Date: Fri, 23 Oct 2015 13:41:27 -0400 From: Allan Jude <allanjude@freebsd.org> To: freebsd-jail@freebsd.org Subject: Re: Freebsd 10.1 - Ezjail - OpenVPN - Tun Interface Message-ID: <562A7147.5080002@freebsd.org> In-Reply-To: <VI1PR06MB1037B08D9BEB7B207C602F43F9260@VI1PR06MB1037.eurprd06.prod.outlook.com> References: <VI1PR06MB1037B08D9BEB7B207C602F43F9260@VI1PR06MB1037.eurprd06.prod.outlook.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --EOnwafblGJbqU8NqaaJUDJ9uFq3LsPmXE Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 2015-10-23 11:37, James Lodge wrote: > Hello all, >=20 >=20 > I'm trying to build a jail on FreeBSD 10.1 using ezjail in order to run= OpenVPN. I'm not using vimage and don't particularly want to but I'm hav= ing an issue with networking. >=20 >=20 > OpenVPN daemon is up and running and I can connect successfully as a cl= ient. I receive an IP address as expected, but I cannot route traffic to/= from client/server. The routing table on the client (which is a Windows m= achine) looks fine so I assume the issue is on the server side. I have a = tun interface created on the host and exposed to the jail via devfs rules= =2E The IP address on the tun interface is configure on the host and not = from the jail. I can ping the tun interface IP from the host and the jail= , but not from the client when connected. >=20 >=20 > Client---------public IP --------- lo1 (Jail alias Interface)------tun0= (OpenVPN Interface) >=20 > 10.8.06 x.x.x.x 172.16.1.8 = 10.8.0.1 >=20 >=20 >=20 > OpenVPN Jail Routing Table: >=20 > Internet: > Destination Gateway Flags Netif Expire > 172.16.1.8 link#4 UH lo1 >=20 > Jail Host Routing Table: > Internet: > Destination Gateway Flags Netif Expire > default x.x.0.1 UGS vtnet0 > 10.8.0.0 10.8.0.2 UGS tun0 > 10.8.0.1 link#5 UHS lo0 > 10.8.0.2 link#5 UH tun0 > x.x.0.0/18 link#1 U vtnet0 > x.x.x.x link#1 UHS lo0 > localhost link#3 UH lo0 > 172.16.1.1 link#4 UH lo1 > 172.16.1.2 link#4 UH lo1 > 172.16.1.3 link#4 UH lo1 > 172.16.1.4 link#4 UH lo1 > 172.16.1.5 link#4 UH lo1 > 172.16.1.6 link#4 UH lo1 > 172.16.1.7 link#4 UH lo1 > 172.16.1.8 link#4 UH lo1 >=20 > Client Routing Table: >=20 > IPv4 Route Table > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D > Active Routes: > Network Destination Netmask Gateway Interface Me= tric > 0.0.0.0 0.0.0.0 10.8.0.5 10.8.0.6 = 20 > 10.8.0.1 255.255.255.255 10.8.0.5 10.8.0.6 = 20 > 10.8.0.4 255.255.255.252 On-link 10.8.0.6 = 276 > 10.8.0.6 255.255.255.255 On-link 10.8.0.6 = 276 > 10.8.0.7 255.255.255.255 On-link 10.8.0.6 = 276 >=20 >=20 >=20 > I'm a little stumped as to how to trouble shoot the issue so any help m= uch appreciated. >=20 >=20 > James >=20 >=20 >=20 > _______________________________________________ > freebsd-jail@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-jail > To unsubscribe, send any mail to "freebsd-jail-unsubscribe@freebsd.org"= >=20 Try running 'tcpdump -i tun0 -n' on the host, while pining from the windows machine, and see if the packets are arriving. --=20 Allan Jude --EOnwafblGJbqU8NqaaJUDJ9uFq3LsPmXE Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQIcBAEBAgAGBQJWKnFOAAoJEBmVNT4SmAt+4REP/RUZz2VLtQJRsVvZZq+XjkLq 5/Ym4aHHCc8YOcpSMzBPrpjB4nIL0O95dhZjBYhcrYinU3aDk4if6rqpWyTCmsbj 2ts7m16f00DFbvF2M2vgUBPeAMZvzCINM4i0Epyvm7d0qyhBuTEiHjYiFT7PxLNM jr75tLL9KN34/rcdwTtZg5LdegNu/UGzT8rh5rb7Ql7cTl0gkwmsdjP9ZPdNzQWU m+NSYJOcF9W9InzJIB+TrWhwszE2/gBvQ7UycBL+i3dciYX0BJAhJ7bPi9OiV1Oz 4hxlRYNaEndM0qO0iISqoJktRLMzc26Yhn4DheN35MJGlemJ2pXWE/AiAql8exkP gX55F19aS7gm+z0u66WsrIJaqumTdbXUdNG+1+qsUSEFNnk9Jwz50yUKmjuXTyLW a0l8CPadUJzH7trNVc1mP1kMs5tgpXakhIcNuYWQzlfuGL59hiKmuALvrlnw3Wfp wPJjsO5UQX+/m7ODy+3h6kQH0d+w7TW/aFEntWFreTkafj/Id40wykBH1OrWbYpC p6hz2eKV53rOzoXt9RwK9DgIOy0uniBZd19Ti34sf7mi09wp45qf4WoFfiv0msRq e4aejV47S10UPUjBrM2YRw4S4fAMeu2cFHXamtxLL3eHHcaYfo94gNjF3Gj1Iphp nQlsw5UBdWCTs48N1r0z =E+xu -----END PGP SIGNATURE----- --EOnwafblGJbqU8NqaaJUDJ9uFq3LsPmXE--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?562A7147.5080002>