IPv6 only Jails cannot connect to the outside world
Adam Vande More
amvandemore at gmail.com
Sun Oct 4 23:15:58 UTC 2015
On Sun, Oct 4, 2015 at 6:01 PM, Niklaas Baudet von Gersdorff <
niklaas at kulturflatrate.net> wrote:
> Hi,
>
> I successfully run a server with several jails configured with ezjail.
> Normally, each jail gets a private IPv4 on lo1 and another public IPv6
> on re0, i.e. the external interface. These jails can connect to the
> outside world perfectly:
>
> > $ telnet -4 google.com 80
> > Trying 173.194.116.99...
> > Connected to google.com.
> > Escape character is '^]'.
>
> > $ telnet -6 google.com 80
> > Trying 2a00:1450:4001:80c::100e...
> > Connected to google.com.
> > Escape character is '^]'.
>
> Today I created a jail that only has an IPv6. This jail cannot connect:
>
> > root at ipv6only:~ # telnet google.com 80
> > google.com: hostname nor servname provided, or not known
>
> I don't know why. It has a public IPv6 registered on re0.
>
> I use pf as firewall. What I realised is that, if I turn off the
> following nat rule, also those jails that have both IPv4 and IPv6 cannot
> connect neither via IPv4 nor IPv6 too.
>
> > nat on $ext_if from ( $jail_net ) to any -> $ext_if
>
> I would understand if they weren't able to connect via IPv4 anymore
> (because their private IPv4 aren't translated on the $ext_if) but I do
> not understand why IPv6 doesn't work on these jails then too.
You haven't demonstrated IPv6 doesn't work. You've only demonstrated name
resolution on an IPv6 jail doesn't work.
--
Adam
More information about the freebsd-questions
mailing list