- Joined
- Jul 3, 2023
- Messages
- 3
I've had this strange issue for a while. On WiFi The TrueNAS web interface and system are fully accessible, but all the jails are unreachable. On ethernet the system and jails are reachable. I don't believe this is an ap isolation issue/router problem(not completely ruled out), as wifi devices can ping the TrueNAS system itself and other devices that are also on ethernet. It's only the jails that are inaccessible.
Interestingly if I create a new jail (not reachable on WiFi) and reboot the system, for a short period of time(apoligies I don't have it exactly), that jail become reachable (can be pinged by wifi devices and can ping wifi devices). Also maybe worth noting, I can connect to Wireguard on the local network(it's NATed sharing ip with the system) and then I can connect to the jails then.
All of the jails I've configured to be accessible outside of the network are accessible outside of the network. All of the jails can ping the TrueNAS system itself, other ethernet devices, and outside of the network (ie Google), but cannot ping wifi devices.
ifconfig pre-reboot
I have an ifconfig post-reboot, but it looks identical besides the change in ids of jails, but if interested I can post.
netstat -r
cat resolve.conf
I have using the same install since FreeNAS 11, but I never had this problem with that. I believe I first noticed the problem with TrueNAS 12 and continued on in TrueNAS13.
My network is a little messy, but it works.
Modem/Router combo(required by ISP) with WiFi capabilities disabled and DHCP server disabled, set to passthrough. 192.168.1.1
Router with DHCP server which only assigned above .100 and below .250. Netmask set to /24 192.168.1.254
Simple TP-Link 10 port consumer switch
TrueNAS system 192.168.1.4
All jails are statically assigned IPs below the DHCP range. All using /24 as netmask. All using vnet and Berkeley Packet Filter, except for the Wireguard jail which uses NAT and VNET and uses /30 netmask.
Laptop 1 on ethernet 192.168.1.214 (assigned by dhcp)
Laptop 2 on wifi 192.168.1.154 (assigned by dhcp)
I've really enjoyed TrueNAS Core and the experience of learning the FreeBSD ecosystem and I'd like to keep with it! Apologies if the formatting is poor.
Thanks for any help!
Interestingly if I create a new jail (not reachable on WiFi) and reboot the system, for a short period of time(apoligies I don't have it exactly), that jail become reachable (can be pinged by wifi devices and can ping wifi devices). Also maybe worth noting, I can connect to Wireguard on the local network(it's NATed sharing ip with the system) and then I can connect to the jails then.
All of the jails I've configured to be accessible outside of the network are accessible outside of the network. All of the jails can ping the TrueNAS system itself, other ethernet devices, and outside of the network (ie Google), but cannot ping wifi devices.
ifconfig pre-reboot
Code:
igb0: flags=8963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: igb0 options=4a120b9<RXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,WOL_MAGIC,VLAN_HWFILTER,RXCSUM_IPV6,NOMAP> ether ac:1f:6b:fc:ad:f6 inet 192.168.1.4 netmask 0xffffff00 broadcast 192.168.1.255 media: Ethernet autoselect (1000baseT <full-duplex>) status: active nd6 options=9<PERFORMNUD,IFDISABLED> igb1: flags=8822<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=4e527bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,WOL_MAGIC,VLAN_HWFILTER,VLAN_HWTSO,RXCSUM_IPV6,TXCSUM_IPV6,NOMAP> ether ac:1f:6b:fc:ad:f7 media: Ethernet autoselect status: no carrier nd6 options=9<PERFORMNUD,IFDISABLED> lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6> inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 inet 127.0.0.1 netmask 0xff000000 groups: lo nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> pflog0: flags=0<> metric 0 mtu 33160 groups: pflog bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 ether 58:9c:fc:10:ff:cb id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200 root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 member: vnet0.56 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 10 priority 128 path cost 2000 member: vnet0.55 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 13 priority 128 path cost 2000 member: vnet0.45 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 7 priority 128 path cost 2000 member: vnet0.41 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 11 priority 128 path cost 2000 member: vnet0.38 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 8 priority 128 path cost 2000 member: vnet0.26 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 9 priority 128 path cost 2000 member: vnet0.24 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 12 priority 128 path cost 2000 member: vnet0.18 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 14 priority 128 path cost 2000 member: igb0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 1 priority 128 path cost 20000 groups: bridge nd6 options=9<PERFORMNUD,IFDISABLED> vnet0.18: flags=8963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: associated with jail: qbittorrent-public as nic: epair0b options=8<VLAN_MTU> ether ae:1f:6b:75:34:da hwaddr 02:e6:16:ac:08:0a groups: epair media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>) status: active nd6 options=9<PERFORMNUD,IFDISABLED> vnet0.24: flags=8963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: associated with jail: qbittorrent-media as nic: epair0b options=8<VLAN_MTU> ether ae:1f:6b:4c:2e:a2 hwaddr 02:4f:73:d3:b3:0a groups: epair media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>) status: active nd6 options=9<PERFORMNUD,IFDISABLED> vnet0.26: flags=8963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: associated with jail: caddy as nic: epair0b options=8<VLAN_MTU> ether ae:1f:6b:9a:61:30 hwaddr 02:b7:87:eb:75:0a groups: epair media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>) status: active nd6 options=9<PERFORMNUD,IFDISABLED> vnet0.30: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: associated with jail: wireguard as nic: epair0b options=8<VLAN_MTU> ether ae:1f:6b:be:89:0c hwaddr 02:c5:e9:a5:7a:0a inet 172.16.0.1 netmask 0xfffffffc broadcast 172.16.0.3 groups: epair media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>) status: active nd6 options=9<PERFORMNUD,IFDISABLED> vnet0.38: flags=8963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: associated with jail: qbittorrent-books as nic: epair0b options=8<VLAN_MTU> ether ae:1f:6b:3b:2e:32 hwaddr 02:19:e2:8f:3d:0a groups: epair media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>) status: active nd6 options=9<PERFORMNUD,IFDISABLED> vnet0.41: flags=8963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: associated with jail: qbittorrent-music as nic: epair0b options=8<VLAN_MTU> ether ae:1f:6b:7a:d0:cb hwaddr 02:cb:81:bf:87:0a groups: epair media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>) status: active nd6 options=9<PERFORMNUD,IFDISABLED> vnet0.45: flags=8963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: associated with jail: PlexMediaServer as nic: epair0b options=8<VLAN_MTU> ether ae:1f:6b:96:b1:2c hwaddr 02:7c:27:50:46:0a groups: epair media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>) status: active nd6 options=9<PERFORMNUD,IFDISABLED> vnet0.55: flags=8963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: associated with jail: audiobookshelf as nic: epair0b options=8<VLAN_MTU> ether ae:1f:6b:bc:1e:b5 hwaddr 02:e6:89:43:7a:0a groups: epair media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>) status: active nd6 options=9<PERFORMNUD,IFDISABLED> vnet0.56: flags=8963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: associated with jail: komga as nic: epair0b options=8<VLAN_MTU> ether ae:1f:6b:98:cc:eb hwaddr 02:4d:a0:85:3f:0a groups: epair media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>) status: active nd6 options=9<PERFORMNUD,IFDISABLED>
I have an ifconfig post-reboot, but it looks identical besides the change in ids of jails, but if interested I can post.
netstat -r
Code:
Routing tables Internet: Destination Gateway Flags Netif Expire default 192.168.1.1 UGS igb0 localhost link#3 UH lo0 172.16.0.0/30 link#5 U vnet0.30 172.16.0.1 link#5 UHS lo0 192.168.1.0/24 link#1 U igb0 192.168.1.4 link#1 UHS lo0 Internet6: Destination Gateway Flags Netif Expire ::/96 localhost UGRS lo0 localhost link#3 UHS lo0 ::ffff:0.0.0.0/96 localhost UGRS lo0 fe80::/10 localhost UGRS lo0 fe80::%lo0/64 link#3 U lo0 fe80::1%lo0 link#3 UHS lo0 ff02::/16 localhost UGRS lo0
cat resolve.conf
Code:
domain local search local nameserver 1.1.1.1 nameserver 1.0.0.1
I have using the same install since FreeNAS 11, but I never had this problem with that. I believe I first noticed the problem with TrueNAS 12 and continued on in TrueNAS13.
My network is a little messy, but it works.
Modem/Router combo(required by ISP) with WiFi capabilities disabled and DHCP server disabled, set to passthrough. 192.168.1.1
Router with DHCP server which only assigned above .100 and below .250. Netmask set to /24 192.168.1.254
Simple TP-Link 10 port consumer switch
TrueNAS system 192.168.1.4
All jails are statically assigned IPs below the DHCP range. All using /24 as netmask. All using vnet and Berkeley Packet Filter, except for the Wireguard jail which uses NAT and VNET and uses /30 netmask.
Laptop 1 on ethernet 192.168.1.214 (assigned by dhcp)
Laptop 2 on wifi 192.168.1.154 (assigned by dhcp)
I've really enjoyed TrueNAS Core and the experience of learning the FreeBSD ecosystem and I'd like to keep with it! Apologies if the formatting is poor.
Thanks for any help!