Date: Sat, 9 May 2020 11:31:10 -0400 From: "John W. O'Brien" <john@saltant.com> To: "Andrey V. Elsukov" <bu7cher@yandex.ru>, FreeBSD Net <freebsd-net@freebsd.org> Cc: "Bjoern A. Zeeb" <bz@FreeBSD.org> Subject: Re: RUNNING flag remains unset upon reinserting a gre into VNET jail Message-ID: <7bd71bc3-26c6-edf3-2218-8502e305e13c@saltant.com> In-Reply-To: <5c2571d4-e42c-4a56-8a96-90f065d36afa@yandex.ru> References: <eeee7437-2ed9-1d75-1750-82a9babf2e83@saltant.com> <cf170c7f-938b-32d7-089a-e5da853b292a@saltant.com> <9d81897c-79af-1da3-f142-88bee5b6522e@FreeBSD.org> <5c2571d4-e42c-4a56-8a96-90f065d36afa@yandex.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --YfPr5y6NQG26GOB8PmiE8mm41IHSlaFe1 Content-Type: multipart/mixed; boundary="8QmPoOab4GFGePXUoJ6Ve2hUa0gyWBnDF" --8QmPoOab4GFGePXUoJ6Ve2hUa0gyWBnDF Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable On 2020/05/07 03:27, Andrey V. Elsukov wrote: > On 06.05.2020 10:00, Andrey V. Elsukov wrote: >>> # create a gre outside the jail, configure its tunnel endpoints >>> >>> ifconfig gre0 create tunnel 10.1.1.1 10.2.2.2 >>> ifconfig gre0 # not RUNNING (OK) >>> >>> # place the gre into the jail, it should be running now >>> >>> ifconfig gre0 vnet demo >>> jexec demo ifconfig gre0 # not RUNNING (not OK) >> >> Hi, >> >> I'm not an advanced jail user, so this is my conclusion from a quick >> code look. It looks to me that all IPv4/IPv6 addresses should be purge= d >> from the interface that was moved from one vnet to another. The fact >> that tunnel's config still here is due to it is stored in the private >> interface's softc. Thus when you move ifnet from one vnet to another, >> ifaddr_event_ext is not handled properly and interface doesn't change >> its state. >> >> If my conclusion is correct, I see two ways to fix this: >> 1. Add if_reassign() method to all tunneling interfaces and clear >> tunnel config when ifnet is moved to new jail. This will force you >> reconfigure interface after moving. Probably this is POLA violation. >=20 > Hi, >=20 > I think this patch should help: > https://people.freebsd.org/~ae/gre.diff >=20 > It is untested, if you have time please, test and report back. > The patch will clear tunnel config after moving from one vnet to > another. Thus you need to reconfigure all addresses. Looks good. root@freebsd:~ # uname -a FreeBSD freebsd 13.0-CURRENT FreeBSD 13.0-CURRENT #1 r360848M: Sat May 9 15:23:00 UTC 2020 root@freebsd:/usr/obj/usr/src/amd64.amd64/sys/GENERIC amd64 root@freebsd:~ # jail -c name=3Ddemo vnet persist root@freebsd:~ # ifconfig ena1 vnet demo root@freebsd:~ # ifconfig gre0 create tunnel 10.1.1.1 10.2.2.2 root@freebsd:~ # ifconfig gre0 vnet demo root@freebsd:~ # jexec demo ifconfig gre0 gre0: flags=3D8010<POINTOPOINT,MULTICAST> metric 0 mtu 1476 options=3D80000<LINKSTATE> groups: gre nd6 options=3D21<PERFORMNUD,AUTO_LINKLOCAL> root@freebsd:~ # jexec demo ifconfig gre0 tunnel 10.1.1.1 10.2.2.2 root@freebsd:~ # jexec demo ifconfig ena1 inet 10.1.1.1 root@freebsd:~ # jexec demo ifconfig gre0 gre0: flags=3D8050<POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1476 options=3D80000<LINKSTATE> tunnel inet 10.1.1.1 --> 10.2.2.2 groups: gre nd6 options=3D21<PERFORMNUD,AUTO_LINKLOCAL> root@freebsd:~ # ifconfig gre0 -vnet demo root@freebsd:~ # ifconfig gre0 gre0: flags=3D8011<UP,POINTOPOINT,MULTICAST> metric 0 mtu 1476 options=3D80000<LINKSTATE> inet6 fe80::1427:e888:767c:dce1%gre0 prefixlen 64 tentative scopeid 0x2 nd6 options=3D23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL> --=20 John W. O'Brien OpenPGP keys: 0x33C4D64B895DBF3B --8QmPoOab4GFGePXUoJ6Ve2hUa0gyWBnDF-- --YfPr5y6NQG26GOB8PmiE8mm41IHSlaFe1 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEUgT925O8rsvNs2oHIjgwc/pAJtYFAl62zL4ACgkQIjgwc/pA Jta9wQgAo6TXMhcDvvWwWCye1QhAeU3JZ7IOEg7Zirt4ViwrX/RpOeVfWY2eaFg8 SW/p/+gHs6CiuSXX6m/nM7hBvIV2lwKyZjPZ+tIuQnS9T/drzmFSGnWah7FOe4cD PEgosLKj12YhIVfHUiqaPdhlOAhU2erkEex+ZxLFDYKprc+ZWn4axUo5yi3W/QQT jpUzAIQpNi/VCvwRm1BaU1adx2Zev5gKwnbaKioOLnDd0nvTncqbvwiJY6WNxNeF 2jLAfWwIiYurPtq6XUaWLubM2RXmdixLE7m5vR/SASXYSey8cIA7TTYHdT389NVP r+gj5idX3OC8NPrPFTUv5E1KDS8lJw== =sP73 -----END PGP SIGNATURE----- --YfPr5y6NQG26GOB8PmiE8mm41IHSlaFe1--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7bd71bc3-26c6-edf3-2218-8502e305e13c>