Date: Thu, 24 Sep 2020 12:36:35 -0700 From: John-Mark Gurney <jmg@funkthat.com> To: net@FreeBSD.org Subject: odd behavior w/ renaming interfaces and jails... Message-ID: <20200924193635.GD4213@funkthat.com>
next in thread | raw e-mail | index | archive | help
Last night, I was wondering what would happen if you changed the name
of a jail's vnet interface to be the same as one as one that exists
in vnet0.
Well, things work fine, but the surprise is when you destroy the jail,
which reparents the interface back to vnet0...
The short is that ifconfig can't tell the two interfaces apart, as they
both have the same name, BUT you can still rename one interface to make
them unique again, but I'm not sure if it's consistent which one gets
renamed...
I think that the best solution is that if there is a name collision,
that the kernel renames the interface to something like collidedX.
This seems like a minor security issue as it can allow a jail's owner
to cause problems w/ the parent jail unless a very careful process is
done to shutdown the jail (kill all processes, make sure the jail has
no colliding interface names, then destroy jail)...
Thoughts?
root@test:/home/freebsd # jail -c path=/ name=test vnet=new persist=1 vnet.interface=ue0
root@test:/home/freebsd # jexec test sh
root@:/ # set -o vi
root@:/ # ifconfig foobar0 ue0 ue1
ue1
root@:/ # ifconfig -a
lo0: flags=8008<LOOPBACK,MULTICAST> metric 0 mtu 16384
options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
groups: lo
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
ue1: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=80000<LINKSTATE>
ether xx:xx:xx:xx:xx:xx
media: Ethernet autoselect (1000baseT <full-duplex,master>)
status: active
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
root@:/ # ^D
root@test:/home/freebsd # jail -r test
root@test:/home/freebsd # ifconfig -a (0 results) [43/121]
[...]
ue1: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=80000<LINKSTATE>
ether yy:yy:yy:yy:yy:yy
ether xx:xx:xx:xx:xx:xx
hwaddr yy:yy:yy:yy:yy:yy
media: Ethernet autoselect (1000baseT <full-duplex,master>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
[...]
root@test:/home/freebsd # ifconfig ue1 name somethingelse0
somethingelse0
root@test:/home/freebsd # ifconfig -a
[...]
somethingelse0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=80000<LINKSTATE>
ether yy:yy:yy:yy:yy:yy
media: Ethernet autoselect (1000baseT <full-duplex,master>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
ue1: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=80000<LINKSTATE>
ether xx:xx:xx:xx:xx:xx
media: Ethernet autoselect (1000baseT <full-duplex,master>)
status: active
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20200924193635.GD4213>