Problem with vnet jails: when running openvpn, the jail cannot be stopped and restarted anymore.
This happens with the current 13.3-BETA1, and I reproduced it on a clean (locally unpatched) 13-STABLE stable/13-n257197-0efd4b792290 GENERIC
Normally, with a vnet jail, the active interface is moved from the host into the jail, and is moved back to the host when the jail is stopped.
But as soon as you start openvpn in that jail (even when only for a moment and without any network connection), then when terminating the jail, the interface will not be moved back to the host and you will loose it.
As a workaround you can manually move the interface back up to the host, with
.
In either case, the jail will stay in the "dying" state and never fully terminate. Apparently something that openvpn does, is damaging the kernel vnet structures in a way that they can not be orderly removed anymore.
This was not the case with 13.2-RELEASE
This happens with the current 13.3-BETA1, and I reproduced it on a clean (locally unpatched) 13-STABLE stable/13-n257197-0efd4b792290 GENERIC
Normally, with a vnet jail, the active interface is moved from the host into the jail, and is moved back to the host when the jail is stopped.
But as soon as you start openvpn in that jail (even when only for a moment and without any network connection), then when terminating the jail, the interface will not be moved back to the host and you will loose it.
As a workaround you can manually move the interface back up to the host, with
ifconfig NAME -vnet NN, before terminating the jail..
In either case, the jail will stay in the "dying" state and never fully terminate. Apparently something that openvpn does, is damaging the kernel vnet structures in a way that they can not be orderly removed anymore.
This was not the case with 13.2-RELEASE