From owner-freebsd-jail@FreeBSD.ORG  Mon Mar  9 18:35:44 2009
Return-Path: <owner-freebsd-jail@FreeBSD.ORG>
Delivered-To: freebsd-jail@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 85F1F106566B
	for <freebsd-jail@FreeBSD.org>; Mon,  9 Mar 2009 18:35:44 +0000 (UTC)
	(envelope-from jamie@FreeBSD.org)
Received: from gritton.org (gritton.org [161.58.222.4])
	by mx1.freebsd.org (Postfix) with ESMTP id 188A48FC14
	for <freebsd-jail@FreeBSD.org>; Mon,  9 Mar 2009 18:35:43 +0000 (UTC)
	(envelope-from jamie@FreeBSD.org)
Received: from guppy.corp.verio.net (fw.oremut02.us.wh.verio.net
	[198.65.168.24]) (authenticated bits=0)
	by gritton.org (8.13.6.20060614/8.13.6) with ESMTP id n29IF3Li065224;
	Mon, 9 Mar 2009 12:15:04 -0600 (MDT)
Message-ID: <49B55CA2.7090300@FreeBSD.org>
Date: Mon, 09 Mar 2009 12:14:58 -0600
From: Jamie Gritton <jamie@FreeBSD.org>
User-Agent: Thunderbird 2.0.0.19 (X11/20090109)
MIME-Version: 1.0
To: Kage <kagekonjou@gmail.com>
References: <d1556b2b0903081122p1753b34ej3677083988124805@mail.gmail.com>
	<d1556b2b0903081405r62961134i1296c571b22eac95@mail.gmail.com>
In-Reply-To: <d1556b2b0903081405r62961134i1296c571b22eac95@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: ClamAV version 0.94.2,
	clamav-milter version 0.94.2 on gritton.org
X-Virus-Status: Clean
Cc: freebsd-jail@FreeBSD.org
Subject: Re: Problem using bz's multi-IP/IPv6/No-IP Jail Patch (7-STABLE)
X-BeenThere: freebsd-jail@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Discussion about FreeBSD jail\(8\)" <freebsd-jail.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-jail>,
	<mailto:freebsd-jail-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-jail>
List-Post: <mailto:freebsd-jail@freebsd.org>
List-Help: <mailto:freebsd-jail-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-jail>,
	<mailto:freebsd-jail-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Mar 2009 18:35:44 -0000

Kage wrote:

> Encountering more issues now.  Binding just an IPv6 address to a jail
> shows up in jls -v, but when I run ifconfig -a in the jail, I get an
> error I've never encountered, and doesn't show up on any Google
> search:
> 
> [root@nub:/etc] jls -v
>    JID  Hostname                      Path
>         Name                          State
>         CPUSetID
>         IP Address(es)
>      9  jail.template.tld             /usr/jails/TEMPLATE
>                                       ALIVE
>         10
>         2610:150:c248:dead:beef:c0ff:eec0:deaa
> 
> [root@jail:/] ifconfig -a
> ifconfig: socket(family 2,SOCK_DGRAM): Protocol not supported

Recent patches reject sockets in jails that have no addresses in the
socket's family.  So if you jail has no IPv6 addresses, you won't be
able to create any IPv6 sockets.  Likewise your case: if that jail has
no IPv4 addresses, then it's an IPv4-less jail, and IPv4 sockets won't
work (Protocol not supported).  For actual network connections, this
makes sense: you won't be able to bind or connect with this socket, as
there are no IPv4 addresses in the system.

But ifconfig is a different situation.  It just needs a socket of some
sort, and AF_INET has always worked, because any networked system always
has IPv4 support.  But in an IPv4-less system (which an IPv4-less jail
not acts like), this default isn't useful.  Something will need to be
fixed.  I'm not sure if that something is ifconfig or the kernel.

- Jamie