Jail source address selection broken, patch for ping
Anders Hagman
anders.hagman at netplex.se
Wed Apr 11 05:12:42 UTC 2012
11 apr 2012 kl. 00:14 skrev Mark Felder <feld at feld.me>:
> On Tue, 10 Apr 2012 04:03:22 -0500, Anders Hagman <anders.hagman at netplex.se> wrote:
>
>> I have used vnet jail to get your own IP stack.
>> One strange thing is that tcpdump on the host can not see the packets.
>
>
> Yes, vnet avoids this issue. You shouldn't be able to tcpdump on the host to see the packets; those interfaces are now entirely owned by the jail.
I did tcpdump on the main vr0 interface and still no packets.
> Unfortunately we cannot use vnet because it is very experimental still and I have been able to cause it to panic many times.
Just by running it or during start/stop?
More information about the freebsd-jail
mailing list