Date: Tue, 27 Apr 2021 16:56:49 +0300 From: =?UTF-8?B?w5Z6a2FuIEtJUklL?= <ozkan.kirik@gmail.com> To: Michael Gmelin <freebsd@grem.de> Cc: FreeBSD Net <freebsd-net@freebsd.org> Subject: Re: jail - vnet bug - ping: UDP connect: No route to host Message-ID: <CAAcX-AGzSO3w-9E2cy0MSP4dBxvJ2UyinCEKqSLnWjt=Zkun1g@mail.gmail.com> In-Reply-To: <20210412212016.4828daa4@bsd64.grem.de> References: <CAAcX-AGd0=Kf-VnwywyHFEM9jUocO%2BZP4LK0XYBijgz-Pd%2BUGg@mail.gmail.com> <20210412125222.16610891@bsd64.grem.de> <CAAcX-AGuzUvjTTgPELUYoYhOsoQSmWevmsM=QZr_LnvOZ3yMgA@mail.gmail.com> <20210412143852.2c856a0b@bsd64.grem.de> <CAAcX-AEuOr6OsxDOPmUVf=6AP-E6zipqzepszvV7Ku1_d033Mw@mail.gmail.com> <20210412195740.33efe288@bsd64.grem.de> <20210412212016.4828daa4@bsd64.grem.de>
index | next in thread | previous in thread | raw e-mail
Hello Michael, Sorry for late reply. It works after starting ip6addrctl service. Thank you. On Mon, Apr 12, 2021 at 10:20 PM Michael Gmelin <freebsd@grem.de> wrote: > > > On Mon, 12 Apr 2021 19:57:40 +0200 > Michael Gmelin <freebsd@grem.de> wrote: > > > On Mon, 12 Apr 2021 17:45:36 +0300 > > Özkan KIRIK <ozkan.kirik@gmail.com> wrote: > > > > > root@f13:~ # jls -s -j client > > > devfs_ruleset=0 enforce_statfs=2 host=new ip4=inherit ip6=inherit > > > jid=2 name=client osreldate=1300139 osrelease=13.0-RC5 path=/ > > > persist securelevel=-1 sysvmsg=disable sysvsem=disable > > > sysvshm=disable vnet=new allow.nochflags allow.nomlock allow.nomount > > > allow.mount.nodevfs allow.mount.noprocfs allow.mount.notmpfs > > > allow.noquotas allow.noraw_sockets allow.noread_msgbuf > > > allow.reserved_ports allow.set_hostname allow.nosocket_af > > > allow.suser allow.nosysvipc allow.unprivileged_proc_debug > > > children.max=0 host.domainname="" host.hostid=0 host.hostname="" > > > host.hostuuid=00000000-0000-0000-0000-000000000000 > > > > I can reproduce the issue now, I'll try to dig deeper into it. > > > > -m > > > > [...snipsnap...] > > > > Hi Özkan, > > This is caused by ping using getaddrinfo to determine the address > family to be used. You can check this by running > > getaddrinfo www.google.com > > inside and outside of your jail and compare the results. > > Inside your jail, inet6 entries are on top, while on your host, inet > entries are on top. > > Configuration of address selection is done using /etc/rc.d/ip6addrctl, > which is enabled by default using a policy of AUTO (see > /etc/defaults/rc.conf). > > As your simple jail doesn't call any rc scripts, your missing this step. > > The easiest way to workaround the issue is to explicitly call: > > service ip6addrctl start > > after creating your vnet jail, or creating your vnet jail using: > > jail -c name=client persist vnet vnet.interface=em1 \ > exec.start="service ip6addrctl start" > > Best, > Michael > > -- > Michael Gmelin >help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAAcX-AGzSO3w-9E2cy0MSP4dBxvJ2UyinCEKqSLnWjt=Zkun1g>