hQQY2jEhnJ0PXMh5CVvVMKmJrsB/w6Sg6FcFSBTWxFH7zAyV0XB1Kc1Ir krsBQG9kCRXXzmIB2OxIEeo/9j2GXXh2SpBZRBXHPV/aBJu49UY9nH7TAVhXYjDDM2/r oWHKThO1ZqJn223veprtvnlws1/WJmCKN9q3BjVcJgXheXVDASPhJiSb+1YVTI26CWw5 6n1/68wwSSDZtyu3m8bsTXUd+xHyzLyg2TDiMNZ08A8BwtVrTGbYln+oVr0C6muRj4C5 YcDQ== X-Gm-Message-State: APjAAAVbnAwn6NK2NvRL65uT0oP6rEJ3qvaJRFFHzJOMjFumcp8N1y68 acghGywHcG5xYUUauO4+lUIH1J38bF0odEJXemL0BuUc X-Google-Smtp-Source: APXvYqxn2mDRcDeWY50Ir+CrW7qeIk3o8lbg58/v1tlV/X922VZchd/5uAHVzsIscjh+JRdjmx+RfVQZmvmJa/u7nEk= X-Received: by 2002:a5d:4cc5:: with SMTP id c5mr52053998wrt.278.1564177249653; Fri, 26 Jul 2019 14:40:49 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:adf:f011:0:0:0:0:0 with HTTP; Fri, 26 Jul 2019 14:40:49 -0700 (PDT) From: David Mehler Date: Fri, 26 Jul 2019 17:40:49 -0400 Message-ID: Subject: jailed services dying To: freebsd-jail Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 84270842AB X-Spamd-Bar: ------ Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=XiarjqGW; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of davemehler@gmail.com designates 2a00:1450:4864:20::434 as permitted sender) smtp.mailfrom=davemehler@gmail.com X-Spamd-Result: default: False [-6.93 / 15.00]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36]; FREEMAIL_FROM(0.00)[gmail.com]; RCVD_COUNT_THREE(0.00)[3]; TO_DN_ALL(0.00)[]; MX_GOOD(-0.01)[cached: alt3.gmail-smtp-in.l.google.com]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-0.88)[-0.885,0]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; TAGGED_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com.dwl.dnswl.org : 127.0.5.0]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-jail@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; IP_SCORE(-3.04)[ip: (-9.65), ipnet: 2a00:1450::/32(-3.04), asn: 15169(-2.45), country: US(-0.05)]; RCVD_IN_DNSWL_NONE(0.00)[4.3.4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.5.4.1.0.0.a.2.list.dnswl.org : 127.0.5.0] X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 Jul 2019 21:40:52 -0000 Hello, I've got multiple service jails all on a single vps. One is a webserver running apache 2.4 with php 7.3, the other is a mail server, a complete virtual mail hosting setup with Postfix, Dovecot, Rspamd, the other is a database server running mysql, and I'm wanting to get shared calendars in it in another setup running davical. I appear to be having a problem where ocationally a jail service shuts down, for example the database, which shuts everything else down because no service can access it, or the rspamd in the mail jail shuts down. These are all on a single vps, a dual core I think, 4GB of ram, I'm wondering if i'm hitting a resource bottleneck and if so how to determine it and to limit the specific jail factor that is causing the issue? Any suggestions appreciated. Thanks. Dave. From owner-freebsd-jail@freebsd.org Fri Jul 26 23:49:59 2019 Return-Path: Delivered-To: freebsd-jail@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 2F426AC44A for ; Fri, 26 Jul 2019 23:49:59 +0000 (UTC) (envelope-from allanjude@freebsd.org) Received: from mx1.scaleengine.net (mx1.scaleengine.net [209.51.186.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1065F8841A for ; Fri, 26 Jul 2019 23:49:59 +0000 (UTC) (envelope-from allanjude@freebsd.org) Received: from Allans-MacBook-Pro.local (c-73-231-39-102.hsd1.ca.comcast.net [73.231.39.102]) (Authenticated sender: allanjude.freebsd@scaleengine.com) by mx1.scaleengine.net (Postfix) with ESMTPSA id CF43C2C147 for ; Fri, 26 Jul 2019 23:49:57 +0000 (UTC) Subject: Re: jailed services dying To: freebsd-jail@freebsd.org References: From: Allan Jude Message-ID: <00899202-c933-46d2-860c-ab0eda3bf2f3@freebsd.org> Date: Fri, 26 Jul 2019 19:49:53 -0400 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 1065F8841A X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.99 / 15.00]; local_wl_from(0.00)[freebsd.org]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; NEURAL_HAM_SHORT(-0.99)[-0.990,0]; ASN(0.00)[asn:6939, ipnet:209.51.160.0/19, country:US] X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 Jul 2019 23:49:59 -0000 On 2019-07-26 5:40 p.m., David Mehler wrote: > Hello, > > I've got multiple service jails all on a single vps. One is a webserver > running apache 2.4 with php 7.3, the other is a mail server, a > complete virtual mail hosting > setup with Postfix, Dovecot, Rspamd, the other is a database server > running mysql, and I'm wanting to get shared > calendars in it in another setup running davical. I appear to be > having a problem where ocationally a > jail service shuts down, for example the database, which shuts > everything else down because no service can access it, or the rspamd > in the mail jail shuts down. These are all > on a single vps, a dual core I think, 4GB of ram, I'm wondering if i'm > hitting a resource bottleneck and if so how to determine it and to > limit the specific jail factor that is causing the issue? > > Any suggestions appreciated. > > Thanks. > Dave. > _______________________________________________ > freebsd-jail@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-jail > To unsubscribe, send any mail to "freebsd-jail-unsubscribe@freebsd.org" > If you are running out of memory and the system is killing a process, it will be logged in the host systems /var/log/messages. For the service that died, do its own logs not mention why it shutdown? -- Allan Jude