From owner-freebsd-stable@freebsd.org  Sat Mar 24 09:50:14 2018
Return-Path: <owner-freebsd-stable@freebsd.org>
Delivered-To: freebsd-stable@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id E4B22F5BA1F
 for <freebsd-stable@mailman.ysv.freebsd.org>;
 Sat, 24 Mar 2018 09:50:13 +0000 (UTC)
 (envelope-from zarychtam@plan-b.pwste.edu.pl)
Received: from plan-b.pwste.edu.pl (unknown [IPv6:2001:678:618::40])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "plan-b.pwste.edu.pl", Issuer "plan-b.pwste.edu.pl" (not verified))
 by mx1.freebsd.org (Postfix) with ESMTPS id 610A0839E2
 for <freebsd-stable@freebsd.org>; Sat, 24 Mar 2018 09:50:12 +0000 (UTC)
 (envelope-from zarychtam@plan-b.pwste.edu.pl)
Received: from plan-b.pwste.edu.pl (zarychtam@localhost [127.0.0.1])
 by plan-b.pwste.edu.pl (8.15.2/8.15.2) with ESMTPS id w2O9o9a3080372
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO)
 for <freebsd-stable@freebsd.org>; Sat, 24 Mar 2018 10:50:09 +0100 (CET)
 (envelope-from zarychtam@plan-b.pwste.edu.pl)
Received: (from zarychtam@localhost)
 by plan-b.pwste.edu.pl (8.15.2/8.15.2/Submit) id w2O9o9Bm080371
 for freebsd-stable@freebsd.org; Sat, 24 Mar 2018 10:50:09 +0100 (CET)
 (envelope-from zarychtam)
Resent-From: Marek Zarychta <zarychtam@plan-b.pwste.edu.pl>
Resent-Date: Sat, 24 Mar 2018 10:50:09 +0100
Resent-Message-ID: <20180324095009.GA80236@plan-b.pwste.edu.pl>
Resent-To: freebsd-stable@freebsd.org
Date: Fri, 23 Mar 2018 21:02:14 +0100
From: Marek Zarychta <zarychtam@plan-b.pwste.edu.pl>
To: joerg_surmann <joerg_surmann@elektropost.org>
Cc: freebsd-stable@freebsd.net
Subject: Re: Two NIC's inside a Jail
Message-ID: <20180323200214.GA76829@plan-b.pwste.edu.pl>
References: <785ce70f-3f2d-3422-0e95-146b05f7f768@elektropost.org>
 <20180323172504.GA55971@plan-b.pwste.edu.pl>
 <d2b11066-0313-81b9-933c-67721054488c@elektropost.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature"; boundary="jI8keyz6grp/JLjh"
Content-Disposition: inline
In-Reply-To: <d2b11066-0313-81b9-933c-67721054488c@elektropost.org>
User-Agent: Mutt/1.9.4 (2018-02-28)
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-stable>, 
 <mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable/>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 24 Mar 2018 09:50:14 -0000


--jI8keyz6grp/JLjh
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Mar 23, 2018 at 08:17:27PM +0100, joerg_surmann wrote:
> Hi,
>=20
> thanks for yor help.
>=20
> I can't find a solution.
>=20
> But i have find a starnge ip config.
>=20
> in rc.conf on Host(not jail)
>=20
> ifconfig_vmx0_alias1=3D"inet 192.168.100.2=C2=A0 netmask 255.255.255.0"
> ifconfig_em0=3D"inet 213.70.80.92 netmask 255.255.255.0"
>=20
> ifconfig on host say:
> inet 213.70.80.92 netmask 0xffffffff broadcast 213.70.80.92
> inet 192.168.100.2=C2=A0 netmask 0xffffffff broadcast 192.168.100.2
>=20
> ifconfig say to both ip's /32.
>=20
> Maby that's the reason for unavailable the apache.
>=20
> ifconfig iside the jail say the same.
>=20
> I'm a little bit confused.
>=20

Please show also the output of:
netstat -rn

During startup, ezjail is adding one more IP address with /32 mask for
each interface deployed to jail. Consider addressing interfaces on host
these in these way:

in /etc/rc.conf
ifconfig_vmx0_alias1=3D"inet 192.168.100.3  netmask 255.255.255.0"
ifconfig_em0=3D"inet 213.70.80.93 netmask 255.255.255.0"

then in /usr/local/etc/ezjail/myjail.conf=20
export jail_myjail_ip=3D"vmx0|192.168.100.2,em0|213.70.80.92"

If you don't want to waste one more public IP for the host, try to setup
jails from jail.conf(5) instead of ezjail management. You can also give
a try to more sophisticated setup with vnet(9) jails where multiple fibs
for the host will not be required.

Best regards,
--=20
Marek Zarychta

--jI8keyz6grp/JLjh
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQEzBAABCAAdFiEEMOqvKm6wKvS1/ZeCdZ/s//1SjSwFAlq1XUQACgkQdZ/s//1S
jSxhxwf/Xyr8MX7YXNlbhffjRutJXZcrg0oQTQzU8+n0RgQ3PWZHcOxFM4mGJEnH
aqBtH6b+wUgC9oCIh6oXizW0NC6ACGEVFmIGeiLvMjrPF4vEcZ1hNMXCtMq6L2bE
75Iyt0h+kTQSOC+E0drmE/UhLx/k+6o4UaTYVKkjaA8zWVStVpLC4M83uSXj1Y27
ZuT2E3npP69Ncr/jEFWkIpiALC3e65j1ddm4hDTW/mpMgpL8Byj7GjZXF6TbuJWs
e6qLCVRcBivsHqJ6F/SLHgPwJQvwf6jQq0CtcSJnrPryyAoWLMCzQfqp0s47QuTx
sfOG/HwdJ62a7am/Z0Rsj6IXfd6S/g==
=vjML
-----END PGP SIGNATURE-----

--jI8keyz6grp/JLjh--