iocage jail networking

Status
Not open for further replies.

rwfitzy

Explorer
Joined
Nov 20, 2014
Messages
53
My first jail with iocage and not able to see network. Problem with ping after started, I read a post about the error:
Code:
ping: ssend socket: Operation not permitted

I did issue a iocage set allow_raw_sockets=1 monitor. From the jail, I can now ping itself and the FreeNAS server lagg interfaces, but nothing else. Here is my ifconfig from the jail:
Code:
root@monitor:~ # ifconfig
em0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
		options=98<VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
		ether 00:15:17:2d:5d:8e
		hwaddr 00:15:17:2d:5d:8e
		inet 208.x.x.24 netmask 0xffffffc0 broadcast 208.x.x.63
		media: Ethernet autoselect (1000baseT <full-duplex>)
		status: active
em1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
		options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
		ether 00:15:17:2d:5d:8f
		hwaddr 00:15:17:2d:5d:8f
		media: Ethernet autoselect (1000baseT <full-duplex>)
		status: active
em2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
		options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
		ether 00:15:17:2d:5d:8f
		hwaddr 00:11:0a:56:f3:7e
		media: Ethernet autoselect (1000baseT <full-duplex>)
		status: active
em3: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
		options=98<VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
		ether 00:15:17:2d:5d:8e
		hwaddr 00:11:0a:56:f3:7f
		media: Ethernet autoselect (1000baseT <full-duplex>)
		status: active
em4: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
		options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
		ether 00:15:17:2d:5d:8f
		hwaddr 00:30:48:74:fe:40
		media: Ethernet autoselect (1000baseT <full-duplex>)
		status: active
em5: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
		options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
		ether 00:15:17:2d:5d:8f
		hwaddr 00:30:48:74:fe:41
		media: Ethernet autoselect (1000baseT <full-duplex>)
		status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
		options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
		groups: lo
lagg0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
		options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
		ether 00:15:17:2d:5d:8f
		media: Ethernet autoselect
		status: active
		groups: lagg
		laggproto lacp lagghash l2,l3,l4
		laggport: em1 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING>
		laggport: em2 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING>
		laggport: em4 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING>
		laggport: em5 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING>
lagg1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
		options=98<VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
		ether 00:15:17:2d:5d:8e
		media: Ethernet autoselect
		status: active
		groups: lagg
		laggproto lacp lagghash l2,l3,l4
		laggport: em0 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING>
		laggport: em3 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING>
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
		ether 02:58:53:b2:af:00
		groups: bridge
		id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
		maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
		root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
		member: epair1a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
				ifmaxaddr 0 port 12 priority 128 path cost 2000
		member: lagg1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
				ifmaxaddr 0 port 9 priority 128 path cost 10000
epair1a: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
		options=8<VLAN_MTU>
		ether 02:93:90:00:0c:0a
		hwaddr 02:93:90:00:0c:0a
		media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
		status: active
		groups: epair

The IP assigned to the jail and on the em0 interface is the same subnet as thge IP assigned to the lagg1 interface. I enabled ssh and can log in from the FreeNAS server with long wait time for a password prompt. Cannot ping gateway of server. Do I need to add a default route to the rc.conf file?

Also, is the VNET setup stable?
 
Last edited:

Jailer

Not strong, but bad
Joined
Sep 12, 2014
Messages
4,974

rwfitzy

Explorer
Joined
Nov 20, 2014
Messages
53
I added the tunable as decribed in the post with variable ifconfig_bridge0 as addm em0 up but still not working after server reboot, same results. Perhaps I need to use lagg1 or something else needs done? Just wanna get it straight before another reboot. Here's the server ifconfig:

Code:
root@data1:~ # ifconfig
em0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
		options=98<VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
		ether 00:15:17:2d:5d:8e
		hwaddr 00:15:17:2d:5d:8e
		inet 208.x.x.24 netmask 0xffffffc0 broadcast 208.x.x.63
		nd6 options=9<PERFORMNUD,IFDISABLED>
		media: Ethernet autoselect (1000baseT <full-duplex>)
		status: active
em1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
		options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
		ether 00:15:17:2d:5d:8f
		hwaddr 00:15:17:2d:5d:8f
		nd6 options=9<PERFORMNUD,IFDISABLED>
		media: Ethernet autoselect (1000baseT <full-duplex>)
		status: active
em2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
		options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
		ether 00:15:17:2d:5d:8f
		hwaddr 00:11:0a:56:f3:7e
		nd6 options=9<PERFORMNUD,IFDISABLED>
		media: Ethernet autoselect (1000baseT <full-duplex>)
		status: active
em3: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
		options=98<VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
		ether 00:15:17:2d:5d:8e
		hwaddr 00:11:0a:56:f3:7f
		nd6 options=9<PERFORMNUD,IFDISABLED>
		media: Ethernet autoselect (1000baseT <full-duplex>)
		status: active
em4: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
		options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
		ether 00:15:17:2d:5d:8f
		hwaddr 00:30:48:74:fe:40
		nd6 options=9<PERFORMNUD,IFDISABLED>
		media: Ethernet autoselect (1000baseT <full-duplex>)
		status: active
em5: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
		options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
		ether 00:15:17:2d:5d:8f
		hwaddr 00:30:48:74:fe:41
		nd6 options=9<PERFORMNUD,IFDISABLED>
		media: Ethernet autoselect (1000baseT <full-duplex>)
		status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
		options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
		inet6 ::1 prefixlen 128
		inet6 fe80::1%lo0 prefixlen 64 scopeid 0x7
		inet 127.0.0.1 netmask 0xff000000
		nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
		groups: lo
lagg0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
		options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
		ether 00:15:17:2d:5d:8f
		inet 192.168.1.25 netmask 0xffffff00 broadcast 192.168.1.255
		nd6 options=9<PERFORMNUD,IFDISABLED>
		media: Ethernet autoselect
		status: active
		groups: lagg
		laggproto lacp lagghash l2,l3,l4
		laggport: em1 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING>
		laggport: em2 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING>
		laggport: em4 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING>
		laggport: em5 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING>
lagg1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
		options=98<VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
		ether 00:15:17:2d:5d:8e
		inet 208.x.x.25 netmask 0xffffffc0 broadcast 208.x.x.63
		nd6 options=9<PERFORMNUD,IFDISABLED>
		media: Ethernet autoselect
		status: active
		groups: lagg
		laggproto lacp lagghash l2,l3,l4
		laggport: em0 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING>
		laggport: em3 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING>
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
		ether 02:58:53:b2:af:00
		nd6 options=1<PERFORMNUD>
		groups: bridge
		id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
		maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
		root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
		member: epair0a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
				ifmaxaddr 0 port 11 priority 128 path cost 2000
		member: lagg1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
				ifmaxaddr 0 port 9 priority 128 path cost 10000
epair0a: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
		options=8<VLAN_MTU>
		ether 02:93:90:00:0b:0a
		hwaddr 02:93:90:00:0b:0a
		nd6 options=1<PERFORMNUD>
		media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
		status: active
		groups: epair


If I do netstat -r inside the jail, takes long to respond, then only this:

Code:
Internet:
Destination		Gateway			Flags	 Netif Expire
208.x.x.24	  link#1			 UHS		 lo0
 

j0hnby

Explorer
Joined
Apr 22, 2017
Messages
68
Hi

You should add your lagg to the bridge (but from your config, looks like you have done that)

What's the ifconfig from inside the jail when you have set the bridge up?

J
 

diskdiddler

Wizard
Joined
Jul 9, 2014
Messages
2,374

diskdiddler

Wizard
Joined
Jul 9, 2014
Messages
2,374
Do you know which one specifically? I'll keep my eye on it. I love reading the tracker, I almost do daily just to see the meat and potatoes of FreeNAS future.
 

j0hnby

Explorer
Joined
Apr 22, 2017
Messages
68
There are actually quite a few. I did a quick search just now for IOCAGE and bridge...but I am sure I remember seeing one specific one, but can't find it! Sure it was linked to the 11.2 Beta 1 entry in the roadmap.
 

rwfitzy

Explorer
Joined
Nov 20, 2014
Messages
53
Yes, this was the lagg1, I didn't use the lagg1 for the iocage ip4_addr. I had used em0 o_O

I have setup now with both the tunable and ip4_addr using lagg1, all works great and I like the iocage :)
 

j0hnby

Explorer
Joined
Apr 22, 2017
Messages
68
Great :) Good work!
 
Status
Not open for further replies.
Top