Nextcloud jail VNET Failed

[martin-d]

Hi,
I can't access to my Nextcloud jail. It no longer responds to ping.
After several searches, I haven't been able to find a solution to my problem.
This is how my jail network is configured :

Everything was working fine before. I tried to change the IP address and nothing has worked since. So I rollback to the previous config and still same.
Has anyone ever had this kind of problem?

Thanks

 

[Patrick M. Hausen]

Your physical network port is not part of the bridge interface. Please post the full output of ifconfig collected not in the UI shell but via SSH and copied & pasted as text enclosed in [CODE] tags and not as a screenshot. Thank you.

 

[martin-d]

Code:

vtnet0: flags=8963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        description: Réseau N2S
        options=800b8<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,LINKSTATE>
        ether 4e:20:72:62:6b:c4
        inet 192.168.1.202 netmask 0xffffff00 broadcast 192.168.1.255
        media: Ethernet autoselect (10Gbase-T <full-duplex>)
        status: active
        nd6 options=9<PERFORMNUD,IFDISABLED>
vtnet1: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        description: Cloudflare Tunnel
        options=800b8<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,LINKSTATE>
        ether a2:4a:b9:be:24:04
        inet 10.0.1.20 netmask 0xffffff00 broadcast 10.0.1.255
        media: Ethernet autoselect (10Gbase-T <full-duplex>)
        status: active
        nd6 options=9<PERFORMNUD,IFDISABLED>
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
        inet 127.0.0.1 netmask 0xff000000
        groups: lo
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
pflog0: flags=0<> metric 0 mtu 33160
        groups: pflog
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        ether 58:9c:fc:10:e7:0f
        id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
        maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
        root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
        member: vnet0.3 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                ifmaxaddr 0 port 6 priority 128 path cost 2000
        member: vtnet0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                ifmaxaddr 0 port 1 priority 128 path cost 2000
        groups: bridge
        nd6 options=9<PERFORMNUD,IFDISABLED>
vnet0.3: flags=8963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        description: associated with jail: Nextcloud as nic: epair0b
        options=8<VLAN_MTU>
        ether 4e:20:72:27:9a:bf
        hwaddr 02:ae:0a:8a:b2:0a
        groups: epair
        media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
        status: active
        nd6 options=9<PERFORMNUD,IFDISABLED>

vnet0.49 become vnet0.3 because of restart

 

[Patrick M. Hausen]

For a temporary fix: ifconfig bridge0 delm vtnet0; ifconfig bridge0 addm vtnet1

For a permanent fix we need to put some more effort into this and not rely on the "auto" function of the vnet_default_interface setting. Please describe your network setup. Why are there two interfaces with different IP ranges, what are you using them for, and why are these virtualised interfaces? You are running TrueNAS inside a hypervisor?

I'll probably have some more time tomorrow - please provide the information in the meantime.

Kind regards,
Patrick

 

[martin-d]

I have a vnet0 interface in 192.168.1.0 for the company's private network and a vnet1 interface in 10.0.1.0 for the "public" network which communicates with the outside via a cloudflare tunnel. At first, I simply installed Nextcloud on the vnet0 network then I wanted to switch it to vnet1 but impossible. After going back, nothing communicates anymore. I must have missed a step...

Yes Truenas is installed on a Proxmox.

Thank you for your time

 

[martin-d]

With vnet_default_interface on vnet0 i have a ping response but cannot access to Nextcloud

 

[Patrick M. Hausen]

Don't change the configuration, leave auto, reboot, then use the two commands I wrote above. We'll fix it permanently after a good night's sleep.

 

[martin-d]

Maybe you mean

Code:

ifconfig bridge0 deletem vtnet0

New network config with these 2 commands :

Code:

vtnet0: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        description: Réseau N2S
        options=800b8<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,LINKSTATE>
        ether 4e:20:72:62:6b:c4
        inet 192.168.1.202 netmask 0xffffff00 broadcast 192.168.1.255
        media: Ethernet autoselect (10Gbase-T <full-duplex>)
        status: active
        nd6 options=9<PERFORMNUD,IFDISABLED>
vtnet1: flags=8963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        description: Cloudflare Tunnel
        options=800b8<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,LINKSTATE>
        ether a2:4a:b9:be:24:04
        inet 10.0.1.20 netmask 0xffffff00 broadcast 10.0.1.255
        media: Ethernet autoselect (10Gbase-T <full-duplex>)
        status: active
        nd6 options=9<PERFORMNUD,IFDISABLED>
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
        inet 127.0.0.1 netmask 0xff000000
        groups: lo
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
pflog0: flags=0<> metric 0 mtu 33160
        groups: pflog
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        ether 58:9c:fc:10:e7:0f
        id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
        maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
        root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
        member: vtnet1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                ifmaxaddr 0 port 2 priority 128 path cost 2000
        member: vnet0.1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                ifmaxaddr 0 port 7 priority 128 path cost 2000
        groups: bridge
        nd6 options=9<PERFORMNUD,IFDISABLED>
vnet0.1: flags=8963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        description: associated with jail: Nextcloud as nic: epair0b
        options=8<VLAN_MTU>
        ether 4e:20:72:27:9a:bf
        hwaddr 02:ae:0a:8a:b2:0a
        groups: epair
        media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
        status: active
        nd6 options=9<PERFORMNUD,IFDISABLED>

Ping ok but cannot access to Nextcloud
Maybe try to dedicade a Virtual Network card to Nextcloud's jail if it's possible.

See you tommorow ;)

 

[Patrick M. Hausen]

So - I get that vtnet0 is your main NAS interface. Is the default router also connected to that network? I guess so, but please confirm.
Now you wrote that vtnet1 is for a public network. Does the NAS also communicate via that network or is this strictly for bridging jails(s) and possibly VM(s)?

Kind regards,
Patrick

 

[martin-d]

Exactly !
Vnet0 is the main network (the one created by my ISP's router). Vnet1 should only be used for jails and VMs that are accessible to internet via the Cloudflare Tunnel install on Proxmox

 

[Patrick M. Hausen]

OK. Then your NAS does not need an IP address in that network! It's just providing a layer 2 connection.

Set all jails' "Autostart" to off and reboot.
Remove the IP address from vtnet1, put "up" into the "Options" field instead and make sure to disable hardware offloading.
Add a new network interface, type bridge, name "bridge0", only member vtnet1, also no IP address and just "up".

Test & save.

Then for the jails:

vnet_default_interface: none
ipv4_interface: vnet0
Down in the network properties - interfaces: vnet0:bridge0

With correct IP address and default gateway configuration for the jail that should do it.

 

[martin-d]

It works perfectly!
Thanks a lot for your help. I am retaining the config for the next jails