Date: Sun, 4 Oct 2015 20:54:28 -0400 From: Jon Radel <jon@radel.com> To: freebsd-questions@freebsd.org Subject: Re: IPv6 only Jails cannot connect to the outside world Message-ID: <5611CA44.4030602@radel.com> In-Reply-To: <CA%2BtpaK0fyqEvc3kWMfhD9teogTG8euWfqEn1szmUhYXQ5e_UCg@mail.gmail.com> References: <5611AFCA.4010909@kulturflatrate.net> <CA%2BtpaK0fyqEvc3kWMfhD9teogTG8euWfqEn1szmUhYXQ5e_UCg@mail.gmail.com>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --]
On 10/4/15 7:15 PM, Adam Vande More wrote:
> You haven't demonstrated IPv6 doesn't work. You've only demonstrated name
> resolution on an IPv6 jail doesn't work.
>
To expand on Adam's observation, I use an IPv6-only (well it does have
an IPv4 loopback address) jail on an otherwise dual-stacked machine,
using ezjail and it works fine. Of course
root@mns:~ # cat /etc/resolv.conf
search radel.com
nameserver 2001:4830:1707:5237::10:1
nameserver 2001:470:880a:5237::7:1
options edns0 timeout:1
root@mns:~ #
I don't bother mentioning ipv4 resolvers in resolv.conf, but the end
result is that the test you were trying works fine:
root@mns:~ # telnet google.com 80
Trying 2607:f8b0:4004:807::1006...
Connected to google.com.
Escape character is '^]'.
blort
HTTP/1.0 400 Bad Request
<snip>
and from /usr/local/etc/ezjail the most pertinent part of the config for
that jail:
export jail_mns_radel_com_hostname="mns.radel.com"
export
jail_mns_radel_com_ip="lo1|127.0.0.2,em0|2001:4830:1707:5237::10:2:1,em0|2001:470:880a:5237::10:2:1"
--Jon Radel
jon@radel.com
[-- Attachment #2 --]
0 *H
010
`He�0 *H
��
00�#SanzTgk!0
*H
�0o1
0 USE10U
AddTrust AB1&0$U
AddTrust External TTP Network1"0 UAddTrust External CA Root0
141222000000Z
200530104838Z01
0 UGB10UGreater Manchester10USalford10U
COMODO CA Limited1A0?U8COMODO SHA-256 Client Authentication and Secure Email CA0"0
*H
��0
�
zSNpR
V&IQZI`zQBy"aNv#
J
n=ٺ.CRC|2PȦOZϓ%{0dV*$3DiFK3@@:*S= a<UNv%!)|qvO_T{5R"=,0-1YR73i-C֥wgQ'뼥8v8ߌIs:2:=F:WtaP@?⟢!�00 U
#0z4&&T$T0
U
akᢠOg£�0U
0U
0�0
U
%0++0U
00U
�0DU
=0;09753http://crl.usertrust.com/AddTrustExternalCARoot.crl05+)0'0%+0http://ocsp.usertrust.com0
*H
��*nU:Uka+ #fjow^a�}�
[jr
AX&MX"cR6}Xޫ;cs{B#ʶM>K-ػBKiۦ74{:ǟO4ne6d)5ֱqC>2Svʆ4,
Jؙ
␒ZBj#!eջ~ꌅ b:,Yř38z yJ&|00sT<}k
`i
0
*H
�01
0 UGB10UGreater Manchester10USalford10U
COMODO CA Limited1A0?U8COMODO SHA-256 Client Authentication and Secure Email CA0
150330000000Z
180329235959Z01
0 UUS10
U221501
0 UVA10U
Springfield10U 6917 Ridgeway Dr.10U
Jon T. Radel1200U
)Issued through Jon T. Radel E-PKI Manager1 0
U
Corporate Secure Email10U Jon Radel1
0 *H
jon@radel.com0"0
*H
��0
�aЩ@@g3eGރ͛; d#>q7&Hf
:3vL" jV#Xݷ>U-H[$SUڻ{Ϝ,z¶IchO=rcyr
n�v.Vh7k;%ueYuӬnz
6!| !Aȡ+,u+
CAպF-un#vjUJWnk%j]
2JPkl�00 U
#0akᢠOg£�0
U
E|GDp/ʚB0U
0
U
0�0
U
%0++0FU
?0=0;
+10+0)+
https://secure.comodo.net/CPS0]U
V0T0RPNLhttp://crl.comodoca.com/COMODOSHA256ClientAuthenticationandSecureEmailCA.crl0+00X+0Lhttp://crt.comodoca.com/COMODOSHA256ClientAuthenticationandSecureEmailCA.crt0$+0http://ocsp.comodoca.com0U
0
jon@radel.com0
*H
��KS�`?H_D`8G߿
VbĘ<tB-Ӈї|{'Ũݹg0Gp$%F(;*MO*gt$@�t6,?0|#ăz,&!�{j2i[%b7ߪP+9G㲍["y<?8rZ'[UR6%L̤
w"=:L~Ƨ^jf36
OP1.}(e1A0=001
0 UGB10UGreater Manchester10USalford10U
COMODO CA Limited1A0?U8COMODO SHA-256 Client Authentication and Secure Email CAsT<}k
`i
0
`He�a0 *H
1
*H
0
*H
1
151005005428Z0/ *H
1" m+JR
V\`ohY!v
0l *H
1_0]0
`He*0
`He0
*H
0*H
�0
*H
@0+0
*H
(0 +71001
0 UGB10UGreater Manchester10USalford10U
COMODO CA Limited1A0?U8COMODO SHA-256 Client Authentication and Secure Email CAsT<}k
`i
0
*H
101
0 UGB10UGreater Manchester10USalford10U
COMODO CA Limited1A0?U8COMODO SHA-256 Client Authentication and Secure Email CAsT<}k
`i
0
*H
��G|iA+_g2St˕FXqQVE�ꦟ=+
dcxE%M7n!(\*;RlYo�L/Q{rōƾvK$
IȄ
WF/ QVc
2?
AY gVWh߫+Vl`}
r#~+[w}^Й2T'UMRҭ_6k
/^)1br
:lەwaca
itp������
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5611CA44.4030602>