Jails, VIMAGE, and VLANs

William Katsak wkatsak at cs.rutgers.edu
Wed Jan 28 13:00:37 UTC 2015 

Hello,
I am having a very frustrating issue with VIMAGE jails using VLANs on 
10.1-RELEASE. I posted this earlier to the FreeBSD forum, then realized 
that this is probably a better place.

Let me tell you about my issue:

If I set up my jails using a regular ethernet interface (em0), a bridge, 
and epairs, everything works beautifully. All networking works as expected.

However, if I try to do the exact same thing using a VLAN interface, 
everything ALMOST works, except for one thing:

I cannot communicate between the host and the jail.

I can ping in both directions, but nothing else. No TCP traffic seems to 
pass. To make it weirder, the jail can communicate perfectly with other 
machines on the VLAN, so the bridge itself seems to be (partially) working.

I've checked routing tables, firewalls, everything. Nothing seems to 
make sense, except that something is broken either inside the bridge or 
the VIMAGE code. Again, if I keep the config exactly the same, but use 
em0 instead of em0.100, everything works.

Does anyone have any ideas?

Thanks in advance.

-Bill

--------------------------------------------------
Here is the offending bridge config:

bridge1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 
1500
     ether 02:f1:2d:eb:f9:01
     nd6 options=1<PERFORMNUD>
     id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
     maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
     root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
     member: epair5a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
             ifmaxaddr 0 port 13 priority 128 path cost 2000
     member: epair4a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
             ifmaxaddr 0 port 12 priority 128 path cost 2000
     member: em0.100 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
             ifmaxaddr 0 port 4 priority 128 path cost 20000

-- 
****************************************
William Katsak <wkatsak at cs.rutgers.edu>
Ph.D. Student
Rutgers University
Department of Computer Science
****************************************

More information about the freebsd-net mailing list