Date: Fri, 2 Oct 2009 15:50:27 -0400 From: "remodeler" <remodeler@alentogroup.org> To: freebsd-net@freebsd.org Subject: Fw: Re: vimage-assigning interface to jail Message-ID: <20091002195008.M13604@alentogroup.org> In-Reply-To: <20091002190821.M69919@alentogroup.org> References: <20091001173851.M50386@alentogroup.org> <4AC4FD98.3000301@elischer.org> <20091002181509.M38849@alentogroup.org> <4ad871310910021136v3dc3cd2l520102bae715c2bc@mail.gmail.com> <20091002190821.M69919@alentogroup.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Thank you Glen: (sorry this copied twice to glen) > Do you have your nameserver in /etc/resolv.conf ? The jail and hostname both have /etc/resolv.conf set to a nameserver on the local host. I get the same error message pinging to the private-space address of the physical ethernet interface (the server is on a NAT'd development network): PING 192.168.0.10 (192.168.0.10): 56 data bytes ping: sendto: No route to host Some other information: #ngctl list There are 5 total nodes: Name: bridge0 Type: bridge ID: 00000007 Num hooks: 3 Name: ipfw Type: ipfw ID: 00000001 Num hooks: 0 Name: ngeth0 Type: eiface ID: 00000004 Num hooks: 1 Name: ngctl1495 Type: socket ID: 0000000f Num hooks: 0 Name: msk0 Type: ether ID: 00000002 Num hooks: 2 Firewall rules are permissive, allow any to any. The jail environment is: #ifconfig lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=3<RXCSUM,TXCSUM> inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1 nd6 options=33<PERFORMNUD,AUTO_LINKLOCAL> maclabel mls/equal(equal-equal) eth0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 ether 40:0a:0b:0c:0d:01 inet 172.26.75.10 netmask 0xffffffff broadcast 172.26.75.10 inet6 fe80::420a:bff:fe0c:d01%eth0 prefixlen 64 scopeid 0x2 nd6 options=33<PERFORMNUD,AUTO_LINKLOCAL> maclabel mls/low(low-low) with eth0 being a ng_eiface node, moved to the jail with vimage -i testvnet ngeth0. The host environment is: #ifconfig msk0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=11a<TXCSUM,VLAN_MTU,VLAN_HWTAGGING,TSO4> ether [edited] inet 192.168.0.10 netmask 0xffffff00 broadcast 192.168.0.255 inet6 fe80::223:54ff:fe08:2bf7%msk0 prefixlen 64 scopeid 0x1 nd6 options=41<IFDISABLED,PERFORMNUD,AUTO_LINKLOCAL> maclabel mls/low(low-low) media: Ethernet autoselect (100baseTX <full-duplex,flag0,flag1>) status: active lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=3<RXCSUM,TXCSUM> inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2 nd6 options=33<PERFORMNUD,AUTO_LINKLOCAL> maclabel mls/equal(equal-equal) Output of jls from the host is: #jls # JID IP Address Hostname Path # 1 - testnet.myorg.org /jail/j/testnet I cannot set the IP address when I create the jail without an error: ip4.addr=${addr} gives "jail: vnet jails cannot have IP address restrictions"; ip4${addr} gives "jail: ip4: unknown jailsys value "172.26.72.10""; and ip=${addr} gives "jail: unknown parameter: ip". netstat -rn gives: #netstat: kvm not available: /dev/mem: Permission denied #Routing tables #rt_tables: symbol not in namelist /dev/mem is available in the jail environment, and /dev is mounted in the jail. I get a permission denied error on both /dev/mem and /dev/kmem: #ll /dev/kmem (or ll /dev/mem) #ls: /dev/kmem: Permission denied also, #vimage -l testvnet I do have vimage-enabled kernels on both the host and the jails (8.0). I originally installed a non-vimage kernel in the jails, and then updated to a vimage-enabled kernel following instructions in the handbook (using a template system). I am fairly certain I have the new kernel, as uname shows my new build date. Thank you very much again. ------- End of Forwarded Message ------- __ __ ________ ____ ___ ____ ____/ /__ / /__ _____ / ___/ _ \/ __ `__ \/ __ \/ __ / _ \/ / _ \/ ___/ / / / __/ / / / / / /_/ / /_/ / __/ / __/ / /_/ \___/_/ /_/ /_/\____/\__,_/\___/_/\___/_/ The information contained in this message is confidential and is intended for the addressee only. Any unauthorized use, dissemination of the information, or copying of this message is prohibited.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20091002195008.M13604>