Hi all,
I would really like to use iocage, but I cannot get routing/networking working at all despite multiple configurations scenarios.
My Base system has the IPv6 address: My_Prefix::83c:5001/64 and a public IPv4 address, both on vtnet0. It also has the IPv4 internal address on vtnet 10.10.0.5/16.
It routes to the default gw of My_Prefix::1 and an IPv4 gateway. The base's connectivity works.
My bridge is setup as follows in /etc/rc.conf
Finally, I have the following sysctl items set:
Configuration 1: Using VIMAGE, routing to base's IP
iocage jail created as follows:
Problems: Cannot route IPv6 traffic to the internet.
Special note: jail cannot route IPv6, jail cannot even ping the base until the base pings first (tcpdump reveals that the base ignores who-has frames).
Configuration 2: Using VIMAGE, routing to same gateway as base
iocage jail created as follows:
Problems: Same issue, route IPv6 traffic to the internet.
Special note: jail cannot route IPv6, jail cannot even ping the base until the base pings first (tcpdump reveals that the base ignores who-has frames).
Configuration 3: Not Using VIMAGE, shared vtnet0 interface
iocage jail created as follows:
IPv4 address of 10.10.0.2 assigned to vtnet0
Problems: Cannot connect to 10.10.0.1, the base (tested with telnet to 10.10.0.1).
Configuration 4: Not Using VIMAGE, shared lo0 interface
iocage jail created as follows:
IPv4 address of 10.10.0.2 assigned to lo0
Problems: Cannot connect to 10.10.0.1, the base (tested with telnet to 10.10.0.1).
---
I believe that is all possible options or is this a bug in iocage?
I would really like to use iocage, but I cannot get routing/networking working at all despite multiple configurations scenarios.
My Base system has the IPv6 address: My_Prefix::83c:5001/64 and a public IPv4 address, both on vtnet0. It also has the IPv4 internal address on vtnet 10.10.0.5/16.
It routes to the default gw of My_Prefix::1 and an IPv4 gateway. The base's connectivity works.
My bridge is setup as follows in /etc/rc.conf
# set up bridge interface for iocage
cloned_interfaces="bridge0"
# plumb interface em0 into bridge0
ifconfig_bridge0="addm vtnet0 up"
ifconfig_vtnet0="up"
gateway_enable="YES"
Finally, I have the following sysctl items set:
net.inet.ip.forwarding: 1
net.inet6.ip6.forwarding: 1
Configuration 1: Using VIMAGE, routing to base's IP
iocage jail created as follows:
sudo iocage create -n smtp boot=on ip6_addr="My_Prefix::83c:5002" ip4_addr="10.20.0.2/16" defaultrouter="10.20.0.1" defaultrouter6="My_Prefix::83c:5001" -r 12.0-RELEASE vnet=onProblems: Cannot route IPv6 traffic to the internet.
Special note: jail cannot route IPv6, jail cannot even ping the base until the base pings first (tcpdump reveals that the base ignores who-has frames).
Configuration 2: Using VIMAGE, routing to same gateway as base
iocage jail created as follows:
sudo iocage create -n smtp boot=on ip6_addr="My_Prefix::83c:5002" ip4_addr="10.20.0.2/16" defaultrouter="10.20.0.1" defaultrouter6="My_Prefix::1" -r 12.0-RELEASE vnet=onProblems: Same issue, route IPv6 traffic to the internet.
Special note: jail cannot route IPv6, jail cannot even ping the base until the base pings first (tcpdump reveals that the base ignores who-has frames).
Configuration 3: Not Using VIMAGE, shared vtnet0 interface
iocage jail created as follows:
sudo iocage create -n smtp boot=on ip4_addr="vtnet0|10.10.0.2/16" defaultrouter="10.10.0.1" defaultrouter6="My_Prefix::1" -r 12.0-RELEASEIPv4 address of 10.10.0.2 assigned to vtnet0
Problems: Cannot connect to 10.10.0.1, the base (tested with telnet to 10.10.0.1).
Configuration 4: Not Using VIMAGE, shared lo0 interface
iocage jail created as follows:
sudo iocage create -n smtp boot=on ip4_addr="vtnet0|10.10.0.2/16" defaultrouter="10.10.0.1" defaultrouter6="My_Prefix::1" -r 12.0-RELEASEIPv4 address of 10.10.0.2 assigned to lo0
Problems: Cannot connect to 10.10.0.1, the base (tested with telnet to 10.10.0.1).
---
I believe that is all possible options or is this a bug in iocage?