Jails on FreeBSD 9.0
freebsd-questions at k-moeller.dk
Tue Jul 17 07:59:31 UTC 2012
On Thu, Jul 12, 2012 at 9:04 PM, Herbert J. Skuhra <h.skuhra at gmail.com> wrote:
> On Thu, Jul 12, 2012 at 11:56 AM, joris dedieu <joris.dedieu at gmail.com> wrote:
>> 2012/7/12 Herbert J. Skuhra <h.skuhra at gmail.com>:
>>> On Wed, Jul 11, 2012 at 11:59 PM, Herbert J. Skuhra <h.skuhra at gmail.com> wrote:
>>>> although I've followed the instructions in jail(8) and jail.conf(5) I
>>>> cannot manage to setup jails on FreeBSD 9.0 STABLE (r238334).
>>>> The symptons:
>>>> * ssh'ing to jail works, but it takes about 20 seconds until password
>>>> prompt appears
>> Does it still the same with UseDNS=no in /etc/ssh/sshd_config ?
> No, I can login instantly.
>>>> * netstat -r in the jail takes about 150 seconds to finish
>> Does netstat -rn does the same ?
> No, the output appears immediately.
>>>> * connections to the internet time out; with tcpdump I see that
>>>> packets leave and enter the public interface on the host, but never
>>>> reach the jail
>>>> I use lo1 interface and ip address 192.168.1.1/24 for the jail. Public
>>>> interface is fxp0 with both an IPv4 and an IPv6 address assigned.
>>>> Of course, nat is enable via pf on the public interface.
>> Can you post your PF configuration ?
>>> After switching to ipfw/natd networking in the jail works.
>>> Could this be a bug?
>> I think you had an issue with firewall that block name resolution and
>> makes everything goes slow. At least you need one single line on your
>> pf.conf :
>> nat on $public_interface form $jail_ip to any -> ($public_interface)
> Even when loading only the nat rule it doesn't work:
> nat on fxp0 from 192.168.1.0/24 to any -> $ext_addr
> freebsd-jail at freebsd.org mailing list
> To unsubscribe, send any mail to "freebsd-jail-unsubscribe at freebsd.org"
As Mark Felder wrote
You don't have anything in /etc/resolv.conf, in the jail do you? :-)
Med Venlig Hilsen
Kalle R. Møller
More information about the freebsd-questions