[Bug 240106] VNET issue with ARP and routing sockets in jails

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Wed, 30 Mar 2022 12:38:48 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=240106

Gabor ADORJANI <bugs.freebsd.org@gabor.adorjani.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |bugs.freebsd.org@gabor.ador
                   |                            |jani.net

--- Comment #11 from Gabor ADORJANI <bugs.freebsd.org@gabor.adorjani.net> ---
I believe I ran into the same issue today on 13.1-BETA3.

Setup: I use a NUC for virtualisation host with a single NIC: em0. It has vPro
(poor man's service processor), which shares the NIC with the OS and
communicates on the native VLAN (VLAN1). Because of this I put the OS to a
tagged one.

I set up several tagged VLANs: 2, 4, 6, 8. The host OS uses em0.2 on VLAN2.

I set up a bridge for each VLAN interface, as well as for the physical:

em0 -> vm-sw1
em0.2 -> vm-sw2
em0.4 -> vm-sw4
em0.6 -> vm-sw6
em0.8 -> vm-sw8

Then I created a jail with Bastille, assigning it to VLAN2/vm-sw2 using VNET,
with an IP from the subnet also used on the host.

I could ping the host from the jail and vice versa, but could not reach the
external world from the jail, nor could ping the jail from the router in the
same subnet.

After 'ifconfig vm-sw1 destroy' it suddenly started working and the jail now
has full IP4/6 connectivity.

-- 
You are receiving this mail because:
You are the assignee for the bug.