Jails losing network access after some uptimes

I'm running a FreeBSD 11.0 box with a few jails running on them, they were configured using ezjail. The host runs on the alc0 interface, it communicates to a gateway at 128.0.0.1. The host is setup with lo1 as a loopback interface. The host system's LAN IP is 128.0.0.2.

All jails will start and they obtain the LAN IP I've specified for them with ezjail. After a while of uptime (usually about 24 hours) most jails will lose its network access and I can't seem to figure out why. After network access is lost, I can get it back on the network by restarting the jail.

I suspect I've configured something incorrectly.

Could someone take a look at my configs below and tell me where/if I've messed up?

List of jails with LAN IPs specified (128.x.x.x)
Code:
$ sudo ezjail-admin list
Password:
STA JID  IP              Hostname                       Root Directory
--- ---- --------------- ------------------------------ ------------------------
DR  19   127.0.0.3       Triton                         /usr/jails/Triton
    19   alc0|128.0.0.151
DR  28   127.0.0.6       Ophion                         /usr/jails/Ophion
    28   alc0|128.0.0.154
DR  25   127.0.0.5       Icarus                         /usr/jails/Icarus
    25   alc0|128.0.0.153
DR  22   127.0.0.4       Electra                        /usr/jails/Electra
    22   alc0|128.0.0.152
DR  27   127.0.0.2       Chronos                        /usr/jails/Chronos
    27   alc0|128.0.0.150

A jail's ifconfig output when network access has been lost
Code:
root@Ophion:~ # ifconfig
alc0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
   options=c3198<VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MCAST,WOL_MAGIC,VLAN_HWTSO,LINKSTATE>
   ether 90:2b:34:9d:ac:c0
   media: Ethernet autoselect (1000baseT <full-duplex>)
   status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
   options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
   groups: lo
lo1: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
   options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
   inet 127.0.0.6 netmask 0xffffffff
   groups: lo

A jail's ifconfig output after rebooting restored network access
Code:
root@Ophion:~ # ifconfig
alc0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
   options=c3198<VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MCAST,WOL_MAGIC,VLAN_HWTSO,LINKSTATE>
   ether 90:2b:34:9d:ac:c0
   inet 128.0.0.154 netmask 0xffffffff broadcast 128.0.0.154
   media: Ethernet autoselect (1000baseT <full-duplex>)
   status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
   options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
   groups: lo
lo1: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
   options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
   inet 127.0.0.6 netmask 0xffffffff
   groups: lo

Host system's ifconfig (jails with IPs ending in 150 and 154 have access, the rest do not)
Code:
$ ifconfig
alc0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
   options=c3198<VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MCAST,WOL_MAGIC,VLAN_HWTSO,LINKSTATE>
   ether 90:2b:34:9d:ac:c0
   inet6 fe80::922b:34ff:fe9d:acc0%alc0 prefixlen 64 scopeid 0x1
   inet 128.0.0.150 netmask 0xffffffff broadcast 128.0.0.150
   inet 128.0.0.2 netmask 0xffffff00 broadcast 128.0.0.255
   inet 128.0.0.154 netmask 0xffffffff broadcast 128.0.0.154
   nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
   media: Ethernet autoselect (1000baseT <full-duplex>)
   status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
   options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
   inet6 ::1 prefixlen 128
   inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
   inet 127.0.0.1 netmask 0xff000000
   nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
   groups: lo
lo1: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
   options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
   inet 127.0.0.3 netmask 0xffffffff
   inet 127.0.0.4 netmask 0xffffffff
   inet 127.0.0.5 netmask 0xffffffff
   inet 127.0.0.2 netmask 0xffffffff
   inet 127.0.0.6 netmask 0xffffffff
   nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
   groups: lo
 
Managed to get to the bottom of the problem. The host system had a reserved LAN IP in my router's DHCP config. Removed the rule so that it's dynamically assigned a LAN IP and the problem has sorted itself. This was most probably because the router was assigning IPs on a MAC address basis, and all jails would have had the same MAC hence the irregular behaviour.
 
Back
Top