Date: Thu, 31 May 2018 14:40:53 +0100 From: Arthur Chance <freebsd@qeng-ho.org> To: byrnejb@harte-lyne.ca Cc: freebsd-questions@freebsd.org Subject: Re: What have I neglected to do in order to get networking in a jail? Message-ID: <a0b59ab1-d295-de37-4ac0-e0a3ae755b62@qeng-ho.org> In-Reply-To: <3f375650dfee47082e77cba953961a3f.squirrel@webmail.harte-lyne.ca> References: <mailman.92.1527768001.7501.freebsd-questions@freebsd.org> <3f375650dfee47082e77cba953961a3f.squirrel@webmail.harte-lyne.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On 31/05/2018 14:15, James B. Byrne via freebsd-questions wrote: > On Thu, May 31, 2018 04:55, Herbert J. Skuhra wrote: >> On Wed, 30 May 2018 17:24:03 +0200, "James B. Byrne via > >>> root@mx31:~ # ifconfig >>> vtnet0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> >>> metric 0 mtu 1500 >>> options=80028<VLAN_MTU,JUMBO_MTU,LINKSTATE> >>> ether 58:9c:fc:0e:cd:bb >>> hwaddr 58:9c:fc:0e:cd:bb >>> inet 218.185.71.31 netmask 0xffffffff broadcast 218.185.71.31 >>> >>> Why does this jail not have a network connection? >> >> After a quick check I guess you are missing NAT on the host (pf or >> ipfw)? > > One does not require NAT when one has a public IP address assigned to > the I/F. The jail network traffic is not getting off the host system > as I have determined from tcpdump. > > I have set jails up before on a similarly configured host and have > gotten them to work, albeit always with some difficulty or other. > > I've just taken another look at your original mail. I think the key might be in this > [root@host:~]# jls > JID IP Address Hostname Path > 1 127.0.31.1 mx31 /usr/jails/mx31 Note address ^^^^^ > > root@mx31:~ # ifconfig > vtnet0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> > metric 0 mtu 1500 > options=80028<VLAN_MTU,JUMBO_MTU,LINKSTATE> > ether 58:9c:fc:0e:cd:bb > hwaddr 58:9c:fc:0e:cd:bb > inet 218.185.71.31 netmask 0xffffffff broadcast 218.185.71.31 > inet 192.168.216.31 netmask 0xffffffff broadcast 192.168.216.31 > media: Ethernet 10Gbase-T <full-duplex> > status: active > lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 > options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6> > groups: lo > lo1: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 > options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6> > inet 127.0.31.1 netmask 0xffffffff > groups: lo > lo2: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 > options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6> > groups: lo Whatever you think is happening this shows your jail is using a loopback address on a loopback socket. Packets sent from loopback devices or from loopback addresses are simply not going to get off the box. -- An amusing coincidence: log2(58) = 5.858 (to 0.0003% accuracy).
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?a0b59ab1-d295-de37-4ac0-e0a3ae755b62>