Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 19 Mar 2020 14:01:07 +0700
From:      Victor Sudakov <vas@sibptus.ru>
To:        Jacques Foucry <jacques+freebsd@foucry.net>
Cc:        freebsd-questions@freebsd.org, freebsd-net@freebsd.org
Subject:   Re: IPv6 in jails
Message-ID:  <20200319070107.GA86122@admin.sibptus.ru>
In-Reply-To: <20200319065514.GQ25617@foucry.net>
References:  <20200318151556.GA64871@admin.sibptus.ru> <20200318164836.GO25617@foucry.net> <20200319022224.GB80800@admin.sibptus.ru> <20200319065514.GQ25617@foucry.net>

next in thread | previous in thread | raw e-mail | index | archive | help

--zhXaljGHf11kAtnf
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Jacques Foucry wrote:
> > >=20
> > > >=20
> > > > Is IPv6 in jails supposed to work? Does not work for me, what am I =
doing
> > > > wrong?
> > >=20
> > > Suppose to work, and work for me.
> > > >=20
> > > > Here is a test jail:
> > > >=20
> > > > test4 {=20
> > > >         path =3D /d02/jails/test4 ;
> > > >         mount.devfs;
> > > >         ip4 =3D new;
> > > >         ip6 =3D new;
> > > >         ip4.addr =3D 192.168.4.204/24;
> > > >         ip6.addr =3D 2001:470:ecba:3::4/64;
> > > >         host.hostname =3D test4.vas.sibptus.ru ;
> > > >         interface =3D re1 ;
> > > >         allow.raw_sockets =3D true ;
> > > >         exec.start =3D "/bin/sh /etc/rc";
> > > >         exec.stop =3D "/bin/sh /etc/rc.shutdown";
> > > > }
> > >=20
> > >=20
> > > Well there is a difference between your config and mine:
> > >=20
> > > ip6.addr=3D"em0|2a01:4f9:4a:1fd8::16/64";
> > >=20
> > > In my config there is the interface to use (em0 in my case, re1 shoul=
d be in
> > > yours)
> >=20
> > I have a more generic "interface =3D re1" statement, but replacing it w=
ith
> > ip6.addr =3D "re1|2001:470:ecba:3::4" did not produce any effect on the
> > jailed daemons.
> >=20
> > Of course the IPv6 address is present on re1 in both cases (my
> > syntax and your syntax). When the jail is stopped, the address goes
> > away.
>=20
> Did you try to declare the IPv6 as an alias in=20
> /etc/rc.conf file?
>=20
> # Jail Mail
> ifconfig_em0_alias4=3D"inet6 2a01:4f9:4a:1fd8::17 prefixlen 64"

No, I'd prefer for these addresses to be handled by the jail
infrastructure. That is, I want an address to appear when the
corresponding jail goes up, and to disapper when the jail is shut down.

>=20
> Restarting the network stack will make ip persistent and I hope usable by=
 your
> jail.
>=20

I don't want it persistent. If a jail is shut down but its address
persists, it can have undesirable consequences of it suddenly pointing
at the host system.

--=20
Victor Sudakov,  VAS4-RIPE, VAS47-RIPN
2:5005/49@fidonet http://vas.tomsk.ru/

--zhXaljGHf11kAtnf
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQEcBAEBAgAGBQJecxizAAoJEA2k8lmbXsY00xgH+gNZEBMynxv8LI+YTCqkzMbL
2tWPkoQyVrEnwBTKk6M51m0L8V/ZWhwOIGuNclZwpupFVaUZyeqzGm5y/1ib6ok5
dxNnGINsATz/ilule82e6TDzIFY04wDqo6b0ZfTpWiYLH0ixBF8hKWZzELt0eNuc
2WQYsHb8SgG3GJ4ro4jeXhK+rUxZXkn7VHl80BU0zqjdXWZuyM8Co9bKfXv8Dcj7
ah5na3//wS3uJfXs/3jU6qD77LUv2iMjZNi1C3vcxnoEuSvAnoxxwXGa88f9WsxJ
8mepSNdSQJMuXk0apQjs77c0iK7d96UQHfuIRABGPn1UYF1BAVkSW9B2hdyoEWc=
=xZqU
-----END PGP SIGNATURE-----

--zhXaljGHf11kAtnf--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20200319070107.GA86122>