Date: Sat, 15 Dec 2018 17:26:40 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 234021] 12.0 gateway host with vnet jail running pf firewall & NAT has no internet access Message-ID: <bug-234021-227-GF6xdx2zc9@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-234021-227@https.bugs.freebsd.org/bugzilla/> References: <bug-234021-227@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D234021 Kristof Provost <kp@freebsd.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |Not A Bug Status|In Progress |Closed --- Comment #8 from Kristof Provost <kp@freebsd.org> --- (In reply to Joe Barbish from comment #6) How do you expect pf in the jail to NAT to that address if it's not assigne= d to the jail? >From your original report: Issued from the host with the vnet jail running /root >ifconfig -a ... vge0: flags=3D8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST>=20 metric 0 mtu 1500 options=3D3899<RXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_UCAST, WOL_MCAST,WOL_MAGIC> ether 10:00:60:21:00:93 inet 65.xxx.62.234 netmask 0xfffff000 broadcast 255.255.255.255=20 media: Ethernet autoselect (1000baseT <full-duplex,master>) status: active nd6 options=3D29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>\ You cannot NAT on an address that's not available on that jail. Your configuration is wrong, this won't work. This is not a bug, this is a configuration problem. Bugzilla is not the appropriate venue for tech support. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-234021-227-GF6xdx2zc9>