iocage networking problem

Status
Not open for further replies.
A

abrice

Cadet
Joined
Jul 18, 2018
Messages
9
I'm on 11.1 U5. I created two new iocage jails last night (first time I've used them). I used the following command to create them:

iocage create -n flexget ip4_addr="re0|192.168.1.10/24" -r11.1-RELEASE
iocage set allow_raw_sockets=1 flexget

From any device on the 192.168.1.0/24 I can ping 192.168.1.10. From within the jail the first ping to any device on the network gets a reply but subsequent pings drop. After you've pinged the one device all pings are dropped. (see below)
Code:
root@flexget:~ # ping 192.168.1.4
PING 192.168.1.4 (192.168.1.4): 56 data bytes
64 bytes from 192.168.1.4: icmp_seq=0 ttl=64 time=0.041 ms
^C
--- 192.168.1.4 ping statistics ---
8 packets transmitted, 1 packets received, 87.5% packet loss
round-trip min/avg/max/stddev = 0.041/0.041/0.041/0.000 ms

root@flexget:~ # ping 192.168.1.4
PING 192.168.1.4 (192.168.1.4): 56 data bytes
^C
--- 192.168.1.4 ping statistics ---
5 packets transmitted, 0 packets received, 100.0% packet loss

root@flexget:~ # ping 192.168.1.5
PING 192.168.1.5 (192.168.1.5): 56 data bytes
64 bytes from 192.168.1.5: icmp_seq=0 ttl=64 time=0.046 ms
^C
--- 192.168.1.5 ping statistics ---
6 packets transmitted, 1 packets received, 83.3% packet loss
round-trip min/avg/max/stddev = 0.046/0.046/0.046/0.000 ms


Here's my ifconfig output:
Code:
root@flexget:~ # ifconfig

re0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500

options=82099<RXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE>

ether 10:7b:44:7a:03:d4

hwaddr 10:7b:44:7a:03:d4

inet 192.168.1.10 netmask 0xffffff00 broadcast 192.168.1.255 

media: Ethernet autoselect (1000baseT <full-duplex>)

status: active

lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384

options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>

groups: lo 

vlan1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500

options=80001<RXCSUM,LINKSTATE>

ether 10:7b:44:7a:03:d4

media: Ethernet autoselect (1000baseT <full-duplex>)

status: active

vlan: 1 vlanpcp: 0 parent interface: re0

groups: vlan 

bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500

ether 02:08:a6:58:2c:00

groups: bridge 

id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15

maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200

root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0

member: tap0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>

		ifmaxaddr 0 port 9 priority 128 path cost 2000000

member: epair3a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>

		ifmaxaddr 0 port 8 priority 128 path cost 2000

member: epair2a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>

		ifmaxaddr 0 port 7 priority 128 path cost 2000

member: epair1a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>

		ifmaxaddr 0 port 6 priority 128 path cost 2000

member: epair0a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>

		ifmaxaddr 0 port 5 priority 128 path cost 2000

member: re0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>

		ifmaxaddr 0 port 1 priority 128 path cost 20000

epair0a: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500

options=8<VLAN_MTU>

ether 02:b5:d0:00:05:0a

hwaddr 02:b5:d0:00:05:0a

media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)

status: active

groups: epair 

epair1a: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500

options=8<VLAN_MTU>

ether 02:b5:d0:00:06:0a

hwaddr 02:b5:d0:00:06:0a

media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)

status: active

groups: epair 

epair2a: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500

options=8<VLAN_MTU>

ether 02:b5:d0:00:07:0a

hwaddr 02:b5:d0:00:07:0a

media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)

status: active

groups: epair 

epair3a: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500

options=8<VLAN_MTU>

ether 02:b5:d0:00:08:0a

hwaddr 02:b5:d0:00:08:0a

media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)

status: active

groups: epair 

tap0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500

options=80000<LINKSTATE>

ether 00:bd:3d:f1:f8:00

hwaddr 00:bd:3d:f1:f8:00

media: Ethernet autoselect

status: active

groups: tap 

Opened by PID 10606


Here's my iocage settings:
Code:
CONFIG_VERSION:11

allow_chflags:0

allow_mount:0

allow_mount_devfs:0

allow_mount_nullfs:0

allow_mount_procfs:0

allow_mount_tmpfs:0

allow_mount_zfs:0

allow_quotas:0

allow_raw_sockets:1

allow_set_hostname:1

allow_socket_af:0

allow_sysvipc:0

available:readonly

basejail:no

boot:on

bpf:no

children_max:0

cloned_release:11.1-RELEASE

comment:none

compression:lz4

compressratio:readonly

coredumpsize:off

count:1

cpuset:off

cputime:off

datasize:off

dedup:off

defaultrouter:none

defaultrouter6:none

depends:none

devfs_ruleset:4

dhcp:off

enforce_statfs:2

exec_clean:1

exec_fib:0

exec_jail_user:root

exec_poststart:/usr/bin/true

exec_poststop:/usr/bin/true

exec_prestart:/usr/bin/true

exec_prestop:/usr/bin/true

exec_start:/bin/sh /etc/rc

exec_stop:/bin/sh /etc/rc.shutdown

exec_system_jail_user:0

exec_system_user:root

exec_timeout:60

host_domainname:none

host_hostname:flexget

host_hostuuid:flexget

host_time:yes

hostid:753effe2-a955-11e6-bc3c-bcee7b756a76

hostid_strict_check:off

interfaces:vnet0:bridge0

ip4:new

ip4_addr:re0|192.168.1.10/24

ip4_saddrsel:1

ip6:new

ip6_addr:none

ip6_saddrsel:1

jail_zfs:off

jail_zfs_dataset:iocage/jails/flexget/data

jail_zfs_mountpoint:none

last_started:2018-07-18 11:21:45

login_flags:-f root

mac_prefix:02ff60

maxproc:off

memorylocked:off

memoryuse:off

mount_devfs:1

mount_fdescfs:1

mount_linprocfs:0

mount_procfs:0

mountpoint:readonly

msgqqueued:off

msgqsize:off

nmsgq:off

notes:none

nsemop:off

nshm:off

nthr:off

openfiles:off

origin:readonly

owner:root

pcpu:off

priority:99

pseudoterminals:off

quota:none

release:11.1-RELEASE-p11

reservation:none

resolver:/etc/resolv.conf

rlimits:off

securelevel:2

shmsize:off

stacksize:off

state:up

stop_timeout:30

swapuse:off

sync_state:none

sync_target:none

sync_tgt_zpool:none

sysvmsg:new

sysvsem:new

sysvshm:new

template:no

type:jail

used:readonly

vmemoryuse:off

vnet:off

vnet0_mac:none

vnet1_mac:none

vnet2_mac:none

vnet3_mac:none

vnet_interfaces:none

wallclock:off
 
A

abrice

Cadet
Joined
Jul 18, 2018
Messages
9
Update:

I moved it to the epair3a interface and can ping my freenas box and router from within the jail but all I'm getting the same result when pinging other non-iocage jails. From the legacy jails I can ping the iocage jail without issues. The only issue now is from iocage jail to legacy.
 
A

abrice

Cadet
Joined
Jul 18, 2018
Messages
9
Update:

I put it back to re0 and stopped and started the jail a bunch of times and it's able to ping again all systems. So I guess it's "working".... seems super flakey to me though.
 
Status
Not open for further replies.

Similar threads

R
  • Locked
em0 missing on bridge0 after upgrade to FreeNAS 11.1
Replies
7
Views
5K
fracai
fracai
STREBLO
  • Locked
Properly creating iocage bridges for VNET
Replies
4
Views
4K
STREBLO
STREBLO
N
  • Locked
No network access in jail on virtual box
Replies
8
Views
2K
NasKar
N
rwfitzy
  • Locked
iocage jail networking
Replies
9
Views
4K
j0hnby
j0hnby
T
Jails lost connectivity
Replies
2
Views
1K
tranqme
T
Top