From owner-freebsd-jail@FreeBSD.ORG Fri Feb 5 18:02:54 2010 Return-Path: Delivered-To: freebsd-jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CA2911065698 for ; Fri, 5 Feb 2010 18:02:54 +0000 (UTC) (envelope-from i@levsha.me) Received: from expo.ukrweb.net (mail.univua.net [91.202.128.78]) by mx1.freebsd.org (Postfix) with ESMTP id 36A2F8FC1C for ; Fri, 5 Feb 2010 18:02:54 +0000 (UTC) Received: from [91.193.166.194] (helo=laptop.levsha.me) by expo.ukrweb.net with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.71 (FreeBSD)) (envelope-from ) id 1NdS5y-000Mms-PH; Fri, 05 Feb 2010 19:35:57 +0200 Received: from levsha by laptop.levsha.me with local (Exim 4.71 (FreeBSD)) (envelope-from ) id 1NdS5y-0002J9-LX; Fri, 05 Feb 2010 19:35:54 +0200 Date: Fri, 5 Feb 2010 19:35:54 +0200 From: Mykola Dzham To: Albert Shih Message-ID: <20100205173554.GA3631@laptop.levsha.me> References: <20100205153918.GH31809@obspm.fr> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20100205153918.GH31809@obspm.fr> User-Agent: Mutt/1.5.20 (2009-06-14) Sender: Mykola Dzham X-SA-Exim-Connect-IP: 91.193.166.194 X-SA-Exim-Mail-From: i@levsha.me X-SA-Exim-Scanned: No (on expo.ukrweb.net); SAEximRunCond expanded to false Cc: freebsd-jail@FreeBSD.org Subject: Re: setfib with jail X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Feb 2010 18:02:54 -0000 Albert Shih wrote: > Hi all. > > I'm trying to make setfib working with jail. I'm not sure to do correctly, > but I'm sure it's not working. > > So this is what I do : > > - Rebuild kernel with > > option ROUTETABLES=4 > > - Re-install the kernel, reboot > > - Stop the jail > > - flush all route (not default) on 0 fib > > - create route in 1 fib > > setfib 1 route add default xxx.yyy.zzz.ttt > > - add > > jail_name_fib="1" > > in my rc.conf > > - start the jail with > > /etc/rc.d/jail start name > > > ---> and it's not working because when I do > > jexec Jail_ID bash > netstat -rn > > I see the 0 fib. > > What's wrong ? Try to start ssh in jail, ssh into jail and run netstat -rn fib binds to process and childs, not to jail - jexec and childs started with your current fib, not with jail fib. -- LEFT-(UANIC|RIPE) JID: levsha@jabber.net.ua PGP fingerprint: 1BCD 7C80 2E04 7282 C944 B0E0 7E67 619E 4E72 9280