Does anyone else have an issue with Plex and getting an indirect connection when using
https://app.plex.tv to access the iocage jail instance? I previously had this issue with the old warden jail instance but resolved it by adding a custom option in pfSense for the DNS Resolver (unbound) service: server: private-domain: "plex.direct" to exclude it from DNS rebinding protection. That setting should still work for the new iocage jail but for the life of me I cannot seem to get it working. If I go to the IP directly its secure, using a direct connection and works just like it should. Accessing remotely works as well so the NAT'ing is set correctly. Its just internally using
https://app.plex.tv that's having the problem. As another test I created a new fresh install of Plex in a warden jail and added a new port forward rule in pfSense and it works just fine internally and externally. It seems like there might be some difference in the way the iocage jail is set up maybe in the way VNET is being used (though I tried Shared IP and it still wasn't working either). I noticed that one difference is nd6 options though I cannot find a lot of information on exactly what that is. Its set to nd6 options=1 on the new instance and nd6 options=9 on the old one. Any thoughts on what I can look at? Thanks!
iocage jail:
Code:
ifconfig:
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
inet 127.0.0.1 netmask 0xff000000
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
groups: lo
vnet0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 02:ff:60:14:fa:0a
hwaddr 02:95:e0:00:0f:0b
inet 172.25.1.51 netmask 0xffffff00 broadcast 172.25.1.255
nd6 options=1<PERFORMNUD>
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
groups: epair
rc.conf:
sshd_enable="YES"
ifconfig_vnet0="DHCP"
host_hostname="plex"
cron_flags="$cron_flags -J 15"
# Disable Sendmail by default
sendmail_enable="NONE"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"
# Run secure syslog
syslogd_flags="-c -ss"
# Enable IPv6
ipv6_activate_all_interfaces="YES"
plexmediaserver_plexpass_enable="YES"
plexmediaserver_plexpass_support_path="/config"
warden jail:
Code:
ifconfig:
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
inet 127.0.0.1 netmask 0xff000000
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
epair9b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 02:9a:72:00:0c:0b
inet 172.25.1.19 netmask 0xffffff00 broadcast 172.25.1.255
nd6 options=9<PERFORMNUD,IFDISABLED>
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
rc.conf:
portmap_enable="NO"
sshd_enable="YES"
sendmail_enable="NO"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"
hostname="plexmediaserver_1"
devfs_enable="YES"
devfs_system_ruleset="devfsrules_common"
inet6_enable="YES"
ip6addrctl_enable="YES"
plexmediaserver_support_path="/var/db/plexdata"
plexmediaserver_enable="YES"