Problem using bz's multi-IP/IPv6/No-IP Jail Patch (7-STABLE)
Jamie Gritton
jamie at FreeBSD.org
Mon Mar 9 11:35:44 PDT 2009
Kage wrote:
> Encountering more issues now. Binding just an IPv6 address to a jail
> shows up in jls -v, but when I run ifconfig -a in the jail, I get an
> error I've never encountered, and doesn't show up on any Google
> search:
>
> [root at nub:/etc] jls -v
> JID Hostname Path
> Name State
> CPUSetID
> IP Address(es)
> 9 jail.template.tld /usr/jails/TEMPLATE
> ALIVE
> 10
> 2610:150:c248:dead:beef:c0ff:eec0:deaa
>
> [root at jail:/] ifconfig -a
> ifconfig: socket(family 2,SOCK_DGRAM): Protocol not supported
Recent patches reject sockets in jails that have no addresses in the
socket's family. So if you jail has no IPv6 addresses, you won't be
able to create any IPv6 sockets. Likewise your case: if that jail has
no IPv4 addresses, then it's an IPv4-less jail, and IPv4 sockets won't
work (Protocol not supported). For actual network connections, this
makes sense: you won't be able to bind or connect with this socket, as
there are no IPv4 addresses in the system.
But ifconfig is a different situation. It just needs a socket of some
sort, and AF_INET has always worked, because any networked system always
has IPv4 support. But in an IPv4-less system (which an IPv4-less jail
not acts like), this default isn't useful. Something will need to be
fixed. I'm not sure if that something is ifconfig or the kernel.
- Jamie
More information about the freebsd-jail
mailing list