Solved Jail sporadically loses IP

noisebloom · Aug 15, 2020

Hey everyone - I've been having a problem with my development jail on FreeBSD 11.2 for about a year that I have not been able to solve.

I have sshd running on 192.168.0.151 (static IP) for the jail, and I can normally SSH in without issues, but about once a month, I can no longer connect. When I pull up a console on the jail, the interface is there, but there's no IP: the inet/broadcast line from ifconfig is missing. Restarting the jail fixes the issue.

I tried limiting the DHCP range that my router issued, and that didn't help. I've also verified that there is no other device on my home network with this IP. I do have another device with a static ip of 192.168.0.159, but that's about it. I checked /var/log/messages in the jail, and all I see are messages that indicate that I restarted the jail (on the appropriate date) and some PAM authentication errors (which I believe correlate to when I've tried connecting in the past).

Really stuck as how to proceed debugging this issue. Can anyone advise? I can include any more info that would be helpful.

T-Daemon · Aug 15, 2020

noisebloom said:
I've been having a problem with my development jail on FreeBSD 11.2

FreeBSD 11.2 is end of live. On FreeBSD Forums EOL versions are unsupported. Also I doubt that many forums members have that version running, if at all, to perhaps check or trying to reproduce the IP address failing on their system, so the chances are slim to none to have that issue resolved, unless someone else has experienced the same on the same version. But I wouldn't hold my breath.

The necessary prerequisite for support, may this be on FreeBSD Forums, mailing lists, or bugzilla, and in general, is to upgrade to a supported ( non-EOL ) version. It's possible the observed behavior won't happen on 11.3 or 11.4.

Emrion · Aug 15, 2020

I would look at /var/log/messages on the host server.
That said, it isn't impossible that the problem disappears after updating your system. And if not, you will have a better support on this forum.

Bobi B. · Aug 15, 2020

I believe that might happen if you share a single IP between multiple jails and stop either of them. In this case IP address will be removed and all other jails sharing it will lose connectivity.

noisebloom · Aug 15, 2020

Thanks guys. I just have a single jail that doesn't share all IP with any other host, but I'll upgrade to 11 and follow up again.

noisebloom · Oct 10, 2020

I ended up upgrading to FreeBSD 12 to discover this issue still exists, but I discovered something that I believe may help point to root cause:

When I noticed m jail's IP was gone and I couldn't connect to it, I checked out /var/log/messages on my base system (I should have done this originally, but I only checked the jail the first time). I found that my PC had lost its ethernet connection, which isn't too surprising, since I seem to have random internet drops where I live.

So it seems that when I lose internet connection, my base system is issued another IP, but my jail that has a static IP does not automatically connect again... I have to restart the jail. Does this make sense to anyone? Is there a way my static IP jail setup can "recover" from an internet down situation?

Bobi B. · Oct 11, 2020

What type of IP address is your host using? A static (written in /etc/rc.conf) or a dynamic (via dhclient(8)) IP address?

chrbr · Oct 11, 2020

noisebloom said:
So it seems that when I lose internet connection, my base system is issued another IP, but my jail that has a static IP does not automatically connect again... I have to restart the jail. Does this make sense to anyone?

One one of my laptops I have a similar behaviour. Sometimes the WLAN circuit forgets its firmware. service netif restart trggers the reload. The jail(s) are connected via lo1 only. But I have to restart them, too. I think te reason is that the restart of the network interface resets everything. The problem happens not too often, I can live with that workaround.

noisebloom · Oct 11, 2020

My host is using DHCP but my jail is using a static. When the network comes back up after a lost connection, the host is issued another IP and has internet access no problem, but my jail is no longer connectable unless I restart it.

Bobi B. · Oct 12, 2020

noisebloom said:
My host is using DHCP but my jail is using a static. When the network comes back up after a lost connection, the host is issued another IP and has internet access no problem, but my jail is no longer connectable unless I restart it.

Can you verify if 1) manually running service netif restart; service routing restart drops jail's IP address from the network interface and 2) if jail's IP address is still there after your host loses and regains network connectivity (perhaps you can simulate this by unplugging network cable, counting to 10 and plugging it back)?

noisebloom · Mar 12, 2021

Bobi B. said:
Can you verify if 1) manually running service netif restart; service routing restart drops jail's IP address from the network interface and 2) if jail's IP address is still there after your host loses and regains network connectivity (perhaps you can simulate this by unplugging network cable, counting to 10 and plugging it back)?

Huge delay in response - sorry!

#1 drops the jail's IP and renders it "unconnectable", but it recovers just fine with scenario #2.

I guess that most likely rules out a loss of the IP when I lose internet.

noisebloom · Mar 12, 2021

I disabled DHCP on my server, just to see if that was messing with my jail... Will report back in a few days.

noisebloom · Mar 20, 2021

Setting a static IP on my host solved it. It looks like DHCP on my host was messing with my jail's IP (static) staying bound to the interface.