From owner-freebsd-bugs@freebsd.org  Sat Dec 15 19:04:12 2018
Return-Path: <owner-freebsd-bugs@freebsd.org>
Delivered-To: freebsd-bugs@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 761BD132AD94
 for <freebsd-bugs@mailman.ysv.freebsd.org>;
 Sat, 15 Dec 2018 19:04:12 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org
 [IPv6:2001:1900:2254:206a::50:5])
 by mx1.freebsd.org (Postfix) with ESMTP id ED65C852E6
 for <freebsd-bugs@freebsd.org>; Sat, 15 Dec 2018 19:04:11 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: by mailman.ysv.freebsd.org (Postfix)
 id A77CF132AD93; Sat, 15 Dec 2018 19:04:11 +0000 (UTC)
Delivered-To: bugs@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 84D52132AD92
 for <bugs@mailman.ysv.freebsd.org>; Sat, 15 Dec 2018 19:04:11 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org
 [IPv6:2001:1900:2254:206a::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.ysv.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 058AE852E4
 for <bugs@FreeBSD.org>; Sat, 15 Dec 2018 19:04:11 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org (kenobi.freebsd.org
 [IPv6:2001:1900:2254:206a::16:76])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 5237D10A70
 for <bugs@FreeBSD.org>; Sat, 15 Dec 2018 19:04:10 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.118])
 by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id wBFJ4A9p086656
 for <bugs@FreeBSD.org>; Sat, 15 Dec 2018 19:04:10 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
 by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id wBFJ4ART086653
 for bugs@FreeBSD.org; Sat, 15 Dec 2018 19:04:10 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to
 bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: bugs@FreeBSD.org
Subject: [Bug 234021] 12.0 gateway host with vnet jail running pf firewall &
 NAT has no internet access
Date: Sat, 15 Dec 2018 19:04:10 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 12.0-STABLE
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: Affects Only Me
X-Bugzilla-Who: kp@freebsd.org
X-Bugzilla-Status: Closed
X-Bugzilla-Resolution: Not A Bug
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: bugs@FreeBSD.org
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: bug_status resolution
Message-ID: <bug-234021-227-0TBPAG6dl3@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-234021-227@https.bugs.freebsd.org/bugzilla/>
References: <bug-234021-227@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-bugs>,
 <mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs/>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
 <mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 15 Dec 2018 19:04:12 -0000

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D234021

Kristof Provost <kp@freebsd.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|In Progress                 |Closed
         Resolution|---                         |Not A Bug

--- Comment #10 from Kristof Provost <kp@freebsd.org> ---
(In reply to Joe Barbish from comment #9)
No, the address is not available to the jail. It's not assigned to the jail.
It's assigned on the host. The jail needs the WAN IP assigned to it (on an
interface that belongs to the jail, not bridged to it!).

In addition to that, you cannot have two machines (think of vnet jails as
different machines) in two different subnets communicate directly, and that=
's
exactly what you're trying to do here. Your configuration is wrong.

Write down how you would configure this with two different machines, then t=
ry
to replicate that with the jail and host. (Basically move vge0 into the jai=
l,
have it obtain the WAN IP. Add a second interface, an epair, with an IP in =
the
LAN. On the host bridge the other end of that epair to your em0 LAN interfa=
ce.)

Do not reopen this bug. This is a configuration problem, not a bug. I will =
not
comment further. If you still cannot get it to work seek help on
freebsd-questions@freebsd.org or the freebsd forums. This is not the correct
venue for debugging configuration problems.

--=20
You are receiving this mail because:
You are the assignee for the bug.=