Re: epair(4)

In reply to: Cy Schubert : "Re: epair(4)"
Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Kristof Provost <kp_at_FreeBSD.org>
Date: Thu, 15 May 2025 20:03:48 UTC
On 15 May 2025, at 21:40, Cy Schubert wrote:
> In message <406249F9-B0FC-4E22-9402-683531321E72@FreeBSD.org>, Kristof
> Provost
> writes:
>> On 15 May 2025, at 20:59, Cy Schubert wrote:
>>> In message <20250515162552.9209B20E@slippy.cwsent.com>, Cy Schubert 
>>> wri=
>> tes:
>>>> Over the last couple of days epair(4) fails to set up when an IP 
>>>> addre=
>> ss is
>>>> specified.
>>>>
>>>> bob# service jail onestart test2
>>>> Starting jails: cannot start jail  "test2":
>>>> epair0a
>>>> ifconfig: ioctl (SIOCAIFADDR): Invalid argument
>>>> jail: test2: /sbin/ifconfig epair0a inet 10.1.1.70 netmask 
>>>> 0xffffff00 =
>> up:
>>>> failed
>>>> .
>>>> bob# ifconfig epair0a inet 10.1.1.70 netmask 0xffffff00
>>>> ifconfig: ioctl (SIOCAIFADDR): Invalid argument
>>>> bob# ifconfig epair0a inet up
>>>> bob#
>>>
>>> This regression is caused by b61850c4e6f6.
>>>
>> Is epair0a a member of a bridge? If so, that=E2=80=99s a 
>> configuration er=
>> ror which is now prevented (by default).
>
> Yes, epair0a, member of bridge0 is prevented from coming up.
>
> My jail configuration:
>
> test2 {
>   $if                 = "0";                  # Jail ID number
>   $ip_addr            = "10.1.1.71";      # Jail ipv4 address
>   $netmask            = "0xffffff00";
>   $ip_host            = "10.1.1.70";          # Gateway or host's ipv4
> address
>   $ip_route           = "10.1.1.254";          # Gateway or host's 
> ipv4
> address
>   $ip6_addr           = "fc00:1:1:1::47";      # Jail ipv6 address
>   $ip6_route          = "fc00:1:1:1::fffe";   # Gateway or host's ipv6
> address
>   vnet;
>   vnet.interface      = "epair${if}b";
>   allow.set_hostname  = "1";
>   exec.prestart       = "/sbin/sysctl kern.sugid_coredump=1";
>   exec.prestart       = "ifconfig epair${if} create up";
>   exec.prestart      += "ifconfig bridge0 addm epair${if}a";
>   # exec.prestart      += "ifconfig bridge0 addm sk0";
>   exec.prestart      += "/sbin/ifconfig epair${if}a inet ${ip_host} 
> netmask
> ${netmask} up";
>   # exec.prestart      += "/sbin/route change -host ${ip_host} -iface
> epair${if}a";
>   # exec.prestart      += "/sbin/route add -host ${ip_addr} -iface
> epair${if}a";
>   exec.start          = "/sbin/ifconfig epair${if}b inet ${ip_addr} 
> netmask
> ${netmask} up";
>   exec.start         += "/sbin/ifconfig epair${if}b inet6 ${ip6_addr} 
> up";
>   exec.start         += "/sbin/route add default -gateway 
> ${ip_route}";
>   exec.start         += "/sbin/route add -inet6 default -gateway
> ${ip6_route}";
>   exec.start         += "/bin/sh /etc/rc";
>   exec.stop           = "/bin/sh /etc/rc.shutdown";
>   exec.poststop       = "ifconfig epair${if}a destroy";
>   # exec.poststop      += "ifconfig bridge0 deletem sk0";
> }
>
>
You’ll want to assign the IP address to the bridge, not to epair0a.
It’s less obvious with IPv4 than it would be with IPv6, but assigning 
the address to epair0a breaks multicast.

Best regards,
Kristof