Following the manual on https://www.cyberciti.biz/faq/configuring-freebsd-12-vnet-jail-using-bridgeepair-zfs/, I'm trying to setup a vnet based jail on FreeBSD 13.1.
/etc/jail.conf
/jails/fever/etc/rc.conf
After starting the jails, the network interface are this:
And in the jail
Networking does not work at all and I'm not able to ping anything. Probably I did something wrong, but I can't see what and any help is appreciated.
/etc/jail.conf
Code:
fever {
host.hostname = "fever"; # hostname
path = "/jails/fever"; # root directory
exec.clean;
exec.system_user = "root";
exec.jail_user = "root";
# ##########################################################################
# netgraph/vnet config info
# e0b is my vnet
# em0 is my physical network interface connected to the LAN (use ifconfig)
# jib is located in /usr/local/sbin
# demojail is my jail name
# ##########################################################################
vnet;
vnet.interface = "e0a_fever"; # vnet interface(s)
exec.prestart += "jib addm fever vmx0";
exec.poststop += "jib destroy fever";
# Standard stuff
exec.start += "/bin/sh /etc/rc";
exec.stop = "/bin/sh /etc/rc.shutdown";
exec.consolelog = "/var/log/jail_demojail_console.log";
mount.devfs; #mount devfs
allow.raw_sockets; #allow ping-pong
devfs_ruleset="5"; #devfs ruleset for this jail
allow.set_hostname = 1;
}/jails/fever/etc/rc.conf
Code:
host_hostname="fever"
ifconfig_e0a_fever="inet 172.29.161.16 netmask 255.255.255.0"
defaultrouter="172.29.161.1"
# Start or stop services #
cron_flags="$cron_flags -J 15"
sendmail_enable="NONE"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"
syslogd_flags="-c -ss"
ipv6_activate_all_interfaces="NO"
sshd_enable="NO"
# Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable
dumpdev="AUTOAfter starting the jails, the network interface are this:
Code:
vmx0: flags=8963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=4e403bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,VLAN_HWTSO,RXCSUM_IPV6,TXCSUM_IPV6,NOMAP>
ether 00:0c:29:02:00:3e
inet 172.29.161.12 netmask 0xffffff00 broadcast 172.29.161.255
inet6 fe80::20c:29ff:fe02:3e%vmx0 prefixlen 64 scopeid 0x1
media: Ethernet autoselect
status: active
nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
inet 127.0.0.1 netmask 0xff000000
groups: lo
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
vmx0bridge: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 58:9c:fc:10:96:25
id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
member: vmx0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 1 priority 128 path cost 2000
groups: bridge
nd6 options=9<PERFORMNUD,IFDISABLED>
e0b_fever: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 0e:00:d5:02:00:3e
hwaddr 02:08:35:af:af:0b
groups: epair
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>And in the jail
Code:
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
inet 127.0.0.1 netmask 0xff000000
groups: lo
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
e0a_fever: flags=8963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 02:00:d5:02:00:3e
hwaddr 02:08:35:af:af:0a
inet 172.29.161.16 netmask 0xffffff00 broadcast 172.29.161.255
groups: epair
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>Networking does not work at all and I'm not able to ping anything. Probably I did something wrong, but I can't see what and any help is appreciated.
Last edited by a moderator:
