Date: Fri, 02 Oct 2009 16:38:46 -0700 From: Julian Elischer <julian@elischer.org> To: remodeler <remodeler@alentogroup.org> Cc: freebsd-net@freebsd.org Subject: Re: vimage-assigning interface to jail Message-ID: <4AC68F06.8060305@elischer.org> In-Reply-To: <20091002223304.M55101@alentogroup.org> References: <20091001173851.M50386@alentogroup.org> <4AC4FD98.3000301@elischer.org> <20091002181509.M38849@alentogroup.org> <4ad871310910021136v3dc3cd2l520102bae715c2bc@mail.gmail.com> <20091002190821.M69919@alentogroup.org> <20091002195008.M13604@alentogroup.org> <4AC65C51.7010506@elischer.org> <20091002202650.M67240@alentogroup.org> <4AC66C5F.4050000@elischer.org> <20091002223304.M55101@alentogroup.org>
next in thread | previous in thread | raw e-mail | index | archive | help
remodeler wrote: > Hi: > >> Without doing anything extra except booting, (with no jails started), >> what happens when you duplicate my commands in the previous email? > > #jail -c host.hostname=test path=/ vnet persist > > I substituted persist parameter for command=/bin/tcsh in your example, > otherwise the jail is destroyed when I exit the shell to enter the next command: > > #ifconfig msk0 vnet 1 > > test# ifconfig > lo0: flags=8008<LOOPBACK,MULTICAST> metric 0 mtu 16384 > options=3<RXCSUM,TXCSUM> > maclabel mls/equal(equal-equal) > msk0: flags=8842<BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 > options=11a<TXCSUM,VLAN_MTU,VLAN_HWTAGGING,TSO4> > ether 00:23:54:08:2b:f7 > maclabel mls/low(low-low) > media: Ethernet autoselect > > test#ifconfig msk0 172.28.15.1/24 > > test#netstat -rn > netstat: kvm not available: /dev/mem: Permission denied > Routing tables > rt_tables: symbol not in namelist in the jail do: ls -l /dev/*mem > > test# route add default 192.168.0.1 > route: writing to routing socket: Network is unreachable > add net default: gateway 192.168.0.1: Network is unreachable quite correct think of these as two separate machines. one is on 192.168.0.x and the other is on 172.... obviously the one on 172..... can not set a default route of 192.x.x.x as it can't reach that address. unlike non vnet jails, vnet jails have *completely* separate network stacks and can not communicate with each other except via the wire (or via an pretend wire) (see the epair driver). > > #test# route add default 172.28.15.2 > add net default: gateway 172.28.15.2 > > The host's IP address is set to 192.168.0.10, with a default route of > 192.168.0.1 -- the route command succeeded when I used your example, although > netstat -rn still fails with the same output as above. In my earlier > correspondences, I was pushing a ng_eiface node to the jail instead of the > physical ethernet device. looks like you need to allow it to access /dev/(k)mem somehow. > > Thank you. > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4AC68F06.8060305>