Site Navigation

Date:      Sun, 07 Apr 2013 11:15:14 +0200
From:      Carsten Sonne Larsen <cs@innolan.dk>
To:        freebsd-jail@freebsd.org
Cc:        freebsd-net@freebsd.org
Subject:   Re: Problems with network on host with jail.
Message-ID:  <51613922.6090408@innolan.dk>
In-Reply-To: <65534.1365280473.6122751498602086400@ffe16.ukr.net>
References:  <65534.1365280473.6122751498602086400@ffe16.ukr.net>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

Hi Vitaliy,

One way could be to install arping from /ports/net/arping
and see if you can reach the NIC on the border router
from the LAN zone.

Cheers,

--

On 04/06/2013 22:34, wishmaster wrote:
>   Hi.
> Since I setuped Jail for www stuff in server  there are network problems. Router has 3 NIC's in bridge with aliases.
>
> cloned_interfaces="bridge0"
> ifconfig_bridge0="addm rl1 addm rl2 addm rl3 up"
> ifconfig_rl1="up -wol"
> ifconfig_rl2="up -wol"
> ifconfig_rl3="up -wol"
> ifconfig_bridge0_alias0="inet 10.11.1.1 netmask 255.255.255.0"
> ifconfig_bridge0_alias1="inet 10.12.1.1 netmask 255.255.255.0"
> ifconfig_bridge0_alias2="inet 10.13.1.1 netmask 255.255.255.0"
> ifconfig_bridge0_alias3="inet 10.14.1.1 netmask 255.255.255.192"
> ifconfig_bridge0_alias4="inet 10.15.1.1 netmask 255.255.255.0"
>
> Also I use PF for filtering traffic. There are a lot of rules. In two words: it is unable to reach any host in LAN and also any IP addresses on router, allowed access to Internet only. In other words Jail in original DMZ zone with IP 10.15.1.1.
>
> In random time (about one incident per-(2|3)days) the strange situations is occur: I am unable to ping/ftp/http from jail or from LAN any host in Internet. From/to router - it's ok. Restarting PF and jail seems to have no effect, only router's reboot.
>
>  From pftop I see traffic, coming from jail or LAN but in the other way - no.
>
> Anybody can give me some help in debugging this situation and figure out the problem?
>
> OS: FreeBSD 9.1-STABLE #0: Fri Feb 22 20:51:16 EET 2013 i386
>
> Cheers,
> Vitaliy
> _______________________________________________
> freebsd-jail@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-jail
> To unsubscribe, send any mail to "freebsd-jail-unsubscribe@freebsd.org"

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?51613922.6090408>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact