Date: Sun, 7 Jan 2024 18:51:06 +0100 From: FreeBSD User <freebsd@walstatt-de.de> To: FreeBSD CURRENT <freebsd-net@freebsd.org> Subject: IPFW/IPv6 problem with JAIL: JAIL cannot ping -6 host until host first pings jail (ipv6) Message-ID: <20240107185133.68824d89@thor.intern.walstatt.dynvpn.de>
next in thread | raw e-mail | index | archive | help
Hello, I've got a problem with recent CURRENT, running vnet JAILs. FreeBSD 15.0-CURRENT #28 main-n267432-e5b33e6eef7: Sun Jan 7 13:18:15 CET 2024 amd64 Main Host has IPFW configured and is open for services like OpenLDAP on UDP/TCP and ICMP (ipfw is configured via rc.conf in this case, host is listening on both protocol families IPv4 and IPv6). The host itself has openldap-server 2.6 as a service. The host's interface is igb0 with assigned ULA. JAILs (around eight jails) are sharing their vnet interfaces via a bridge with the same physical device as the host (igb0). After a while (the time elapsed is unspecific) the jail is unable to contact the host via IPv6: neither UDP, TCP nor ICMP sent from the JAIL is reaching the host. IPv4 is working like a charme! No problems there. When pinging the Jail from the main host via ping -6, the jail is responding! After the first ping -6, the jail now is able to ping -6 the main host. After a fresh reboot, the problem is not present and occurs after a while and it seems to happen first to very active jails. Kind regards, oh -- O. Hartmann
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20240107185133.68824d89>