Net problem with server running in jail
Jeff
dejamuse at yahoo.com
Sun May 16 19:59:06 UTC 2010
I have been running PCBSD 8 (FreeBSD 8.0) with no problems until recently.
I have an Apache server running in a jail (created by The Warden PBI) with PHP, MySQL, and Drupal. I also run Firefox on the same machine to access the internet and the local server for development. I've never had a problem accessing the server until recently when I moved to a new location and tried to set up the new network on a new router and internet connection. I switched the NIC card to a static IP from DHCP and then access to the server got really slow, like 15 seconds delay from 2 seconds before. Also, Drupal can no longer access the net to check for module updates and such.
I asked for advice at PCBSD and reconfigured some things that fixed the problem for a while, but now nothing works, so they advised me to ask here. I don't know what precipitated this problem or exactly what's wrong.
Originally, both the NIC and the jail IPs were assigned to the lagg0 device. I have another machine with the same setup that has none of these problems, but it's using PCBSD 7.1.1. which has no lagg interface, just the NIC itself.
If I manually assign the static IP (192.168.1.10) to the NIC, re0, and leave the jail (192.168.1.12) assigned to lagg0, the latency problems disappear but Drupal still cannot talk to the outside world. I shut down the firewall but it had no effect.
I assigned both the jail and the NIC to re0, and disabled lagg0 but that didn't work.
The router gateway is 192.168.1.2
Here is the current state:
# ifconfig
re0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=389b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_UCAST,WOL_MCAST,WOL_MAGIC>
ether 00:24:8c:a1:b3:f7
inet6 fe80::224:8cff:fea1:b3f7%re0 prefixlen 64 scopeid 0x1
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=3<RXCSUM,TXCSUM>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
inet 127.0.0.1 netmask 0xff000000
pflog0: flags=0<> metric 0 mtu 33152
pfsync0: flags=0<> metric 0 mtu 1460
syncpeer: 224.0.0.240 maxupd: 128
lo1: flags=8048<LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=3<RXCSUM,TXCSUM>
lagg0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=389b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_UCAST,WOL_MCAST,WOL_MAGIC>
ether 00:24:8c:a1:b3:f7
inet 192.168.1.10 netmask 0xffffff00 broadcast 192.168.1.255
inet6 fe80::224:8cff:fea1:b3f7%lagg0 prefixlen 64 scopeid 0x5
inet 192.168.1.12 netmask 0xffffffff broadcast 192.168.1.12
media: Ethernet autoselect
status: active
laggproto failover
laggport: re0 flags=5<MASTER,ACTIVE>
--------------------------------------
# netstat -rn
Routing tables
Internet:
Destination Gateway Flags Refs Use Netif Expire
default 192.168.1.2 UGS 12 266 lagg0
127.0.0.1 link#2 UH 0 0 lo0
192.168.1.0/24 link#5 U 3 52 lagg0
192.168.1.10 link#5 UHS 0 0 lo0
192.168.1.12 link#5 UHS 0 29 lo0 =>
192.168.1.12/32 link#5 U 0 0 lagg0
AppleTalk:
Destination Gateway Flags Netif Expire
Internet6:
Destination Gateway Flags Netif Expire
::1 ::1 UH lo0
fe80::%re0/64 link#1 U re0
fe80::224:8cff:fea1:b3f7%re0 link#1 UHS lo0
fe80::%lo0/64 link#2 U lo0
fe80::1%lo0 link#2 UHS lo0
fe80::%lagg0/64 link#5 U lagg0
fe80::224:8cff:fea1:b3f7%lagg0 link#5 UHS lo0
ff01:1::/32 fe80::224:8cff:fea1:b3f7%re0 U re0
ff01:2::/32 ::1 U lo0
ff01:5::/32 fe80::224:8cff:fea1:b3f7%lagg0 U lagg0
ff02::%re0/32 fe80::224:8cff:fea1:b3f7%re0 U re0
ff02::%lo0/32 ::1 U lo0
ff02::%lagg0/32 fe80::224:8cff:fea1:b3f7%lagg0 U lagg0
===========================
On the older machine with PCBSD 7.1.1 where the same jail setup with the server running Drupal has none of these problems, the setup is as follows (192.168.1.11 is the machine's static IP, the jail is also on 192.168.1.12 but I never run both servers at the same time) Not sure why but the jail IP doesn't show up here:
# ifconfig
bge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST>
metric 0 mtu 1500
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether 00:11:11:c3:7a:e2
inet 192.168.1.11 netmask 0xffffff00
broadcast 192.168.1.255
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
plip0: flags=108810<POINTOPOINT,SIMPLEX,MULTICAST,NEEDSGIANT>
metric 0 mtu 1500
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST>
metric 0 mtu 16384
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
inet6 ::1
prefixlen 128
inet 127.0.0.1 netmask 0xff000000
pfsync0:
flags=0<> metric 0 mtu 1460
syncpeer: 224.0.0.240
maxupd: 128
pflog0: flags=0<> metric 0 mtu 33204
----------------------------------
#
netstat -rn
Routing tables
Internet:
Destination
Gateway Flags Refs Use Netif Expire
default
192.168.1.2 UGS 0 3323 bge0
127.0.0.1 127.0.0.1 UH 0 22 lo0
192.168.1.0/24
link#1 UC 0 0 bge0
192.168.1.2
00:21:29:e4:34:e4 UHLW 2 447 bge0 1176
192.168.1.255 ff:ff:ff:ff:ff:ff UHLWb 1 59 bge0
Internet6:
Destination
Gateway Flags Netif Expire
::1
::1 UHL lo0
fe80::%lo0/64 fe80::1%lo0
U lo0
fe80::1%lo0
link#3 UHL lo0
ff01:3::/32
fe80::1%lo0 UC lo0
ff02::%lo0/32 fe80::1%lo0
UC lo0
=====================================
What could cause the server latency to be so high, and why can't Drupal access the internet? I have had this problem on and off for years, going back to FBSD 6, but have never figured out the problem or how I got out of it. This time nothing is working.
Thanks, Jeff
More information about the freebsd-net
mailing list