Date: Sun, 13 Mar 2022 14:15:44 +0100 From: Michael Gmelin <grembo@freebsd.org> To: "Patrick M. Hausen" <hausen@punkt.de> Cc: Johan Hendriks <joh.hendriks@gmail.com>, Kristof Provost <kp@freebsd.org>, freeBSD-net <freebsd-net@freebsd.org> Subject: Re: epair and vnet jail loose connection. Message-ID: <88632081-99D8-48C8-B5A6-F10E9C5C478A@freebsd.org> In-Reply-To: <7DD42D89-7706-47C2-B8B6-82A29DE9D351@punkt.de> References: <7DD42D89-7706-47C2-B8B6-82A29DE9D351@punkt.de>
next in thread | previous in thread | raw e-mail | index | archive | help
> On 13. Mar 2022, at 14:07, Patrick M. Hausen <hausen@punkt.de> wrote: >=20 > =EF=BB=BFHi all, >=20 > i was a bit puzzled by Michael using bhyve trying to reproduce. > Up until now I thought bhyve uses tap and not epair? >=20 In my setup, FreeBSD 14 runs on a bhyve vm, hosting the jails, which use vne= t. Bare metal -> FreeBSD 13.0 -> bhyve -> FreeBSD Current -> vnet jails haproxy= /web01 Replace bhyve with VMware, AWS, or a bare metal server to understand the set= up. The reason I=E2=80=99m doing this is: 1. I don=E2=80=99t want to update the bare metal host to a non-release versi= on 2. Johan is running his setup inside a vm as well. Best Michael > Anyway ... >=20 >> Am 13.03.2022 um 14:01 schrieb Johan Hendriks <joh.hendriks@gmail.com>: >> I have no idea why it does not work on my setup, which is nothing out of t= he ordinary i think, basic full jails connected to a bridge interface and on= e of them exposed to the world wide web using pf binat. >=20 > What we do is full exposed VNET jails connected to the bridge > on the external interface of the host. ipfw kernel module loaded > but not used in this case, i.e. only the "default to accept" rule active > in the jails. >=20 > I will probably downgrade the production host from 13.1-PRERELEASE > to 13.0-pX tomorrow and see if that changes anything. >=20 > Kind regards, > Patrick > --=20 > punkt.de GmbH > Patrick M. Hausen > .infrastructure >=20 > Kaiserallee 13a > 76133 Karlsruhe >=20 > Tel. +49 721 9109500 >=20 > https://infrastructure.punkt.de > info@punkt.de >=20 > AG Mannheim 108285 > Gesch=C3=A4ftsf=C3=BChrer: J=C3=BCrgen Egeling, Daniel Lienert, Fabian Ste= in
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?88632081-99D8-48C8-B5A6-F10E9C5C478A>