VMNET - problem with epair in jail, cannot ping itself?
Palle Girgensohn
girgen at FreeBSD.org
Mon Mar 19 09:16:17 UTC 2012
Nikos Vassiliadis skrev:
> On 3/19/2012 9:04 AM, Palle Girgensohn wrote:
>>
>>
>> Nikos Vassiliadis skrev:
>>> On 3/19/2012 12:47 AM, Palle Girgensohn wrote:
>>>> Hi!
>>>>
>>>> When I create an epair and pu one end inside a jail, and give that
>>>> interface an IP address, the jail still seems to want to use the lo0
>>>> interface to route traffic to that interface on the inside.
>>>>
>>>> Everything else works, I can set up bridges just like it would be an
>>>> ethernet switch, add services on the inside, it is all fine, except
>>>> this
>>>> little annoying bug(?).
>>>>
>>>> See here:
>>>>
>>>> [root at hostname /home/girgen]# ifconfig epair create
>>>> epair0a
>>>> [root at hostname /home/girgen]# jail -c vnet name=bar host.hostname=bar
>>>> path=/ persist
>>>> [root at hostname /home/girgen]# jls
>>>> JID IP Address Hostname Path
>>>> 1 - bar /
>>>> [root at hostname /home/girgen]# ifconfig epair0b vnet bar
>>>> [root at hostname /home/girgen]# ifconfig -a
>>>> bce0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu
>>>> 1500
>>>>
>>>> options=c01bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,VLAN_HWTSO,LINKSTATE>
>>>>
>>>>
>>>> ether 00:23:7d:23:9d:44
>>>> inet 1.2.3.144 netmask 0xffffffc0 broadcast 1.2.3.191
>>>> inet6 fe80::223:7dff:fe23:9d44%bce0 prefixlen 64 scopeid 0x1
>>>> nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
>>>> media: Ethernet autoselect (1000baseT<full-duplex>)
>>>> status: active
>>>> bce1: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
>>>>
>>>> options=c01bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,VLAN_HWTSO,LINKSTATE>
>>>>
>>>>
>>>> ether 00:23:7d:23:9d:42
>>>> nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
>>>> media: Ethernet autoselect
>>>> lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
>>>> options=3<RXCSUM,TXCSUM>
>>>> inet6 ::1 prefixlen 128
>>>> inet6 fe80::1%lo0 prefixlen 64 scopeid 0x9
>>>> inet 127.0.0.1 netmask 0xff000000
>>>> nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
>>>> epair0a: flags=8842<BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu
>>>> 1500
>>>> options=8<VLAN_MTU>
>>>> ether 02:f9:05:00:0a:0a
>>>> nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
>>>> media: Ethernet 10Gbase-T (10Gbase-T<full-duplex>)
>>>> status: active
>>>> [root at hostname /home/girgen]# jexec bar ifconfig -a
>>>> lo0: flags=8008<LOOPBACK,MULTICAST> metric 0 mtu 16384
>>>> options=3<RXCSUM,TXCSUM>
>>>> nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
>>>> epair0b: flags=8842<BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu
>>>> 1500
>>>> options=8<VLAN_MTU>
>>>> ether 02:f9:05:00:0b:0b
>>>> nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
>>>> media: Ethernet 10Gbase-T (10Gbase-T<full-duplex>)
>>>> status: active
>>>> [root at hostname /home/girgen]# jexec bar ifconfig epair0b 10.1.1.2
>>>> netmask 0xffffff00 up
>>>> [root at hostname /home/girgen]# jexec bar ping 10.1.1.2
>>>> PING 10.1.1.2 (10.1.1.2): 56 data bytes
>>>> ^C
>>>> --- 10.1.1.2 ping statistics ---
>>>> 3 packets transmitted, 0 packets received, 100.0% packet loss
>>>> [root at hostname /home/girgen]# jexec bar route -n get 10.1.1.2
>>>> route to: 10.1.1.2
>>>> destination: 10.1.1.2
>>>> interface: lo0
>>>> flags:<UP,HOST,DONE,STATIC>
>>>> recvpipe sendpipe ssthresh rtt,msec mtu weight
>>>> expire
>>>> 0 0 0 0 16384 1 0
>>>> [root at hostname /home/girgen]#
>>>>
>>>>
>>>>
>>>> Now why would the jail think that lo0 is the way to go to find
>>>> 10.1.1.2?
>>>
>>> That's because 10.1.1.2 is a local address for jail bar and all local
>>> addresses are reachable via lo0. Keep in mind that this is the vnet's
>>> lo0 and has nothing to do with the host's lo0. Just "up" your vnet's lo0
>>> interface and everything will be ok. The lo0 loopback interface is
>>> prerequisite for networking.
>>>
>>> HTH, Nikos
>>
>> Ah, OK, thanks. I had not grasped that.
>>
>> But it does not work?
>>
>> [root at hostname /home/girgen]# jexec bar ifconfig lo0 localhost up
>> [root at hostname /home/girgen]# jexec bar ifconfig -a
>> lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
>> options=3<RXCSUM,TXCSUM>
>> inet6 ::1 prefixlen 128
>> inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
>> inet 127.0.0.1 netmask 0xff000000
>> nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
>> epair0b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu
>> 1500
>> options=8<VLAN_MTU>
>> ether 02:f9:05:00:0b:0b
>> inet6 fe80::f9:5ff:fe00:b0b%epair0b prefixlen 64 scopeid 0x2
>> inet 10.1.1.2 netmask 0xffffff00 broadcast 10.1.1.255
>> nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
>> media: Ethernet 10Gbase-T (10Gbase-T<full-duplex>)
>> status: active
>> [root at hostname /home/girgen]# jexec bar ping 10.1.1.2
>> PING 10.1.1.2 (10.1.1.2): 56 data bytes
>> ^C
>> --- 10.1.1.2 ping statistics ---
>> 3 packets transmitted, 0 packets received, 100.0% packet loss
>> [root at hostname /home/girgen]# jexec bar ping localhost
>> PING localhost (127.0.0.1): 56 data bytes
>> 64 bytes from 127.0.0.1: icmp_seq=0 ttl=64 time=0.045 ms
>> 64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.030 ms
>> ^C
>> --- localhost ping statistics ---
>> 2 packets transmitted, 2 packets received, 0.0% packet loss
>> round-trip min/avg/max/stddev = 0.030/0.037/0.045/0.007 ms
>> [root at hostname /home/girgen]#
>
> Yes, that's somehow normal. You have to "up" lo0 before any
> other interface initialization take place. Otherwise the
> routes to self do not work properly. So, in vnet bar do:
> ifconfig epair0b 10.1.1.200
> ifconfig epair0b 10.1.1.2
>
> and things will hopefully work.
>
> Nikos
Ah, lovely. Thanks a lot!
Cheers,
Palle
More information about the freebsd-jail
mailing list