[Bug 234021] 12.0 gateway host with vnet jail running pf firewall & NAT has no internet access
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Sat Dec 15 19:04:12 UTC 2018
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=234021
Kristof Provost <kp at freebsd.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|In Progress |Closed
Resolution|--- |Not A Bug
--- Comment #10 from Kristof Provost <kp at freebsd.org> ---
(In reply to Joe Barbish from comment #9)
No, the address is not available to the jail. It's not assigned to the jail.
It's assigned on the host. The jail needs the WAN IP assigned to it (on an
interface that belongs to the jail, not bridged to it!).
In addition to that, you cannot have two machines (think of vnet jails as
different machines) in two different subnets communicate directly, and that's
exactly what you're trying to do here. Your configuration is wrong.
Write down how you would configure this with two different machines, then try
to replicate that with the jail and host. (Basically move vge0 into the jail,
have it obtain the WAN IP. Add a second interface, an epair, with an IP in the
LAN. On the host bridge the other end of that epair to your em0 LAN interface.)
Do not reopen this bug. This is a configuration problem, not a bug. I will not
comment further. If you still cannot get it to work seek help on
freebsd-questions at freebsd.org or the freebsd forums. This is not the correct
venue for debugging configuration problems.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list