Problem using bz's multi-IP/IPv6/No-IP Jail Patch (7-STABLE)

Kage kagekonjou at gmail.com
Sun Mar 8 16:20:09 PDT 2009 

On Sun, Mar 8, 2009 at 6:26 PM, Bjoern A. Zeeb
<bzeeb-lists at lists.zabbadoz.net> wrote:
> On Sun, 8 Mar 2009, Kage wrote:
>
>> Encountering more issues now.  Binding just an IPv6 address to a jail
>> shows up in jls -v, but when I run ifconfig -a in the jail, I get an
>> error I've never encountered, and doesn't show up on any Google
>> search:
>>
>> [root at nub:/etc] jls -v
>>  JID  Hostname                      Path
>>       Name                          State
>>       CPUSetID
>>       IP Address(es)
>>    9  jail.template.tld             /usr/jails/TEMPLATE
>>                                     ALIVE
>>       10
>>       2610:150:c248:dead:beef:c0ff:eec0:deaa
>>
>> [root at jail:/] ifconfig -a
>> ifconfig: socket(family 2,SOCK_DGRAM): Protocol not supported
>
> Is your world inside the jails in sync with the kernel?

Explain, please?

>>
>> On Sun, Mar 8, 2009 at 2:22 PM, Kage <kagekonjou at gmail.com> wrote:
>>>
>>> Greetings,
>>>
>>> So I'm having an issue using 7-STABLE, specifically with bz's
>>> multi-IP/IPv6 patch.  First and foremost, all IPs attempted to be used
>>> (both v4 and v6) are aliased properly in ifconfig.  Secondly,
>>> assigning multiple IPs to a jail is no problem, as jls -v reflects the
>>> multiples assigned correctly.  However, within the jail, ifconfig
>>> reflects only the first IP listed in rc.conf.  What am I missing, or
>>> what do I need to do to?
>>>
>>> Cheers!
>>>
>>>
>>> Example rc.conf entry:
>>>
>>> ifconfig_vr0_alias10="inet 12.34.56.78 netmask 255.255.255.255"
>>> ifconfig_vr0_alias11="inet 12.34.56.79 netmask 255.255.255.255"
>>> ifconfig_vr0_alias12="inet 12.34.56.80 netmask 255.255.255.255"
>>>
>>> jail_kage_rootdir="/usr/jails/kage"
>>> jail_kage_hostname="kage.foo"
>>> jail_kage_ip="12.34.56.78,12.34.56.79,12.34.56.80"
>>>
>>> Example jls:
>>>
>>>     5  kage.foo                 /usr/jails/kage
>>>                                      ALIVE
>>>        6
>>>        12.34.56.78
>>>        12.34.56.79
>>>        12.34.56.80
>>>
>>>
>>> Example ifconfig within that jail:
>>>
>>> [root at kage:/usr/local/etc/apache22] ifconfig
>>> vr0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
>>>        options=2808<VLAN_MTU,WOL_UCAST,WOL_MAGIC>
>>>        ether 00:1d:92:0d:77:8a
>>>        inet 12.34.56.78 netmask 0xffffffff broadcast 12.34.56.1
>
>
> Now that broadcast address doesn't make any sense at all.
> Does it look the same outside the jail?

Looks the same inside and out for the IP that shows up in jails

> Can you send ifconfig -a from inside and outside jails, unmangled
> and unedited along with a jls -va?

I'll give two examples, hold please... (edited slightly for sake of
privacy of other users hosted on this box, and to keep this E-Mail
brief)

(Inside Host)
-----
[root at nub:/etc] ifconfig -a
(snip)
        inet 64.32.24.218 netmask 0xffffffff broadcast 64.32.24.218
(snip)
        inet 208.98.30.200 netmask 0xffffff00 broadcast 208.98.30.255
(snip)
        inet6 2610:150:c248::2 prefixlen 48
(etc.)

[root at nub:/etc] jls -va
   JID  Hostname                      Path
        Name                          State
        CPUSetID
        IP Address(es)
(snip)
     6  kage.vitund.com               /usr/jails/kage
                                      ALIVE
        7
        64.32.24.218
        208.98.30.200
(snip)
     4  irc.hackthissite.org          /usr/jails/irc
                                      ALIVE
        5
        64.32.24.217
        2610:150:c248:dead:c0ff:eec0:deba:be00
(snip)
[root at nub:/etc]

rc.conf chunk:

ipv6_enable="YES"
ipv6_defaultrouter="2610:150:c248::1"
ipv6_network_interfaces="vr0"
ipv6_ifconfig_vr0="2610:150:c248::2 prefixlen 48"

(Inside Jail: kage)
[root at kage:/] ifconfig -a
vr0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=2808<VLAN_MTU,WOL_UCAST,WOL_MAGIC>
        ether 00:1d:92:0d:77:8a
        inet 64.32.24.218 netmask 0xffffffff broadcast 64.32.24.218
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
[root at kage:/]

(Inside Jail: irc)
[root at irc:/] ifconfig -a
vr0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=2808<VLAN_MTU,WOL_UCAST,WOL_MAGIC>
        ether 00:1d:92:0d:77:8a
        inet 64.32.24.217 netmask 0xffffffff broadcast 64.32.24.217
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
[root at irc:/]

> Are you running 7-STABLE now or 7.x + patch?

7-STABLE.

>>>        media: Ethernet autoselect (100baseTX <full-duplex>)
>>>        status: active
>>> lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
>>> [root at kage:/usr/local/etc/apache22]
>>>
>>>
>>> --
>>> ~ Kage
>>>
>>
>>
>>
>>
>
> --
> Bjoern A. Zeeb                      The greatest risk is not taking one.



-- 
~ Kage

More information about the freebsd-jail mailing list