From owner-freebsd-users-jp@FreeBSD.ORG Sat Nov 15 01:11:33 2014 Return-Path: Delivered-To: freebsd-users-jp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 317B6A1D for ; Sat, 15 Nov 2014 01:11:33 +0000 (UTC) Received: from mail-pa0-x234.google.com (mail-pa0-x234.google.com [IPv6:2607:f8b0:400e:c03::234]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id F365FC9F for ; Sat, 15 Nov 2014 01:11:32 +0000 (UTC) Received: by mail-pa0-f52.google.com with SMTP id fa1so18644087pad.39 for ; Fri, 14 Nov 2014 17:11:32 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:date:from:to:subject:message-id:mime-version:content-type :content-transfer-encoding; bh=YZskpayXfRrTaVPQEQC99nNtPI4yQQc8dKaa7rVScj0=; b=JbBdVQuglHb9YBYbV8aiiM4xl9mzSBtWCWQWkT5P4zSPhmhQEneaQOHj0UctV17pNZ /QcvoCQK+rBnjhEdwdm2KqmQ0m5ATn0BTpeyrAu601OTwHgzjzS2+B+s40TIxMthdc17 2LvteZmwPhIE3tuwoa6+K51dxAbwG0WbscBLgcC0CO7ZHPHMd2Us/D1vR9haZrmZXzae CtJyJ1KG/DqklJ+nIWXwgBeHNWYgj8bK3NhHvJRsULDwaBGSk+oEhoiFnBT/JnCNLChF XFn3xdL4RiS6qhuhOzFEjEGT6Qf7pSKpS+34GiZf/ZjAQwv2xkvlxS6RPZUf3aLfe9Le CL7Q== X-Received: by 10.66.151.202 with SMTP id us10mr13344768pab.78.1416013892694; Fri, 14 Nov 2014 17:11:32 -0800 (PST) Received: from mituki (f1m01-0047.din.or.jp. [210.189.108.47]) by mx.google.com with ESMTPSA id ov2sm5484022pdb.91.2014.11.14.17.11.30 for (version=TLSv1 cipher=RC4-SHA bits=128/128); Fri, 14 Nov 2014 17:11:31 -0800 (PST) Sender: Satoshi Togawa Date: Sat, 15 Nov 2014 10:11:19 +0900 From: TOGAWA Satoshi To: freebsd-users-jp@freebsd.org Message-Id: <20141115101119.bacccd7953f5562ab5820224@puyo.org> X-Mailer: Sylpheed 3.4.2 (GTK+ 2.10.14; i686-pc-mingw32) Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-2022-JP Content-Transfer-Encoding: 7bit Subject: [FreeBSD-users-jp 95344] =?iso-2022-jp?b?ZXBhaXIqGyRCJE4bKEJNQUMbJEIlIiVJJWwlOSQsPUUbKEI=?= =?iso-2022-jp?b?GyRCSiMkOSRrGyhC?= X-BeenThere: freebsd-users-jp@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Discussion relevant to FreeBSD communities in Japan List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 15 Nov 2014 01:11:33 -0000 戸川です。 FreeBSD 10.0-Rを使って、jailを複数立ち上げていました。 10.1-Rに上げたところ、起動時にこんなメッセージが出るようになりました。 ---- epair1a: Ethernet address: 02:ff:00:00:04:0a epair1b: Ethernet address: 02:ff:50:00:05:0b epair1a: link state changed to UP epair1b: link state changed to UP epair2a: Ethernet address: 02:ff:00:00:06:0a epair2b: Ethernet address: 02:ff:50:00:07:0b epair2a: link state changed to UP epair2b: link state changed to UP epair1a: promiscuous mode enabled epair3a: Ethernet address: 02:ff:00:00:08:0a epair2a: promiscuous mode enabled epair3b: Ethernet address: 02:ff:50:00:09:0b epair3a: link state changed to UP epair3b: link state changed to UP epair3a: promiscuous mode enabled epair4a: Ethernet address: 02:ff:00:00:05:0a epair4b: Ethernet address: 02:ff:50:00:07:0b epair4a: link state changed to UP epair4b: link state changed to UP epair4a: promiscuous mode enabled epair4b: DAD detected duplicate IPv6 address fe80:2::ff:50ff:fe00:70b: NS in/out=0/0, NA in=0 epair4b: DAD complete for fe80:2::ff:50ff:fe00:70b - duplicate found epair4b: manual intervention required epair4b: possible hardware address duplication detected, disable IPv6 Cannot enable an interface with a link-local address marked duplicate. Cannot enable an interface with a link-local address marked duplicate. Cannot enable an interface with a link-local address marked duplicate. ---- 確かにepair2bとepair4bのMACアドレスが重複するので、そこから生成される IPv6アドレスが重複しているようです。 Webを調べてみたところ、 http://demon-lord.com/doku.php?id=vps:vps_01 にて ---- epairを一つ作成してjailerからprisonerに割り当ててから次のepairを作成すると MACアドレスが重複する場合がある。この場合、それぞれのepairを同じbridgeに 接続するとMACアドレスが重複して通信が行えなくなる。問題を回避する為、 epairの作成は同時期に行う。 ---- という記述がありましたが、現在の /etc/rc.d/jail の仕組みを使って、 この問題を解決するには、どうすれば良いのでしょうか? 現在の/etc/jail.conf は以下です。 ---- allow.mount; allow.sysvipc; vnet; vnet.interface="epair${if}b"; host.hostname = "${name}.example.com"; path = "/usr/jails/${name}"; exec.clean; exec.system_user = "root"; exec.jail_user = "root"; exec.prestart += "ifconfig epair${if} create up > /dev/null"; exec.prestart += "ifconfig bridge0 addm epair${if}a"; exec.start += "/sbin/ifconfig epair${if}b ${ip4addr}/24"; exec.start += "/sbin/route add default 192.168.0.1"; exec.start += "/sbin/ifconfig epair${if}b inet6 accept_rtadv up"; exec.start += "/sbin/rtsol epair${if}b"; exec.start += "/sbin/ifconfig epair${if}b inet6 ${ip6addr} alias"; exec.start += "/sbin/ifconfig epair${if}b inet6 -ifdisabled"; exec.start += "/bin/sh /etc/rc"; exec.stop = ""; exec.poststop += "ifconfig epair${if}a destroy"; exec.consolelog = "/var/log/jail_${name}_console.log"; mount.devfs; mount.fstab = "/etc/fstab.${name}"; mount.fdescfs; mount += "procfs /usr/jails/${name}/proc procfs rw 0 0"; jail01 { $if = 1; $ip4addr = 192.168.0.101; $ip6addr = 2001:380:e03:169::101; } jail02 { $if = 2; $ip4addr = 192.168.0.102; $ip6addr = 2001:380:e03:169::102; } jail03 { $if = 3; $ip4addr = 192.168.0.103; $ip6addr = 2001:380:e03:169::103; } jail04 { $if = 4; $ip4addr = 192.168.0.104; $ip6addr = 2001:380:e03:169::104; } ---- よろしくお願いします。 -- TOGAWA Satoshi