Running 11-1 Release, and have created 2 jails using qjail, each with different IP addresses, but on the same subnet and physical interface (em0).
Both jails have internet connectivity, and can communicate fine in both directions with other computers on that subnet.
But neither jail can connect to the other. I have enabled icmp and ssh on both jails, so I know those are working with other computers on that subnet.
Jails were created with qjail, the only options set were the interface and IP addresses. I also added a line to each of their conf files to enable raw sockets.
Here is the interface on the host where jail aliases have been created:
I was expecting the jails to just have connectivity between each other by default, and not require any special pf/nat since the traffic should never even hit the router?
Do the jails need to be on different interfaces in order to be able to talk to each other? I've been digging around for answers in the man pages and the googles without any luck.
Both jails have internet connectivity, and can communicate fine in both directions with other computers on that subnet.
But neither jail can connect to the other. I have enabled icmp and ssh on both jails, so I know those are working with other computers on that subnet.
Jails were created with qjail, the only options set were the interface and IP addresses. I also added a line to each of their conf files to enable raw sockets.
Here is the interface on the host where jail aliases have been created:
Code:
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=4219b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MAGIC,VLAN_HWTSO>
ether 44:8a:5b:35:d0:67
hwaddr 44:8a:5b:35:d0:67
inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255
inet 192.168.1.98 netmask 0xffffffff broadcast 192.168.1.98
inet 192.168.1.99 netmask 0xffffffff broadcast 192.168.1.99
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
I was expecting the jails to just have connectivity between each other by default, and not require any special pf/nat since the traffic should never even hit the router?
Do the jails need to be on different interfaces in order to be able to talk to each other? I've been digging around for answers in the man pages and the googles without any luck.