I have a problem getting dhcpd to run inside a iocage controlled jail. Following various bits and pieces found on the web I have successfully configured a jail with a VNET interface.. This appears to work as I can ping into and out off the jail from internal and external addresses. For completeness I will show the configuration I did to effect this:
I assigned the addresses
As stated thie network setup appears to work. The jail has connectivity to the outside and can be reached from the outside. There is the question of: from where does the 192.168.18.50 address come? Other than that everything looks like I believe it should.
The problem that I have is when the dhcpd service is started it immediately fails and produces this output:
The subnet declarations in /usr/local/etc/dhcpd.config are:
What am I doing wrong?
Code:
# in /boot/loader.conf ### Requires reboot
# note some of these may duplicate the default kernel values
kern.features.racct="1"
kern.features.vimage="1"
kern.racct.enable="1"
Code:
# /etc/sysctl.conf
net.inet.ip.forwarding=1 # Enable IP forwarding between interfaces
net.link.bridge.pfil_onlyip=0 # Only pass IP packets when pfil is enabled
net.link.bridge.pfil_bridge=0 # Packet filter on the bridge interface
net.link.bridge.pfil_member=0 # Packet filter on the member interface
Code:
# /etc/rc.conf
### Networking
hostname="vhost01.hamilton.harte-lyne.ca"
## Setup a bridge to enable vnet
## VNET Jails (iocage) - also see loader.conf and sysctl.conf settings
cloned_interfaces="bridge0"
ifconfig_bridge0="addm igb0"
ifconfig_igb0="up"
ifconfig_igb0="inet 216.185.71.41/25"
ifconfig_igb0_alias18="inet 192.168.18.41/16"
ifconfig_igb0_alias216="inet 192.168.216.41/16"I assigned the addresses
vnet0|192.168.216.124/16,vnet0|192.168.18.124 to the jail. I also assigned a default router address 192.168.18.1 to the jail. Looking at the routing table from inside the jail I see this:
Code:
# netstat -nr
Routing tables
Internet:
Destination Gateway Flags Netif Expire
default 192.168.18.1 UGS epair0b
127.0.0.1 link#1 UH lo0
192.168.0.0/16 link#2 U epair0b
192.168.18.0/24 link#2 U epair0b
192.168.18.50 link#2 UHS lo0
192.168.18.164 link#2 UHS lo0
192.168.216.164 link#2 UHS lo0As stated thie network setup appears to work. The jail has connectivity to the outside and can be reached from the outside. There is the question of: from where does the 192.168.18.50 address come? Other than that everything looks like I believe it should.
The problem that I have is when the dhcpd service is started it immediately fails and produces this output:
Code:
# service isc-dhcpd start
Starting dhcpd.
Internet Systems Consortium DHCP Server 4.4.2-P1
Copyright 2004-2021 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Config file: /usr/local/etc/dhcpd.conf
Database file: /var/db/dhcpd/dhcpd.leases
PID file: /var/run/dhcpd/dhcpd.pid
Wrote 0 leases to leases file.
No subnet declaration for igb0 (no IPv4 addresses).
** Ignoring requests on igb0. If this is not what
you want, please write a subnet declaration
in your dhcpd.conf file for the network segment
to which interface igb0 is attached. **
Not configured to listen on any interfaces!
. . .The subnet declarations in /usr/local/etc/dhcpd.config are:
Code:
# Declaration of brockley AD-DC Domain
subnet 192.168.18.0 netmask 255.255.255.0 {
range dynamic-bootp 192.168.18.64 192.168.18.127;
allow unknown-clients;
option domain-name "brockley.harte-lyne.ca";
option domain-name-servers 192.168.18.162, 216.185.71.33;
option netbios-name-servers 192.168.18.162;
option netbios-dd-server 192.168.18.162;
option netbios-node-type 8;
option ntp-servers 192.168.18.162;
option routers 192.168.18.1;
}What am I doing wrong?
