can't find routing entry for network routes

Julian Elischer julian at elischer.org
Wed Oct 7 01:37:48 UTC 2009 

remodeler wrote:
> I am having the same problem as Nikos I am trying to implement a vnet-enabled
> service jail on FreeBSD 8.0 HEAD. I have thoroughly studied the "Network stack
> virtualization" document written by Marko. I received troubleshooting help
> over several days last from Julian Elischer when I raised the issue in this
> thread on the freebsd-net list. I am running a GENERIC kernel on amd64, with
> the additional options vimage, netgraph, ng_ether, and ng_eiface.

please recap with a script that fails

i.e. a script I can try run, and show how the output differs from what 
you would expect.

(I don't have your previous emails at hand)



> 
> I successfully applied the patch Bjoern provided:
> 
> http://people.freebsd.org/~bz/20090901-10-vimage-jailed_no_vnet.diff
> 
> I tested with this patch, and also the lines in the other patch Bjoern
> provided that are not in HEAD:
> 
> http://people.freebsd.org/~bz/20090906-01-V_llatbl.diff
> 
> i.e., 
> +#include <sys/jail.h>
> +	CURVNET_RESTORE();
> +	CURVNET_SET_QUIET(TD_TO_VNET(curthread));
> 
> +vnet_lltable_init(const void *unused __unused)
> +{
> +
> +	/* Manually do what SLIST_HEAD_INITIALIZER would do. */
> +	V_lltables.slh_first = NULL;
> +}
> +
> +VNET_SYSINIT(vnet_lltable_init, SI_SUB_PSEUDO, SI_ORDER_ANY, vnet_lltable_init,
> +    NULL);
> 
> Trying to apply a ruleset after mounting devfs in a jail, I get:
> 
> devfs -m /jail/j/ns/dev rule -s 8 applyset
> devfs rule: ioctl DEVFSIO_SAPPLY: No such process
> 
> Attempting to apply a default route to the ngeth0 interface bound to the jail,
> I get:
> 
> route: writing to routing socket: Network is unreachable                        
> add net default: gateway 00:23:54:08:2b:f7: Network is unreachable
> 
> netstat -r gives:
>                                
> netstat: kvm not available: /dev/mem: Permission denied
> Routing tables                                         
> rt_tables: symbol not in namelist
> 
> I have /dev/mem mounted in the jail. I've seen reference to mem not being
> accessible in the jail, in some of the discussions on running x-server in the
> jail. Julian mentioned that it looked like I need to make /dev/mem accessible
> in the jail. I do not know how to do that; it also seems that if I had a
> routing socket, I could live without reading memory for netstat output. I
> understand each jail has its own FIB. I thought jails opened a routing socket
> during their creation by default.
> 
> I need to add a default route to use the jail:
> 
> vimage ns route add default -link 00:0a:0b:0c:2b:f7
> 
> But no combination I've tried succeeds. Any help appreciated :->
> _______________________________________________
> freebsd-virtualization at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization
> To unsubscribe, send any mail to "freebsd-virtualization-unsubscribe at freebsd.org"

More information about the freebsd-virtualization mailing list