Register for the iXsystems Community to get an ad-free experience and exclusive discounts in our eBay Store.

SOLVED Unable to ping anything when inside iocage jail - FreeNAS-11.1-U7

Mehul V

Member
Joined
Oct 17, 2015
Messages
53
  1. I have FreeNAS-11.1-U7 running on Intel(R) Xeon(R) CPU E5-2650 0 @ 2.00GH with one out of two physical NIC connected (ix0).
  2. I am able to access FreeNAS GUI via webpage.
  3. FreeNAS is able to access internet
  4. I have plex running as iocage jail(installed manually and not via plugin) that I am not able to access using webpage.


After getting shell access to jail, I tried to see if I can update Plex by following this guide and got stuck at first step pkg install nano wget
This is the error I get:
Code:
root@plex:/ # pkg install nano wget
Updating FreeBSD repository catalogue...
pkg: Repository FreeBSD load error: access repo file(/var/db/pkg/repo-FreeBSD.sqlite) failed: No such file or directory
pkg: http://pkg.FreeBSD.org/FreeBSD:11:amd64/quarterly/meta.txz: No address record
repository FreeBSD has no meta file, using default settings
pkg: http://pkg.FreeBSD.org/FreeBSD:11:amd64/quarterly/packagesite.txz: No address record
Unable to update repository FreeBSD
Error updating repositories!
root@plex:/ # 



Following THIS thread, I tried to do a little troubleshooting.
Code:
root@plex:/ # host pkg.freebsd.org
;; connection timed out; no servers could be reached
root@plex:/ # ping pkg.freebsd.org
ping: cannot resolve pkg.freebsd.org: Host name lookup failure
root@plex:/ #




Running netstat -rn gives me :
Code:
root@plex:/ # netstat -rn
netstat: kvm not available: /dev/mem: No such file or directory
Routing tables

Internet:
Destination        Gateway            Flags     Netif Expire
default            192.168.1.1        UGS     epair0b
127.0.0.1          link#1             UH          lo0
192.168.1.0/24     link#2             U       epair0b
192.168.1.121      link#2             UHS         lo0

Internet6:
Destination                       Gateway                       Flags     Netif Expire
::/96                             ::1                           UGRS        lo0
::1                               link#1                        UH          lo0
::ffff:0.0.0.0/96                 ::1                           UGRS        lo0
fe80::/10                         ::1                           UGRS        lo0
fe80::%lo0/64                     link#1                        U           lo0
fe80::1%lo0                       link#1                        UHS         lo0
ff02::/16                         ::1                           UGRS        lo0
root@plex:/ #



/etc/resolv.conf also seems to have the name servers set correctly:
Code:
root@plex:/ # cat /etc/resolv.conf
# Generated by resolvconf
search local
nameserver 192.168.1.1
nameserver 8.8.8.8

root@plex:/ #


As last resort, I tried to ping the FreeNAS host from within the jail:
Code:
root@plex:/ # ping 192.168.1.151
PING 192.168.1.151 (192.168.1.151): 56 data bytes
ping: sendto: Host is down
ping: sendto: Host is down
ping: sendto: Host is down
ping: sendto: Host is down
^C
--- 192.168.1.151 ping statistics ---
4 packets transmitted, 0 packets received, 100.0% packet loss
root@plex:/ #


What am I missing? How can I find out what caused my Plex and Tautulli jails to stop working?

Any advise you can provide would be much appreciated!
 
D

dlavigne

Guest
Is there a firewall or proxy in the network? Does the router have any restrictions?
 

Mehul V

Member
Joined
Oct 17, 2015
Messages
53
Is there a firewall or proxy in the network? Does the router have any restrictions?
No firewall or proxy setup in the network. Router has no network restrictions.

I am able to do the following from FreeNAS
Code:
root@freenas:~ # host pkg.freebsd.org
pkg.freebsd.org is an alias for pkgmir.geo.freebsd.org.
pkgmir.geo.freebsd.org has address 209.94.190.55
pkgmir.geo.freebsd.org has IPv6 address 2600:6c00:0:4001::50:2
root@freenas:~ # 


and
Code:
root@freenas:~ # ping pkg.freebsd.org
PING pkgmir.geo.freebsd.org (209.94.190.55): 56 data bytes
64 bytes from 209.94.190.55: icmp_seq=0 ttl=51 time=44.006 ms
64 bytes from 209.94.190.55: icmp_seq=1 ttl=51 time=44.133 ms
^C
--- pkgmir.geo.freebsd.org ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 44.006/44.070/44.133/0.063 ms
root@freenas:~ #
 

nojohnny101

Neophyte Sage
Joined
Dec 3, 2015
Messages
1,455
Can run ifconfig from your jail?
 

Mehul V

Member
Joined
Oct 17, 2015
Messages
53
Can run ifconfig from your jail?
It seems to be having the correct IP.
Code:
root@plex:/ # ifconfig
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
        inet 127.0.0.1 netmask 0xff000000
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        groups: lo
epair0b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8<VLAN_MTU>
        ether 02:ff:60:14:fa:0a
        hwaddr 02:07:a0:00:07:0b
        inet 192.168.1.121 netmask 0xffffff00 broadcast 192.168.1.255
        nd6 options=1<PERFORMNUD>
        media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
        status: active
        groups: epair
root@plex:/ #
 

DrKK

FreeNAS Generalissimo
Joined
Oct 15, 2013
Messages
3,630
Try the nameservers.

do this:
Code:
drill www.ibm.com


see if it does what it's supposed to do.
 

Mehul V

Member
Joined
Oct 17, 2015
Messages
53
Try the nameservers.

do this:
Code:
drill www.ibm.com


see if it does what it's supposed to do.
It doesnt!
Code:
root@plex:/ # drill www.ibm.com
Error: error sending query: Error creating socket
root@plex:/ #

 

DrKK

FreeNAS Generalissimo
Joined
Oct 15, 2013
Messages
3,630
well, well, well. Now we're getting somewhere.

Please, let us know what happens with these two commands:
Code:
ping 8.8.8.8


and
Code:
 cat /etc/resolv.conf
 

DrKK

FreeNAS Generalissimo
Joined
Oct 15, 2013
Messages
3,630
Apologies, I see you posted the resolv.conf.

Can you ping ANYTHING from this jail? If not, please run netstat -nr FROM THE HOST, not the jail.
 

Mehul V

Member
Joined
Oct 17, 2015
Messages
53
Apologies, I see you posted the resolv.conf.

Can you ping ANYTHING from this jail? If not, please run netstat -nr FROM THE HOST, not the jail.
Code:
root@freenas:~ # jexec 2 csh
root@plex:/ # ping 8.8.8.8  # Google Name Server
PING 8.8.8.8 (8.8.8.8): 56 data bytes
ping: sendto: No route to host
ping: sendto: No route to host
^C
--- 8.8.8.8 ping statistics ---
2 packets transmitted, 0 packets received, 100.0% packet loss
root@plex:/ # ping 192.168.1.1  # Local Gateway
PING 192.168.1.1 (192.168.1.1): 56 data bytes
ping: sendto: Host is down
^C
--- 192.168.1.1 ping statistics ---
1 packets transmitted, 0 packets received, 100.0% packet loss
root@plex:/ # ping 192.168.1.151  # FreeNAS Host
PING 192.168.1.151 (192.168.1.151): 56 data bytes
^C
--- 192.168.1.151 ping statistics ---
2 packets transmitted, 0 packets received, 100.0% packet loss
root@plex:/ # exit
exit
root@freenas:~ # netstat -nr
Routing tables

Internet:
Destination        Gateway            Flags     Netif Expire
default            192.168.1.1        UGS         ix0
127.0.0.1          link#3             UH          lo0
192.168.1.0/24     link#1             U           ix0
192.168.1.151      link#1             UHS         lo0

Internet6:
Destination                       Gateway                       Flags     Netif Expire
::/96                             ::1                           UGRS        lo0
::1                               link#3                        UH          lo0
::ffff:0.0.0.0/96                 ::1                           UGRS        lo0
fe80::/10                         ::1                           UGRS        lo0
fe80::%lo0/64                     link#3                        U           lo0
fe80::1%lo0                       link#3                        UHS         lo0
ff02::/16                         ::1                           UGRS        lo0
root@freenas:~ #
 
Last edited:

Nvious1

Member
Joined
Jul 12, 2018
Messages
63
When you built you jail with iocage did you set allow_raw_sockets="1". Ping requires this to work properly.

On 11.2 you can use the gui and advanced jail feature to toggle it. I am guesssing on 11.1 you need to set this in the config.

shutdown your jail, edit the config.json in the /mnt/here/iocage/jail/jailName/config.json. find

Code:
"allow_raw_sockets": "0",

change to:
Code:
"allow_raw_sockets": "1",


restart jail and see if it works.
 

Mehul V

Member
Joined
Oct 17, 2015
Messages
53
When you built you jail with iocage did you set allow_raw_sockets="1". Ping requires this to work properly.

On 11.2 you can use the gui and advanced jail feature to toggle it. I am guesssing on 11.1 you need to set this in the config.

shutdown your jail, edit the config.json in the /mnt/here/iocage/jail/jailName/config.json. find

Code:
"allow_raw_sockets": "0",

change to:
Code:
"allow_raw_sockets": "1",


restart jail and see if it works.
I did set allow_raw_sockets="1" when creating jail. But I still stopped it and cat the contents to verify.

Code:
root@freenas:~ # cat /mnt/iocage/jails/plex/config.json | grep "allow_raw_sockets"
    "allow_raw_sockets": "1",
root@freenas:~ #
 

Nvious1

Member
Joined
Jul 12, 2018
Messages
63
Do you have other jails with this problem? Have you tried creating a fresh jail and seeing if has networking? Does your host have multiple network interfaces that are live?
 

Mehul V

Member
Joined
Oct 17, 2015
Messages
53
Do you have other jails with this problem? Have you tried creating a fresh jail and seeing if has networking? Does your host have multiple network interfaces that are live?
I can try creating second plex and see if that works.
Is it safe to assume that I can name the new jail anything I cant and it would have no effect on how it behaves?
 

Mehul V

Member
Joined
Oct 17, 2015
Messages
53
Do you have other jails with this problem? Have you tried creating a fresh jail and seeing if has networking? Does your host have multiple network interfaces that are live?
Got an error trying to create a new jail. Something about an interface not existing?

Code:
root@freenas:~ # iocage create -n "plex2" -p /tmp/pkg.json -r 11.1-RELEASE ip4_addr="vnet0|192.168.1.122/24"
plex2 successfully created!
ifconfig: interface vnet0 does not exist
jail: /sbin/ifconfig vnet0 inet 192.168.1.122/24 alias: failed



Code:
root@freenas:~ # ifconfig
ix0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=e407bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,VLAN_HWTSO,RXCSUM_IPV6,TXCSUM_IPV6>
        ether 00:8c:fa:18:3b:7c
        hwaddr 00:8c:fa:18:3b:7c
        inet 192.168.1.151 netmask 0xffffff00 broadcast 192.168.1.255
        nd6 options=9<PERFORMNUD,IFDISABLED>
        media: Ethernet autoselect (10Gbase-Twinax <full-duplex,rxpause,txpause>)
        status: active
ix1: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=e407bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,VLAN_HWTSO,RXCSUM_IPV6,TXCSUM_IPV6>
        ether 00:8c:fa:18:3b:7d
        hwaddr 00:8c:fa:18:3b:7d
        nd6 options=9<PERFORMNUD,IFDISABLED>
        media: Ethernet autoselect
        status: no carrier
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
        inet 127.0.0.1 netmask 0xff000000
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        groups: lo
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        ether 02:c5:a8:df:21:00
        nd6 options=1<PERFORMNUD>
        groups: bridge
        id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
        maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
        root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
        member: vnet0:2 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                ifmaxaddr 0 port 6 priority 128 path cost 2000
        member: vnet0:1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                ifmaxaddr 0 port 5 priority 128 path cost 2000
vnet0:1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        description: associated with jail: tautulli
        options=8<VLAN_MTU>
        ether 02:ff:60:46:b0:16
        hwaddr 02:07:50:00:05:0a
        nd6 options=1<PERFORMNUD>
        media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
        status: active
        groups: epair
vnet0:2: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        description: associated with jail: plex
        options=8<VLAN_MTU>
        ether 02:ff:60:14:fa:09
        hwaddr 02:07:50:00:06:0a
        nd6 options=1<PERFORMNUD>
        media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
        status: active
        groups: epair
root@freenas:~ #
 

Nvious1

Member
Joined
Jul 12, 2018
Messages
63
I think you need to set some addition parameters. You likely received that error because you forgot the vnet="on"
Example
Code:
iocage create -n "jailname" -p /tmp/pkg.json -r 11.2-RELEASE ip4_addr="vnet0|192.168.1.100/24" defaultrouter="192.168.1.1" vnet="on" allow_raw_sockets="1" boot="on" 
 

Mehul V

Member
Joined
Oct 17, 2015
Messages
53
I think you need to set some addition parameters. You likely received that error because you forgot the vnet="on"
Example
Code:
iocage create -n "jailname" -p /tmp/pkg.json -r 11.2-RELEASE ip4_addr="vnet0|192.168.1.100/24" defaultrouter="192.168.1.1" vnet="on" allow_raw_sockets="1" boot="on" 
My bad. I had it written in the notes but the text wrap was on so I thought they were two different lines, haha.

Here is the new error I get when trying to create a new jail.
Code:
root@freenas:~ # iocage create -n "plex2" -p /tmp/pkg.json -r 11.1-RELEASE ip4_addr="vnet0|192.168.1.123/24" vnet="on" allow_raw_sockets="1" boot="on"
plex2 successfully created!
Testing SRV response to FreeBSD
Error: error sending query: General LDNS error
{repo} could not be reached, please check your DNS
root@freenas:~ #
 

Nvious1

Member
Joined
Jul 12, 2018
Messages
63
Looks like your still missing
defaultrouter="192.168.1.1"
 

Mehul V

Member
Joined
Oct 17, 2015
Messages
53
I think you need to set some addition parameters. You likely received that error because you forgot the vnet="on"
Example
Code:
iocage create -n "jailname" -p /tmp/pkg.json -r 11.2-RELEASE ip4_addr="vnet0|192.168.1.100/24" defaultrouter="192.168.1.1" vnet="on" allow_raw_sockets="1" boot="on" 
Accordingly to THIS thread, I added defaultrouter="192.168.1.1" but the result was still the exact same

Code:
root@freenas:~ # iocage create -n "plex2" -p /tmp/pkg.json -r 11.1-RELEASE ip4_addr="vnet0|192.168.1.123/24" defaultrouter="192.168.1.1" vnet="on" allow_raw_sockets="1" boot="on"
plex2 successfully created!
Testing SRV response to FreeBSD
Error: error sending query: General LDNS error
{repo} could not be reached, please check your DNS
root@freenas:~ #
 
Top