From nobody Sat Nov 12 18:46:31 2022 X-Original-To: freebsd-emulation@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4N8llC5JHvz4fgmS for ; Sat, 12 Nov 2022 19:20:07 +0000 (UTC) (envelope-from Mathias.Picker@virtual-earth.de) Received: from www94.your-server.de (www94.your-server.de [213.133.104.94]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4N8llB3yRyz3R78 for ; Sat, 12 Nov 2022 19:20:06 +0000 (UTC) (envelope-from Mathias.Picker@virtual-earth.de) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=virtual-earth.de header.s=default_1811 header.b=C5tDmkmQ; spf=pass (mx1.freebsd.org: domain of Mathias.Picker@virtual-earth.de designates 213.133.104.94 as permitted sender) smtp.mailfrom=Mathias.Picker@virtual-earth.de; dmarc=pass (policy=none) header.from=virtual-earth.de DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=virtual-earth.de; s=default_1811; h=Content-Transfer-Encoding:Content-Type: MIME-Version:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References; bh=v+8raEJok7ub4jYWsYk7Qc/KWETO5Q4v7eN0SdJ8p0w=; b=C5tDmkmQV4u9JTrMxAiSHtqxPd R4kKUmpd9RGhzDsE2wtQ/p7Pn1GhIKf1xEUM9cbvcJN70IWp1Pt/3dLVLAWEL3UxS9LDn27TKdG9b +Ujxo0qEv3/U2zgN4Y4MZ7XVwZCOa+zmUL8vAX7HU9xNVgcWixErpLeggV2cIBMG87yci3X3/a1Ls nO9Hsrdf120rMvi79P13LW2chHv+EI83WgWF+/Fn82ibgFOAnrcWt1QPiTyNw4Uzqc0lLyxylrJhO z8mdgmRLLG7g5hakLNk5W85Yj7POJK/d449apEGiv5vWEpsvyiQ2FnPynb91XFBhk7/qJzq6kDJ+H 46/BM//g==; Received: from sslproxy04.your-server.de ([78.46.152.42]) by www94.your-server.de with esmtpsa (TLSv1.3:TLS_AES_256_GCM_SHA384:256) (Exim 4.92.3) (envelope-from ) id 1otw2v-0004W8-7t for freebsd-emulation@freebsd.org; Sat, 12 Nov 2022 20:20:05 +0100 Received: from [2a01:c22:7202:d200:4a2a:e3ff:fe1a:da58] (helo=danton.virtual-earth.de) by sslproxy04.your-server.de with esmtpsa (TLSv1.3:TLS_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1otw2v-000BQG-2m for freebsd-emulation@freebsd.org; Sat, 12 Nov 2022 20:20:05 +0100 User-agent: mu4e 1.8.10; emacs 28.2 From: Mathias Picker To: freebsd-emulation@freebsd.org Subject: configured ipv6 in vnet jail w. ubuntu 22.04 (jammy) not =?utf-8?Q?=E2=80=A6?= seen by linux tools (IPV&_RECVERR: Protocol not available) Date: Sat, 12 Nov 2022 19:46:31 +0100 Message-ID: <86cz9s2d5n.fsf@virtual-earth.de> List-Id: Development of Emulators of other operating systems List-Archive: https://lists.freebsd.org/archives/freebsd-emulation List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-emulation@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable X-Authenticated-Sender: Mathias.Picker@virtual-earth.de X-Virus-Scanned: Clear (ClamAV 0.103.6/26718/Sat Nov 12 09:53:25 2022) X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.94 / 15.00]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_LONG(-0.99)[-0.994]; NEURAL_HAM_MEDIUM(-0.94)[-0.942]; DMARC_POLICY_ALLOW(-0.50)[virtual-earth.de,none]; R_DKIM_ALLOW(-0.20)[virtual-earth.de:s=default_1811]; R_SPF_ALLOW(-0.20)[+mx:c]; MIME_GOOD(-0.10)[text/plain]; RCVD_IN_DNSWL_NONE(0.00)[213.133.104.94:from]; ARC_NA(0.00)[]; MLMMJ_DEST(0.00)[freebsd-emulation@freebsd.org]; MIME_TRACE(0.00)[0:+]; FROM_EQ_ENVFROM(0.00)[]; ASN(0.00)[asn:24940, ipnet:213.133.96.0/19, country:DE]; DKIM_TRACE(0.00)[virtual-earth.de:+]; RCVD_COUNT_THREE(0.00)[3]; RCPT_COUNT_ONE(0.00)[1]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCVD_TLS_ALL(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_NONE(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; HAS_X_AS(0.00)[] X-Rspamd-Queue-Id: 4N8llB3yRyz3R78 X-ThisMailContainsUnwantedMimeParts: N Hi all, tl;dr: can I convince/configure linux emulation in a jail to show IPv6 as=20 supported? FreeBSD ifconfig in the jail has it configured, linux =E2=80=99sysctl net.ipv6.conf.all.disable_ipv6=3D0=E2=80=99 does not = work. Description: This is on a 13.1-RELEASE-p2 system. I have used debootstrap to create a jail with Ubuntu 22.04. Some parts of my /etc/jail.conf: exec.clean; exec.start=3D"sh /etc/rc"; exec.stop=3D"sh /etc/rc.shutdown"; exec.prestart=3D"logger starting jail $name ..."; exec.poststart=3D"logger jail $name has started"; exec.prestop=3D"logger shutting down jail $name"; exec.poststop=3D"logger jail $name has shut down"; # generic hostnames host.hostname=3D"$name.goodhope.local"; # vnet jails vnet; vnet.interface=3D"${name}_j"; exec.prestart+=3D"/usr/local/bin/jailtobridge $name jailbridge0"; exec.poststop+=3D"/sbin/ifconfig jailbridge0 deletem=20 ${name}_b;/sbin/ifconfig ${name}_b destroy"; exec.consolelog=3D"/var/log/jails/$name-console.log"; litreview { mount.fstab=3D"/jails/fstabs/fstab.litreview"; allow.mount; allow.raw_sockets; allow.read_msgbuf; allow.socket_af; sysvmsg; sysvsem; sysvshm; mount.devfs; exec.start =3D "/bin/dash /etc/rc3.d/S01networking-fbsd"; persist; } I then copied/linked the freebsd tools ifconfig, sysctl and route=20 from /rescue into this to configure networking. In /etc/jail.conf I just startet a small script to call ifconfig,=20 route and sysctl (to switch off ipfw) and used =E2=80=99persist;=E2=80=99 t= o keep=20 the jail running. - - - - - networkinit-fbsd - - - - - - - -=20 #!/bin/sh -e PATH=3D"/sbin:/bin" . /lib/lsb/init-functions log_daemon_msg "Starting FreeBSD network configuration" # deactivate ipfw /bin/sysctl net.inet.ip.fw.enable=3D0 # set network address & route /bin/ifconfig litreview_j inet xxx.xxx.xxx.xxx/28 /bin/route add default xxx.xxx.xxx.xxx /bin/ifconfig litreview_j inet6 xxxx:xxxx:=E2=80=A6./64 /bin/route -6 add default fe80::1%litreview_j /bin/ifconfig lo0 inet 127.0.0.1 - - - - - - - - Result: an ubuntu 22.04 system with working IPv4 connectivity: - - - - - - - -=20 root@litreview:/home/literatur_review# uname -a Linux litreview.goodhope.local 3.17.0 FreeBSD 13.1-RELEASE-p2=20 GENERIC x86_64 x86_64 x86_64 GNU/Linux root@litreview:/home/literatur_review# cat /etc/lsb-release=20 DISTRIB_ID=3DUbuntu DISTRIB_RELEASE=3D22.04 DISTRIB_CODENAME=3Djammy DISTRIB_DESCRIPTION=3D"Ubuntu 22.04.1 LTS" root@litreview:/home/literatur_review# ping -4 google.de ping: WARNING: setsockopt(ICMP_FILTER): Protocol not available PING (172.217.18.3) 56(84) bytes of data. 64 bytes from fra02s19-in-f3.1e100.net (172.217.18.3): icmp_seq=3D1=20 ttl=3D59 time=3D5.05 ms ^C --- ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev =3D 5.051/5.051/5.051/0.000 ms - - - - - - - -=20 Sadly, IPv6 does not work, which I intended to use for=20 accesibility from outside (this is on a server): - - - - - - - -=20 root@litreview:/home/literatur_review# ping -6 google.de ping: IPV6_RECVERR: Protocol not available - - - - - - - -=20 I=E2=80=99m not sure what to make of FreeBSDs ping output: - - - - - - - -=20 root@litreview:/home/literatur_review# ./ping google.de PING6(56=3D40+8+8 bytes) 2a01:4f8:10b:3de:1:1:0:21 -->=20 2a00:1450:4001:829::2003 ping: sendmsg: Permission denied ping6: wrote google.de 16 chars, ret=3D-1 ping: sendmsg: Permission denied ping6: wrote google.de 16 chars, ret=3D-1 ^C --- google.de ping6 statistics --- 2 packets transmitted, 0 packets received, 100.0% packet loss - - - - - - - -=20 ipfw is deactiviated in the jail and does not block icmp from=20 outside the jail (it works from other vnet jails just fine). FreeBSD ifconfig sees both IPv4 and IPv6: - - - - - - - -=20 root@litreview:/home/literatur_review# /bin/ifconfig=20 lo0: flags=3D8049 metric 0 mtu 16384 options=3D680003 inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1 groups: lo nd6 options=3D21 litreview_j: flags=3D8863=20 metric 0 mtu 1500 options=3D8 ether 02:f2:90:e2:1d:0b inet xxx.xxx.xxx.xxx netmask 0xfffffff0 broadcast=20 xxx.xxx.xxx.xxx inet6 xxxx:xxxx:xxxx:xxxx:=E2=80=A6. prefixlen 64 inet6 fe80::f2:90ff:fee2:1d0b%litreview_j prefixlen 64=20 scopeid 0x2 groups: epair media: Ethernet 10Gbase-T (10Gbase-T ) status: active nd6 options=3D21 - - - - - - - -=20 After installing nettools I can see that linux ifconfig also only=20 sees the configured IPv4 address and no IPv6. BTW: ip sees=20 nothing :( - - - - - - - -=20 root@litreview:/home/literatur_review# /usr/sbin/ifconfig=20 eth0: flags=3D4163 mtu 1500 inet xxx.xxx.xxx.xxx netmask 255.255.255.240 broadcast=20 xxx.xxx.xxx.xxx ether 02:f2:90:e2:1d:0b (Ethernet) RX packets 203986 bytes 277350122 (277.3 MB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 146633 bytes 9637488 (9.6 MB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo0: flags=3D4169 mtu 16384 inet 127.0.0.1 netmask [NONE SET] loop (Local Loopback) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 root@litreview:/home/literatur_review# /usr/sbin/ip -4 Cannot open netlink socket: Address family not supported by=20 protocol root@litreview:/home/literatur_review# /usr/sbin/ip -6 Cannot open netlink socket: Address family not supported by=20 protocol - - - - - - - -=20 The usual way to do this fails because of the missing=20 /proc/sys/net/=E2=80=A6 in linprocfs: r- - - - - - - -=20 oot@litreview:/home/literatur_review# sysctl=20 net.ipv6.conf.all.disable_ipv6=3D0 sysctl: cannot stat /proc/sys/net/ipv6/conf/all/disable_ipv6: No=20 such file or directory - - - - - - - -=20 Any idea how I can convince the tools that IPv6 is available is=20 very welcome! Cheers, Mathias --=20 Mathias Picker=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20 Gesch=C3=A4ftsf=C3=BChrer Mathias.Picker@virtual-earth.de virtual earth Gesellschaft f=C3=BCr Wissens re/pr=C3=A4 sentation mbH http://www.virtual-earth.de/ HRB126870 support@virtual-earth.de Westendstr. 142 089 / 1250 3943=20=20=20=20=20=20=20=20=20=20=20=20