From nobody Mon Jan 8 03:12:13 2024 X-Original-To: freebsd-current@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4T7fHm1JgVz56jQb for ; Mon, 8 Jan 2024 03:12:20 +0000 (UTC) (envelope-from zlei@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4T7fHm0sgPz4vBy; Mon, 8 Jan 2024 03:12:20 +0000 (UTC) (envelope-from zlei@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1704683540; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=s1TT9Zy6EqP8Obn+VdjXFVU+4U5zY/MvR5aUUHSfLK4=; b=Nh2cuky3RWpjMfFXuG0hyjpRPSuN9VtYGDNvx78Fv3t3GNNU/QshH9hfry06uIbPqxI4PZ Jw+CGJPRYhRcRGRx5nKwmE3AMJPiJsBhZ3Z28AtkPnEW01VVU4/GNx2PdSHO//nPS04Ojf P3qZtcWML6/VeOYWvG7rdJIg0oJsU1YY35pMa8bk81VNQt/XEMJLifTYM0sV+gVNAq+QeG EpjalK5iBmgf/8kAKsvkGZMjMdoHjQNsD/ITP7H7n2FGjc5PNfbbp7KYpn85xGTFUQizzw 24FtjNRIzQwatEAHSAUehZ/npnb3pXhAW9U7B7j69yFJr5brfK/s04IDrATaHA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1704683540; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=s1TT9Zy6EqP8Obn+VdjXFVU+4U5zY/MvR5aUUHSfLK4=; b=sg2Vag4coYNd8jPkmwL7ZLlZ/I51LVR3UaKuiJ8KbCL8ZVAECsFJp3qg3SmKJ99PDkcf/9 q3pSV99ziRvQAMMrPNEpluCWGkpgROIT3flbRLM+NJSImHd3br1n1KMjXvz0/Fqq8H1IUo QdgKyam5CaVV75PXYDKPWFpqtwkiLHtjZg7ZvDh4k9a6KoWp/5I1JcsPn4IOcAFaL1tA8p Tzm3V+F+naBMiLjrR01B1ApVGeIEXFaDV1VJ0JYNce3RVnGzDbeMz4ie9K62FuTlWbL9HM kGXsX9oBq9T29iiGt9fhQLv8s46iFeK0BNZgye1J3hpsA0XDDA2NwCNuA8VvLg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1704683540; a=rsa-sha256; cv=none; b=OBlgGMZWsSahw2lCk60dplaXV1BvT8jOase+da5WWXunY2/D1Z2eIp0iJKkCsGBGkyH5KK wq7ZO/+X5w3E/pgmrkMrf+kACx/TVZomjixCeS9ErOYehDMw53XyBKkhEKOKgSVndUGIHl 4bMhtl8wJs+P0RGuIuceqEubNdygrGdtins1KNeWPraTpKTGWVvz3ozv6RaU6kjPxiKWDr qY3iWYodTo/wbyNVb9u/bEz2trurDzo+53Of/vlg1xoBX4RC00EgJrnZT78XjfUsQ8RrgA 2xCMurq2g4UXSxuCTWAy22hJIl7NZr3ndrxWDy4//WiGKBs5/9nszYOb3VSf+Q== Received: from smtpclient.apple (ns1.oxydns.net [45.32.91.63]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) (Authenticated sender: zlei/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 4T7fHl1vNfzhvr; Mon, 8 Jan 2024 03:12:19 +0000 (UTC) (envelope-from zlei@FreeBSD.org) Content-Type: text/plain; charset=us-ascii List-Id: Discussions about the use of FreeBSD-current List-Archive: https://lists.freebsd.org/archives/freebsd-current List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-current@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.4\)) Subject: Re: IPFW/IPv6 problem with JAIL: JAIL cannot ping -6 host until host first pings jail (ipv6) From: Zhenlei Huang In-Reply-To: <20240107185057.73c66433@thor.intern.walstatt.dynvpn.de> Date: Mon, 8 Jan 2024 11:12:13 +0800 Cc: FreeBSD CURRENT Content-Transfer-Encoding: quoted-printable Message-Id: <70958CF6-CEF5-43BD-B45C-9765B264BD23@FreeBSD.org> References: <20240107185057.73c66433@thor.intern.walstatt.dynvpn.de> To: FreeBSD User X-Mailer: Apple Mail (2.3696.120.41.1.4) > On Jan 8, 2024, at 1:50 AM, FreeBSD User = wrote: >=20 > Hello, >=20 > I've got a problem with recent CURRENT, running vnet JAILs. > FreeBSD 15.0-CURRENT #28 main-n267432-e5b33e6eef7: Sun Jan 7 13:18:15 = CET 2024 amd64 >=20 > Main Host has IPFW configured and is open for services like OpenLDAP = on UDP/TCP and ICMP > (ipfw is configured via rc.conf in this case, host is listening on = both protocol families > IPv4 and IPv6).=20 >=20 > The host itself has openldap-server 2.6 as a service. The host's = interface is igb0 with > assigned ULA. JAILs (around eight jails) are sharing their vnet = interfaces via a bridge with > the same physical device as the host (igb0). After a while (the time = elapsed is unspecific) How did you create your jails , are they vnet jails ?=20 Is that bridge + epair ? > the jail is unable to contact the host via IPv6: neither UDP, TCP nor = ICMP sent from the JAIL > is reaching the host. IPv4 is working like a charme! No problems = there. >=20 > When pinging the Jail from the main host via ping -6, the jail is = responding! After the first > ping -6, the jail now is able to ping -6 the main host. >=20 > After a fresh reboot, the problem is not present and occurs after a = while and it seems to > happen first to very active jails. >=20 > Kind regards, >=20 > oh >=20 >=20 > --=20 > O. Hartmann >=20 Best regards, Zhenlei