Date: Fri, 2 Feb 2018 11:11:25 -0500 From: "James B. Byrne" <byrnejb@harte-lyne.ca> To: freebsd-questions@freebsd.org Subject: [solved] Re: Jails, ping, and now DNS Message-ID: <31a7ab261a3a67b716edf635923c789c.squirrel@webmail.harte-lyne.ca> In-Reply-To: <5A74875F.9080901@gmail.com> References: <737005a0c3e97d8d1e9306eb52471f89.squirrel@webmail.harte-lyne.ca> <5A74875F.9080901@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, February 2, 2018 10:44, Ernie Luzar wrote: > > Your problem is your using ezjail which uses the deprecated rc.conf > environment-variable method. Most jail users have stopped using ezjail > so support for problems like you are having is very limited. > Actually, no, the problem is not with ezjail at all. I have re-discovered that network changes relating to jails are not completely cleared with: service netif restart && service routing restart & I had found in the past, but had in the meantime forgotten, that is actually necessary to restart the host system to remove all artefacts of previous jailed network configurations. Once I did that then all of the mysterious problems that I was having in the jail disappeared. The hint was when I compared an existing jail with the new one I was attempting to configure. On the pre-existing jail I saw this: # netstat -an | grep -i listen netstat: kvm not available: /dev/mem: No such file or directory tcp4 0 0 *.22 *.* LISTEN tcp4 0 0 127.0.124.1.53 *.* LISTEN On the jail that I was working on I saw this instead: root@hll107:~ # service local_unbound onestatus local_unbound is running as pid 2792. root@hll107:~ # netstat -an | grep -i listen netstat: kvm not available: /dev/mem: No such file or directory tcp4 0 0 127.0.107.1.25 *.* LISTEN Curious is it not? This problem, no listening port 53 open on the jail whilst unbound is running therein, persisted no matter how many times I reset the netif and routing services; both inside the jail and on the host. Shutting down and restarting the jail did not change anything either. However, shutting down and restarting the host and then starting the jail resulted in this: [root@hll107 ~]# netstat -an | grep -i listen netstat: kvm not available: /dev/mem: No such file or directory tcp4 0 0 127.0.107.1.53 *.* LISTEN tcp4 0 0 127.0.107.1.25 *.* LISTEN So something on the host can get misaligned when one does numerous network configuration changes during setup of a new jail. And the only means I have discovered to correct it is to restart the host. -- *** e-Mail is NOT a SECURE channel *** Do NOT transmit sensitive data via e-Mail Do NOT open attachments nor follow links sent by e-Mail James B. Byrne mailto:ByrneJB@Harte-Lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?31a7ab261a3a67b716edf635923c789c.squirrel>