From owner-freebsd-net@FreeBSD.ORG Tue Jan 28 17:17:46 2014 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C71FDDDB for ; Tue, 28 Jan 2014 17:17:46 +0000 (UTC) Received: from mail-vc0-x234.google.com (mail-vc0-x234.google.com [IPv6:2607:f8b0:400c:c03::234]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 7C1A412E9 for ; Tue, 28 Jan 2014 17:17:46 +0000 (UTC) Received: by mail-vc0-f180.google.com with SMTP id ks9so438281vcb.11 for ; Tue, 28 Jan 2014 09:17:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=berentweb.com; s=google; h=mime-version:reply-to:sender:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=SnwwIytR+mJVZbBac9wiD0A0jNZD0tbQPgMJHOblfh0=; b=emZx+8wo3aeOGoIxNTjKqGsr2NdPCatFdyx6VPLmq1NPO6r5blX2A8mR6b7ZpVaENk 4ohNYdu7Qjl0mgdxDp83Z7qMSd+Rox4nOXL9m1uPfubxlIl5UBfz5XMszpJlAcKVNMZt 1ekxhTRpoLfrCfZGib2enBEDvAJIRvRvBEkek= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:reply-to:sender:in-reply-to :references:date:message-id:subject:from:to:cc:content-type; bh=SnwwIytR+mJVZbBac9wiD0A0jNZD0tbQPgMJHOblfh0=; b=h4PNqRXJbZIxlR4HY5fR2OWpRe+sspZfBc4q6e9RFX743OGYdQIYHnRmyx6iCigKtp 7E/OwgZdRqtBsWRiY/Q83+FEu1o/BZ380yfCelgDqeRYZD0/jHOnbnIWdl/tqeTNajG1 TMghJmfoxTPMt7UCd8mMWgdFZ8+hOTfOOWDbj3y7K1mcmhb4kLXKXI2YaFvoM2gLayPr g/7l+JaZRl2yXfjb2r4EJBKbC0bnlHsx/Xb631AhNkS68OgyVKFmE7SaBWknNDf047e3 H21LV2XIzdP1O00eEdZ0MtONQU7jQqL6CesQpzeZ5B6RNmZn+uLHPKXPOaMh8BF42SA2 oIKg== X-Gm-Message-State: ALoCoQlhuPj+UdBYzwEmkQdiCWpgJU4ANsqFGNq5Q26SFjw5kZU48VRx3jwvQu3LGW+ExHzuy5oI MIME-Version: 1.0 X-Received: by 10.52.116.71 with SMTP id ju7mr954206vdb.31.1390929465500; Tue, 28 Jan 2014 09:17:45 -0800 (PST) Sender: rsb@berentweb.com Received: by 10.220.146.145 with HTTP; Tue, 28 Jan 2014 09:17:45 -0800 (PST) X-Originating-IP: [83.66.215.241] In-Reply-To: <52E7A9D8.30604@freebsd.org> References: <1390909590119-5880672.post@n5.nabble.com> <52E7A9D8.30604@freebsd.org> Date: Tue, 28 Jan 2014 19:17:45 +0200 X-Google-Sender-Auth: -IV9VPWfFpVpJ8UvXMb-CBHEQ0U Message-ID: Subject: Re: Jails on fib problem From: Beeblebrox To: Julian Elischer Content-Type: text/plain; charset=ISO-8859-1 Cc: freebsd-net@freebsd.org X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list Reply-To: zaphod@berentweb.com List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Jan 2014 17:17:46 -0000 > what's a fib device? Do you mean each jail has a different default fib? > you are not using vimage jails? Hi Julian. * No vimage * All jails use the same fib. /etc/rc.conf: cloned_interfaces="lo2" ifconfig_lo2="inet 127.0.1.1/28" static_routes="jail default" route_jail="default 127.0.1.1 -fib 1" route_default="default 192.168.1.1" > so they all have the same address?? can you even do that? or you mean that > they all have the same default route? I mean same default route, jail IP's start from 127.0.1.2/32 and go to 127.0.1.6/32 jail.conf assigns fib with "exec.fib = 1;" jails on the 127.0.1.1/28 subnet range should be able to route traffic through the 127.0.0.1 gateway regardless of the fact that the jails themselves reside on a /32 subnet. However, it's not working smoothly > fibs don't have devices. Yes, I know - a misnomer. setfib 1 netstat -rn Destination Gateway Flags Netif Expire default 127.0.1.1 UGS lo2 127.0.0.1 link#3 UH lo0 127.0.1.1 link#4 UH lo2 127.0.1.2 link#4 UH lo2 127.0.1.3 link#4 UH lo2 127.0.1.4 link#4 UH lo2 192.168.1.0/24 link#1 U re0 (Ext_If) 192.168.2.0/26 link#2 U re1 (Lan_If) To complicate things further, I also have a vboxnet0 for VBox guests. 127.0.1.2 is a dns jail for example. The Internal LAN clients, vboxnet0 guests and lo0 need to resolve names from that jail.