Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 18 Mar 2020 17:48:36 +0100
From:      Jacques Foucry <jacques+freebsd@foucry.net>
To:        Victor Sudakov <vas@sibptus.ru>
Cc:        freebsd-questions@freebsd.org, freebsd-net@freebsd.org
Subject:   Re: IPv6 in jails
Message-ID:  <20200318164836.GO25617@foucry.net>
In-Reply-To: <20200318151556.GA64871@admin.sibptus.ru>
References:  <20200318151556.GA64871@admin.sibptus.ru>
next in thread | previous in thread | raw e-mail | index | archive | help 

--WBsA/oQW3eTA3LlM
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Le mercredi 18 mars 2020 =E0 22:15:56 (+0700), Victor Sudakov =E0 =E9crit:
> Dear Colleagues,
Hello Victor,

>=20
> Is IPv6 in jails supposed to work? Does not work for me, what am I doing
> wrong?

Suppose to work, and work for me.
>=20
> Here is a test jail:
>=20
> test4 {=20
>         path =3D /d02/jails/test4 ;
>         mount.devfs;
>         ip4 =3D new;
>         ip6 =3D new;
>         ip4.addr =3D 192.168.4.204/24;
>         ip6.addr =3D 2001:470:ecba:3::4/64;
>         host.hostname =3D test4.vas.sibptus.ru ;
>         interface =3D re1 ;
>         allow.raw_sockets =3D true ;
>         exec.start =3D "/bin/sh /etc/rc";
>         exec.stop =3D "/bin/sh /etc/rc.shutdown";
> }


Well there is a difference between your config and mine:

ip6.addr=3D"em0|2a01:4f9:4a:1fd8::16/64";

In my config there is the interface to use (em0 in my case, re1 should be in
yours)
>=20
> However when I look from inside the jail, I see the daemons listening
> only on IPv4:
>=20
> root@test4:/ # sockstat -l
> USER     COMMAND    PID   FD PROTO  LOCAL ADDRESS         FOREIGN ADDRESS=
     =20
> root     sendmail   17178 3  tcp4   192.168.4.204:25      *:*
> root     sshd       17175 3  tcp4   192.168.4.204:22      *:*
> root     syslogd    17110 5  udp4   192.168.4.204:514     *:*
>=20
> If I "ssh 2001:470:ecba:3::4" from outside, I get into the host instead
> of the jail (because 2001:470:ecba:3::4 *is* assigned to re1, but not
> available inside the jail).

Hope my small experience can help you.
--=20
Jacques Foucry

--WBsA/oQW3eTA3LlM
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iHUEAREIAB0WIQRd29C9s3PtOgNIX2tkcaT/7DX1XwUCXnJQ5AAKCRBkcaT/7DX1
X3f9AQCW6HReI88HfgHdKpGHxZGJax+txDbgcmWJEzv+oaYn3gD+I9iaz7011d7z
GSvQfy1AmpRrgAVF81AER+XphppPLJw=
=VyTr
-----END PGP SIGNATURE-----

--WBsA/oQW3eTA3LlM--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20200318164836.GO25617>