From owner-freebsd-net@freebsd.org Sun Jul 19 17:19:56 2020 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 61977363B69 for ; Sun, 19 Jul 2020 17:19:56 +0000 (UTC) (envelope-from list1@gjunka.com) Received: from msa1.earth.yoonka.com (yoonka.com [88.98.225.149]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "msa1.earth.yoonka.com", Issuer "msa1.earth.yoonka.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4B8s6z16Phz3Xwp for ; Sun, 19 Jul 2020 17:19:54 +0000 (UTC) (envelope-from list1@gjunka.com) Received: from crayon2.yoonka.com (crayon2.yoonka.com [10.70.7.20]) (authenticated bits=0) by msa1.earth.yoonka.com (8.15.2/8.15.2) with ESMTPSA id 06JHJkAb048874 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for ; Sun, 19 Jul 2020 17:19:46 GMT (envelope-from list1@gjunka.com) To: freebsd-net@freebsd.org From: Grzegorz Junka Subject: No connection between jails Message-ID: <19461599-5ec8-ce6f-6f58-ff2abc41e8f9@gjunka.com> Date: Sun, 19 Jul 2020 17:19:46 +0000 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:68.0) Gecko/20100101 Thunderbird/68.5.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US X-Rspamd-Queue-Id: 4B8s6z16Phz3Xwp X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of list1@gjunka.com designates 88.98.225.149 as permitted sender) smtp.mailfrom=list1@gjunka.com X-Spamd-Result: default: False [-2.19 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:88.98.225.149]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org]; TO_DN_NONE(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-0.83)[-0.829]; DMARC_NA(0.00)[gjunka.com]; NEURAL_HAM_SHORT(-0.27)[-0.271]; NEURAL_HAM_MEDIUM(-0.79)[-0.787]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:56478, ipnet:88.98.192.0/18, country:GB]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 19 Jul 2020 17:19:56 -0000 I have two jails in the same subnet on two different hosts: HOST1 -- jail1 | | HOST2 - jail2 HOST1: 10.70.7.13/16 HOST2: 10.70.70.2/16 jail1: 10.70.5.2/32 jail2: 10.70.7.50/32 Default gateway in the network is 10.70.70.1 but I don't think it matters in this issue. There is network connection between HOST1 and jail2, or HOST 2 and jail1, or between any other host in the network and either jail1 or jail2, however there is no network connection between jail1 and jail2. By network connection I mean exchange of packets, e.g. "telnet destination port". Both hosts and the default gateway are connected to the same psychical switch. There is actually more jails on HOST1 but the situation is analogous - no connection between jails on HOST1 and any jails on HOST2. What am I missing? Both hosts have gateway_enable="YES" in rc.conf (net.inet.ip.forwarding: 1). I am not using VNET, jails are aliased directly in host's network interfaces (lagg0 for HOST1 and em0 for HOST2). Thanks GrzegorzJ