From owner-freebsd-jail@FreeBSD.ORG Thu Aug 1 11:48:22 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 82564ECF for ; Thu, 1 Aug 2013 11:48:22 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 56FD92C8E for ; Thu, 1 Aug 2013 11:48:22 +0000 (UTC) Received: from compute6.internal (compute6.nyi.mail.srv.osa [10.202.2.46]) by gateway1.nyi.mail.srv.osa (Postfix) with ESMTP id 4EE0421479 for ; Thu, 1 Aug 2013 07:48:20 -0400 (EDT) Received: from web3 ([10.202.2.213]) by compute6.internal (MEProxy); Thu, 01 Aug 2013 07:48:20 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=message-id:from:to:mime-version :content-transfer-encoding:content-type:subject:date:in-reply-to :references; s=smtpout; bh=YP02hUKDNjSEv+jUZ+rWNo6sAxs=; b=X9XgO qNlZe3QILKS8jZug/VsHiJrX3niZdY5YB1+bVGYZl7lJ2tgmQJw1A3J3MgMzvNVb o6v+AATgy+qD4WmmMTmG1OqF6XHVQYM0enurGYwD+kxalbby1lIgpVaTR67QU9mk E24+O216PBNXZFq4lDpoyfWBZw/SLPqrN/L31E= Received: by web3.nyi.mail.srv.osa (Postfix, from userid 99) id 323C7B01FE5; Thu, 1 Aug 2013 07:48:20 -0400 (EDT) Message-Id: <1375357700.9597.4374227.38E046B6@webmail.messagingengine.com> X-Sasl-Enc: LKyrhjVUGFDBlzdx7uMRmt7xcdM7XuH4CfMLZjduYpej 1375357700 From: Mark Felder To: freebsd-jail@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Mailer: MessagingEngine.com Webmail Interface - ajax-2d520484 Subject: Re: Starting jail breaks routing / multi-network jail Date: Thu, 01 Aug 2013 06:48:20 -0500 In-Reply-To: References: X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 11:48:22 -0000 On Wed, Jul 31, 2013, at 20:55, Josh Beard wrote: > > Starting a jail with a LAN and public address changes the host's routing > table and will not talk over the public network. Cycling the netif and > routing services resolves it. > I'm not aware of the routing issue you're describing. I had a need not too long ago for a 32bit system to get migrated to 64bit, but first we needed to run it in a 32bit jail while we formulated the plan. This server had several NICs on different networks which were all passed to the jail. Many were private, a couple were public. The routing itself worked fine; the problem was that raw sockets always picked the first interface of the jail. The most obvious breakage was ping. However, TCP and UDP worked fine to all networks. This was 9.0-RELEASE at the time. I do have a PR for my issue here: http://www.freebsd.org/cgi/query-pr.cgi?pr=168678 Are you sure you aren't just running into that? Although, I really doubt restarting routing would fix it, so you must be hitting another anomaly...