Hi all,
I just started using sysutils/iocage to manage my jails. So far so good, networking is fine, I get an IPv4 and IPv6 address, I can resolve DNS queries with a local_unbound service on my host, everyone's happy. However, running jails that use IPv6 addresses proves not easy.
My test jail:
Then, I install www/nginx on test; then configure it:
Then, add to rc.conf:
Finally, start the jail:
Check
However, should I restart the jail:
www/nginx seems happy and starts. It will also start, if after a cold boot I instruct the jail to:
After some discussion on #freebsd and #iocage, no solution so far, but:
Thanks in advance.
EDIT: At the moment, a working solution, as suggested here: https://lists.freebsd.org/pipermail/freebsd-jail/2013-July/002347.html is to add the following sysctl setting to /etc/sysctl.conf:
I just started using sysutils/iocage to manage my jails. So far so good, networking is fine, I get an IPv4 and IPv6 address, I can resolve DNS queries with a local_unbound service on my host, everyone's happy. However, running jails that use IPv6 addresses proves not easy.
My test jail:
Code:
# iocage clone f0c02024-1741-11e5-b9bb-eca86bf1c8a3 tag=test
# iocage set defaultrouter6="fe80::1ee6:c7ff:fe52:740%em0" test
# iocage set ip6_addr="em0|2001:41d0:e:10a7:10:10:10:10" test
# iocage start test
Then, I install www/nginx on test; then configure it:
Code:
server {
listen [2001:41d0:e:10a7:10:10:10:10]:80;
server_name my.name.com;
root /usr/local/www/nginx-dist;
}
Then, add to rc.conf:
Code:
nginx_enable="YES"
nginx_debug="YES"
Finally, start the jail:
Code:
# iocage stop test
# iocage start test
Check
sockstat
's output: no dice, www/nginx is not running and fails with the following errors:
Code:
2015/06/24 19:42:36 [emerg] 18050#0: bind() to [2001:41d0:e:10a7:10:10:10:10]:80 failed (49: Can't assign requested address)
2015/06/24 19:42:36 [emerg] 18051#0: bind() to [2001:41d0:e:10a7:10:10:10:10]:80 failed (49: Can't assign requested address)
Code:
# iocage restart test
Code:
# jexec NUMBER service nginx start
- The issue is not limited to www/nginx: www/apache24 faces the same issues;
- While the jail starts, I see this, at the same moment nginx complains it can't bind to address:
Code:
inet6 2001:41d0:e:10a7:10:10:10:10 prefixlen 64 tentative
- Setting netwait_enable does not work in a jail (look at the rc script)
- The issue only appears during a jail cold boot.
- The 2001:41d0:e:10a7:10:10:10:10 address, even if it appears in the jails /etc/hosts does not change anything
- The 2001:41d0:e:10a7:10:10:10:10 address does not exist on my system while the jail is off/down.
- Inside the jail, ifconfig(8) returns the expected IPv6 address
- I run the GENERIC kernel
- IPv6 connectivity is perfectly fine (name resolution and network access)
Thanks in advance.
EDIT: At the moment, a working solution, as suggested here: https://lists.freebsd.org/pipermail/freebsd-jail/2013-July/002347.html is to add the following sysctl setting to /etc/sysctl.conf:
Code:
## -- for jails
net.inet6.ip6.dad_count=0
Last edited: