Date: Sun, 13 Mar 2022 14:06:02 +0100 From: "Patrick M. Hausen" <hausen@punkt.de> To: Johan Hendriks <joh.hendriks@gmail.com> Cc: Kristof Provost <kp@FreeBSD.org>, Michael Gmelin <grembo@freebsd.org>, freeBSD-net <freebsd-net@freebsd.org> Subject: Re: epair and vnet jail loose connection. Message-ID: <7DD42D89-7706-47C2-B8B6-82A29DE9D351@punkt.de> In-Reply-To: <810820a6-e319-fa78-72a3-3d1cb43f3af3@gmail.com> References: <94B8885D-F63F-40C3-9E7E-158CC252FF9A@FreeBSD.org> <95793CDF-6E72-4FAB-8BF5-F2E67D3F69CD@freebsd.org> <CAOaKuAXze%2BCWy5MDmDSLZ-2Nt_Bfvww9MmWfuPTJT4HB7PSjdw@mail.gmail.com> <F5BF30A3-8060-44FA-9205-5F9901F74E2A@FreeBSD.org> <810820a6-e319-fa78-72a3-3d1cb43f3af3@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi all, i was a bit puzzled by Michael using bhyve trying to reproduce. Up until now I thought bhyve uses tap and not epair? Anyway ... > Am 13.03.2022 um 14:01 schrieb Johan Hendriks = <joh.hendriks@gmail.com>: > I have no idea why it does not work on my setup, which is nothing out = of the ordinary i think, basic full jails connected to a bridge = interface and one of them exposed to the world wide web using pf binat. What we do is full exposed VNET jails connected to the bridge on the external interface of the host. ipfw kernel module loaded but not used in this case, i.e. only the "default to accept" rule active in the jails. I will probably downgrade the production host from 13.1-PRERELEASE to 13.0-pX tomorrow and see if that changes anything. Kind regards, Patrick --=20 punkt.de GmbH Patrick M. Hausen .infrastructure Kaiserallee 13a 76133 Karlsruhe Tel. +49 721 9109500 https://infrastructure.punkt.de info@punkt.de AG Mannheim 108285 Gesch=C3=A4ftsf=C3=BChrer: J=C3=BCrgen Egeling, Daniel Lienert, Fabian = Stein
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7DD42D89-7706-47C2-B8B6-82A29DE9D351>