From owner-freebsd-jail@FreeBSD.ORG Mon Mar 19 08:10:59 2012 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 5FA46106567B for ; Mon, 19 Mar 2012 08:10:59 +0000 (UTC) (envelope-from nvass@gmx.com) Received: from mailout-eu.gmx.com (mailout-eu.gmx.com [213.165.64.42]) by mx1.freebsd.org (Postfix) with SMTP id D48878FC1A for ; Mon, 19 Mar 2012 08:10:58 +0000 (UTC) Received: (qmail invoked by alias); 19 Mar 2012 08:10:57 -0000 Received: from g230069002.adsl.alicedsl.de (EHLO [192.168.178.28]) [92.230.69.2] by mail.gmx.com (mp-eu005) with SMTP; 19 Mar 2012 09:10:57 +0100 X-Authenticated: #46156728 X-Provags-ID: V01U2FsdGVkX1/5iJpE5CH5KNA4f4NU6gqLKzeIpoFHPwWoqD1Fop +dBboumePAZRxV Message-ID: <4F66EA0F.6080104@gmx.com> Date: Mon, 19 Mar 2012 09:10:55 +0100 From: Nikos Vassiliadis User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.17) Gecko/20110414 Thunderbird/3.1.10 MIME-Version: 1.0 To: Palle Girgensohn References: <4F6673FD.2040809@FreeBSD.org> <4F66E535.9010607@gmx.com> <4F66E89B.9090704@FreeBSD.org> In-Reply-To: <4F66E89B.9090704@FreeBSD.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Y-GMX-Trusted: 0 Cc: freebsd-jail@freebsd.org Subject: Re: VMNET - problem with epair in jail, cannot ping itself? X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Mar 2012 08:10:59 -0000 On 3/19/2012 9:04 AM, Palle Girgensohn wrote: > > > Nikos Vassiliadis skrev: >> On 3/19/2012 12:47 AM, Palle Girgensohn wrote: >>> Hi! >>> >>> When I create an epair and pu one end inside a jail, and give that >>> interface an IP address, the jail still seems to want to use the lo0 >>> interface to route traffic to that interface on the inside. >>> >>> Everything else works, I can set up bridges just like it would be an >>> ethernet switch, add services on the inside, it is all fine, except this >>> little annoying bug(?). >>> >>> See here: >>> >>> [root@hostname /home/girgen]# ifconfig epair create >>> epair0a >>> [root@hostname /home/girgen]# jail -c vnet name=bar host.hostname=bar >>> path=/ persist >>> [root@hostname /home/girgen]# jls >>> JID IP Address Hostname Path >>> 1 - bar / >>> [root@hostname /home/girgen]# ifconfig epair0b vnet bar >>> [root@hostname /home/girgen]# ifconfig -a >>> bce0: flags=8843 metric 0 mtu >>> 1500 >>> options=c01bb >>> >>> ether 00:23:7d:23:9d:44 >>> inet 1.2.3.144 netmask 0xffffffc0 broadcast 1.2.3.191 >>> inet6 fe80::223:7dff:fe23:9d44%bce0 prefixlen 64 scopeid 0x1 >>> nd6 options=29 >>> media: Ethernet autoselect (1000baseT) >>> status: active >>> bce1: flags=8802 metric 0 mtu 1500 >>> options=c01bb >>> >>> ether 00:23:7d:23:9d:42 >>> nd6 options=29 >>> media: Ethernet autoselect >>> lo0: flags=8049 metric 0 mtu 16384 >>> options=3 >>> inet6 ::1 prefixlen 128 >>> inet6 fe80::1%lo0 prefixlen 64 scopeid 0x9 >>> inet 127.0.0.1 netmask 0xff000000 >>> nd6 options=21 >>> epair0a: flags=8842 metric 0 mtu >>> 1500 >>> options=8 >>> ether 02:f9:05:00:0a:0a >>> nd6 options=29 >>> media: Ethernet 10Gbase-T (10Gbase-T) >>> status: active >>> [root@hostname /home/girgen]# jexec bar ifconfig -a >>> lo0: flags=8008 metric 0 mtu 16384 >>> options=3 >>> nd6 options=21 >>> epair0b: flags=8842 metric 0 mtu >>> 1500 >>> options=8 >>> ether 02:f9:05:00:0b:0b >>> nd6 options=21 >>> media: Ethernet 10Gbase-T (10Gbase-T) >>> status: active >>> [root@hostname /home/girgen]# jexec bar ifconfig epair0b 10.1.1.2 >>> netmask 0xffffff00 up >>> [root@hostname /home/girgen]# jexec bar ping 10.1.1.2 >>> PING 10.1.1.2 (10.1.1.2): 56 data bytes >>> ^C >>> --- 10.1.1.2 ping statistics --- >>> 3 packets transmitted, 0 packets received, 100.0% packet loss >>> [root@hostname /home/girgen]# jexec bar route -n get 10.1.1.2 >>> route to: 10.1.1.2 >>> destination: 10.1.1.2 >>> interface: lo0 >>> flags: >>> recvpipe sendpipe ssthresh rtt,msec mtu weight expire >>> 0 0 0 0 16384 1 0 >>> [root@hostname /home/girgen]# >>> >>> >>> >>> Now why would the jail think that lo0 is the way to go to find 10.1.1.2? >> >> That's because 10.1.1.2 is a local address for jail bar and all local >> addresses are reachable via lo0. Keep in mind that this is the vnet's >> lo0 and has nothing to do with the host's lo0. Just "up" your vnet's lo0 >> interface and everything will be ok. The lo0 loopback interface is >> prerequisite for networking. >> >> HTH, Nikos > > Ah, OK, thanks. I had not grasped that. > > But it does not work? > > [root@hostname /home/girgen]# jexec bar ifconfig lo0 localhost up > [root@hostname /home/girgen]# jexec bar ifconfig -a > lo0: flags=8049 metric 0 mtu 16384 > options=3 > inet6 ::1 prefixlen 128 > inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1 > inet 127.0.0.1 netmask 0xff000000 > nd6 options=21 > epair0b: flags=8843 metric 0 mtu > 1500 > options=8 > ether 02:f9:05:00:0b:0b > inet6 fe80::f9:5ff:fe00:b0b%epair0b prefixlen 64 scopeid 0x2 > inet 10.1.1.2 netmask 0xffffff00 broadcast 10.1.1.255 > nd6 options=21 > media: Ethernet 10Gbase-T (10Gbase-T) > status: active > [root@hostname /home/girgen]# jexec bar ping 10.1.1.2 > PING 10.1.1.2 (10.1.1.2): 56 data bytes > ^C > --- 10.1.1.2 ping statistics --- > 3 packets transmitted, 0 packets received, 100.0% packet loss > [root@hostname /home/girgen]# jexec bar ping localhost > PING localhost (127.0.0.1): 56 data bytes > 64 bytes from 127.0.0.1: icmp_seq=0 ttl=64 time=0.045 ms > 64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.030 ms > ^C > --- localhost ping statistics --- > 2 packets transmitted, 2 packets received, 0.0% packet loss > round-trip min/avg/max/stddev = 0.030/0.037/0.045/0.007 ms > [root@hostname /home/girgen]# Yes, that's somehow normal. You have to "up" lo0 before any other interface initialization take place. Otherwise the routes to self do not work properly. So, in vnet bar do: ifconfig epair0b 10.1.1.200 ifconfig epair0b 10.1.1.2 and things will hopefully work. Nikos