Hello all,
I have been experimenting with running a project that works great on AMD64/X86 on an RPI3 B, and have had some hiccups with jails, and I am wondering if anyone has experienced anything similar, and has any idea as to the cause.
I've noticed the standard method of NATting jails on a loopback to the LAN does not seem to work (as covered here). Interestingly, when I tried enabling raw sockets, I can ping, and traceroutes with IMCP, but anything with tcp seems to go nowhere. I do have a dns set in /etc/resolv.conf
Interestingly, if I directly link a jail to the external interface "ue0|some.in-network.ip.address" everything works as expected, so I'm sure something must be up with the NATting.
Here is my /etc/pf.conf
Output from ifconfig
If anyone has any suggestions for debugging or remedying this issue, it would be greatly appreciated! it should be noted this exact same setup works great on X86/AMD64 architecture boxes
I have been experimenting with running a project that works great on AMD64/X86 on an RPI3 B, and have had some hiccups with jails, and I am wondering if anyone has experienced anything similar, and has any idea as to the cause.
I've noticed the standard method of NATting jails on a loopback to the LAN does not seem to work (as covered here). Interestingly, when I tried enabling raw sockets, I can ping, and traceroutes with IMCP, but anything with tcp seems to go nowhere. I do have a dns set in /etc/resolv.conf
Interestingly, if I directly link a jail to the external interface "ue0|some.in-network.ip.address" everything works as expected, so I'm sure something must be up with the NATting.
Here is my /etc/pf.conf
Code:
ext_if="ue0"
jail_if="lo1"
IP_PUB="192.168.1.233"
NET_JAIL="10.0.0.0/24"
scrub in all
# nat all jail traffic
nat pass on $ext_if from $NET_JAIL to any -> $IP_PUB
# passing everything for test
pass out
pass in
Output from ifconfig
Code:
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
inet 127.0.0.1 netmask 0xff000000
groups: lo
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
ue0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=80009<RXCSUM,VLAN_MTU,LINKSTATE>
ether b8:27:eb:d3:80:33
hwaddr b8:27:eb:d3:80:33
inet 192.168.1.235 netmask 0xffffff00 broadcast 192.168.1.255
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
lo1: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
inet 10.0.0.1 netmask 0xffffffff
inet 10.0.0.10 netmask 0xffffffff
groups: lo
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
If anyone has any suggestions for debugging or remedying this issue, it would be greatly appreciated! it should be noted this exact same setup works great on X86/AMD64 architecture boxes