Site Navigation

Date:      Sat, 12 Nov 2022 19:46:31 +0100
From:      Mathias Picker <Mathias.Picker@virtual-earth.de>
To:        freebsd-emulation@freebsd.org
Subject:   configured ipv6 in vnet jail w. ubuntu 22.04 (jammy) not =?utf-8?Q?=E2=80=A6?= seen by linux tools (IPV&_RECVERR: Protocol not available)
Message-ID:  <86cz9s2d5n.fsf@virtual-earth.de>

---

next in thread | raw e-mail | index | archive | help

---

Hi all,

tl;dr:

can I convince/configure linux emulation in a jail to show IPv6 as=20
supported? FreeBSD ifconfig in the jail has it configured,
linux =E2=80=99sysctl net.ipv6.conf.all.disable_ipv6=3D0=E2=80=99 does not =
work.

Description:

This is on a 13.1-RELEASE-p2 system.

I have used debootstrap to create a jail with Ubuntu 22.04.

Some parts of my /etc/jail.conf:

exec.clean;
exec.start=3D"sh /etc/rc";
exec.stop=3D"sh /etc/rc.shutdown";
exec.prestart=3D"logger starting jail $name ...";
exec.poststart=3D"logger jail $name has started";
exec.prestop=3D"logger shutting down jail $name";
exec.poststop=3D"logger jail $name has shut down";

# generic hostnames
host.hostname=3D"$name.goodhope.local";

# vnet jails
vnet;
vnet.interface=3D"${name}_j";
exec.prestart+=3D"/usr/local/bin/jailtobridge $name jailbridge0";
exec.poststop+=3D"/sbin/ifconfig jailbridge0 deletem=20
${name}_b;/sbin/ifconfig ${name}_b destroy";

exec.consolelog=3D"/var/log/jails/$name-console.log";

litreview {
mount.fstab=3D"/jails/fstabs/fstab.litreview";
allow.mount;
allow.raw_sockets;
allow.read_msgbuf;
allow.socket_af;
sysvmsg;
sysvsem;
sysvshm;
mount.devfs;
exec.start =3D "/bin/dash /etc/rc3.d/S01networking-fbsd";
persist;
}


I then copied/linked the freebsd tools ifconfig, sysctl and route=20
from /rescue into this to configure networking.

In /etc/jail.conf I just startet a small script to call ifconfig,=20
route and sysctl (to switch off ipfw) and used =E2=80=99persist;=E2=80=99 t=
o keep=20
the jail running.

- - - - -  networkinit-fbsd - - - - - - - -=20
#!/bin/sh -e
PATH=3D"/sbin:/bin"

. /lib/lsb/init-functions

log_daemon_msg "Starting FreeBSD network configuration"
# deactivate ipfw
/bin/sysctl net.inet.ip.fw.enable=3D0

# set network address & route
/bin/ifconfig litreview_j inet xxx.xxx.xxx.xxx/28
/bin/route add default xxx.xxx.xxx.xxx
/bin/ifconfig litreview_j inet6 xxxx:xxxx:=E2=80=A6./64
/bin/route -6 add default fe80::1%litreview_j

/bin/ifconfig lo0 inet 127.0.0.1
- - - - - - - -

Result: an ubuntu 22.04 system with working IPv4 connectivity:

- - - - - - - -=20
root@litreview:/home/literatur_review# uname -a
Linux litreview.goodhope.local 3.17.0 FreeBSD 13.1-RELEASE-p2=20
GENERIC x86_64 x86_64 x86_64 GNU/Linux
root@litreview:/home/literatur_review# cat /etc/lsb-release=20
DISTRIB_ID=3DUbuntu
DISTRIB_RELEASE=3D22.04
DISTRIB_CODENAME=3Djammy
DISTRIB_DESCRIPTION=3D"Ubuntu 22.04.1 LTS"
root@litreview:/home/literatur_review# ping -4 google.de
ping: WARNING: setsockopt(ICMP_FILTER): Protocol not available
PING  (172.217.18.3) 56(84) bytes of data.
64 bytes from fra02s19-in-f3.1e100.net (172.217.18.3): icmp_seq=3D1=20
ttl=3D59 time=3D5.05 ms
^C
---  ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev =3D 5.051/5.051/5.051/0.000 ms
- - - - - - - -=20

Sadly, IPv6 does not work, which I intended to use for=20
accesibility from outside (this is on a server):

- - - - - - - -=20
root@litreview:/home/literatur_review# ping -6 google.de
ping: IPV6_RECVERR: Protocol not available
- - - - - - - -=20

I=E2=80=99m not sure what to make of FreeBSDs ping output:

- - - - - - - -=20
root@litreview:/home/literatur_review# ./ping google.de
PING6(56=3D40+8+8 bytes) 2a01:4f8:10b:3de:1:1:0:21 -->=20
2a00:1450:4001:829::2003
ping: sendmsg: Permission denied
ping6: wrote google.de 16 chars, ret=3D-1
ping: sendmsg: Permission denied
ping6: wrote google.de 16 chars, ret=3D-1
^C
--- google.de ping6 statistics ---
2 packets transmitted, 0 packets received, 100.0% packet loss
- - - - - - - -=20

ipfw is deactiviated in the jail and does not block icmp from=20
outside the jail (it works from other vnet jails just fine).

FreeBSD ifconfig sees both IPv4 and IPv6:

- - - - - - - -=20
root@litreview:/home/literatur_review# /bin/ifconfig=20
lo0: flags=3D8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=3D680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
        inet 127.0.0.1 netmask 0xff000000
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
        groups: lo
        nd6 options=3D21<PERFORMNUD,AUTO_LINKLOCAL>
litreview_j: flags=3D8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST>=20
metric 0 mtu 1500
        options=3D8<VLAN_MTU>
        ether 02:f2:90:e2:1d:0b
        inet xxx.xxx.xxx.xxx netmask 0xfffffff0 broadcast=20
        xxx.xxx.xxx.xxx
        inet6 xxxx:xxxx:xxxx:xxxx:=E2=80=A6. prefixlen 64
        inet6 fe80::f2:90ff:fee2:1d0b%litreview_j prefixlen 64=20
        scopeid 0x2
        groups: epair
        media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
        status: active
        nd6 options=3D21<PERFORMNUD,AUTO_LINKLOCAL>
 - - - - - - - -=20


After installing nettools I can see that linux ifconfig also only=20
sees the configured IPv4 address and no IPv6. BTW:  ip sees=20
nothing :(

- - - - - - - -=20
root@litreview:/home/literatur_review# /usr/sbin/ifconfig=20
eth0: flags=3D4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet xxx.xxx.xxx.xxx  netmask 255.255.255.240  broadcast=20
        xxx.xxx.xxx.xxx
        ether 02:f2:90:e2:1d:0b  (Ethernet)
        RX packets 203986  bytes 277350122 (277.3 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 146633  bytes 9637488 (9.6 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo0: flags=3D4169<UP,LOOPBACK,RUNNING,MULTICAST>  mtu 16384
        inet 127.0.0.1  netmask [NONE SET]
        loop  (Local Loopback)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
root@litreview:/home/literatur_review# /usr/sbin/ip -4
Cannot open netlink socket: Address family not supported by=20
protocol
root@litreview:/home/literatur_review# /usr/sbin/ip -6
Cannot open netlink socket: Address family not supported by=20
protocol
- - - - - - - -=20

The usual way to do this fails because of the missing=20
/proc/sys/net/=E2=80=A6 in linprocfs:

r- - - - - - - -=20
oot@litreview:/home/literatur_review# sysctl=20
net.ipv6.conf.all.disable_ipv6=3D0
sysctl: cannot stat /proc/sys/net/ipv6/conf/all/disable_ipv6: No=20
such file or directory
- - - - - - - -=20

Any idea how I can convince the tools that IPv6 is available is=20
very welcome!

Cheers, Mathias

--=20
Mathias Picker=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=
=20=20=20=20
Gesch=C3=A4ftsf=C3=BChrer
Mathias.Picker@virtual-earth.de

virtual earth Gesellschaft f=C3=BCr Wissens re/pr=C3=A4 sentation mbH
http://www.virtual-earth.de/           HRB126870
support@virtual-earth.de               Westendstr. 142
089 / 1250 3943=20=20=20=20=20=20=20=20=20=20=20=20

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86cz9s2d5n.fsf>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact