From owner-freebsd-questions@freebsd.org Mon Feb 4 13:57:20 2019 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2B8FE14D14B5 for ; Mon, 4 Feb 2019 13:57:20 +0000 (UTC) (envelope-from che@bein.link) Received: from mail.bein.link (bein.link [37.252.124.82]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 409BF88523 for ; Mon, 4 Feb 2019 13:57:18 +0000 (UTC) (envelope-from che@bein.link) Received: from [192.168.88.205] (unknown [172.16.32.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.bein.link (Postfix) with ESMTPSA id A33DA23838A; Mon, 4 Feb 2019 13:57:16 +0000 (UTC) From: Maxim Filimonov Message-Id: Mime-Version: 1.0 (Mac OS X Mail 12.2 \(3445.102.3\)) Subject: Re: ipsec+gre: no luck accessing a jail Date: Mon, 4 Feb 2019 16:57:15 +0300 In-Reply-To: Cc: Ernie Luzar , freebsd-questions@freebsd.org To: Nikos Vassiliadis References: <5C573C85.1080101@gmail.com> <6ECEFDEA-2A77-432E-88E4-8123356C2362@bein.link> X-Mailer: Apple Mail (2.3445.102.3) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=bein.link; s=mail; t=1549288637; bh=0jFrvPvvZFirwhsVYtU+tkQTfpo=; h=From:Message-Id:Content-Type:Mime-Version:Subject:Date:In-Reply-To:Cc:To:References; b=J0KSbRNF8hyWx59C3UBTEFeOzyg0G5xVSgAMf63S9ITLwHkoCpuTL7CoxJx1BUqdKCCT0bWkxOV4R01vdfvjznUuqPPBjqduOycoyVPReaXZMaGhH3Q/spINoJUT3y4RchnSY68ln5H30/+QfM/W1podnCpQ7EVqKTFsUfC1flY= X-Rspamd-Queue-Id: 409BF88523 X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=bein.link header.s=mail header.b=J0KSbRNF X-Spamd-Result: default: False [-3.36 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_DKIM_ALLOW(-0.20)[bein.link:s=mail]; RCVD_TLS_ALL(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; MV_CASE(0.50)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; DMARC_NA(0.00)[bein.link]; NEURAL_HAM_MEDIUM(-1.00)[-0.998,0]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; MX_GOOD(-0.01)[cached: mail.bein.link]; DKIM_TRACE(0.00)[bein.link:+]; NEURAL_HAM_SHORT(-0.78)[-0.782,0]; R_SPF_NA(0.00)[]; FREEMAIL_TO(0.00)[gmx.com]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+]; IP_SCORE(-0.77)[asn: 196752(-3.85), country: NL(0.02)]; ASN(0.00)[asn:196752, ipnet:37.252.120.0/21, country:NL]; FREEMAIL_CC(0.00)[gmail.com]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2] Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 04 Feb 2019 13:57:20 -0000 >=20 > But if using both without DNS and hostnames *is* ok, would't that make > it a different problem? that lies probably within nginx or DNS? Wait a second, how can this be a problem with dns if the host resolves = correctly? How can that be a problem with nginx if the packages don't reach it? wbr, Maxim Filimonov che@bein.link > On 4 Feb 2019, at 15:01, Nikos Vassiliadis wrote: >=20 >=20 >=20 > On 2/3/19 9:53 PM, Maxim Filimonov wrote: >> If I'm not using GRE or anything, the jail is accessible via the = host's hostname/IP address. >> If I'm using GRE, but not IPSEC, it's available as well. >> If I'm using both, it's still accessible via its ip address, but not = through the host's hostname. >=20 > But if using both without DNS and hostnames *is* ok, would't that make > it a different problem? that lies probably within nginx or DNS? >=20 >> It's FreeBSD 11.2-RELEASE with the latest patches. >> If I'm not looking at the host nginx, everything else works like a = charm. >=20 > Exactly. >=20