Solved Starting jail changes network configuration

[perkypork]

I have a bit of an unusual problem that I cannot seem to solve.

When I start my base system or start/restart a jail (using sysutils/ezjail) the network configuration changes, namely the netmask. The netmask for all IP/alias' is 255.255.255.0 but this changes to 255.255.255.255 for all interfaces connected to a jail. This breaks all networking in all jails.

To fix the issue I need to run the following:
1. service netif restart
2. service routing restart

I am using FreeBSD 10.1-RELEASE r279392 (I built from source).

Does anyone have any ideas on why this would be happening and what I might do to fix it?

 

[perkypork]

Attached are screenshots of:
1. rc.conf
2. output of ifconfig immediately after base startup
3. output of netstat -rn immediately after base startup

 

[junovitch@]

Can you show the 'ip' line from one of the /usr/local/etc/ezjail? Presumably you are not using the bce1|x.x.x.x syntax, correct? That does seem rather strange that the prefix is getting changed. Typically, aliases are /32's. I believe that isn't a hard requirement anymore but don't have a reference for that right now. Does the behavior change with /32 on the aliases?

 

[perkypork]

Can you show the 'ip' line from one of the /usr/local/etc/ezjail? Presumably you are not using the bce1|x.x.x.x syntax, correct?

I am using the bce1|x.x.x.x syntax in the jails configuration.

Typically, aliases are /32's. I believe that isn't a hard requirement anymore but don't have a reference for that right now.

I have seen that it isn't required as a /32 anymore for alias'.

Does the behavior change with /32 on the aliases?

I assume you mean set netmask to 255.255.255.255 for alias's in rc.conf? Wouldn't that be the same as the configuration after reboot of server (start of jail)?

 

[junovitch@]

I am using the bce1|x.x.x.x syntax in the jails configuration.

If you are using rc.conf then don't use the bce1|x.x.x.x syntax. That will create the interface and it sounds like it's conflicting with the pre-existing config. Either use x.x.x.x and the pre-existing rc.conf config or do all the configuration via bce1|x.x.x.x.

I assume you mean set netmask to 255.255.255.255 for alias's in rc.conf? Wouldn't that be the same as the configuration after reboot of server?

For your earlier config, /27 on the host interface and /32 on each alias would do. But that's only relevant if you chose to do the x.x.x.x style config over the bce1|x.x.x.x style.

 

[perkypork]

Thank you junovitch! Just to clarify what you are saying

Configure the IP details for each jail using the bce1|x.x.x.x and leave all jail IP configuration out of rc.conf.

OR

Configure all IP details inside rc.conf and only use the x.x.x.x configuration in each jails configuration?

EDIT: fixed up some stuff.

 

[qcure]

By default ezjail will set mask of /32 for the alias. If you want to change this and put specific mask on the alias for the jail, you need to edit the config file for the jail and put /24 after the ip address

bce1|x.x.x.x/24

and restart the jail. Don't edit anything in rc.conf if you are using ezjail.

 

[junovitch@]

Thank you junovitch! Just to clarify what you are saying

Configure the IP details for each jail using the bce1|x.x.x.x and leave all jail IP configuration out of rc.conf.

OR

Configure all IP details inside rc.conf and only use the x.x.x.x configuration in each jails configuration?

EDIT: fixed up some stuff.

Yes, you got it. Do that and you should be good.