Andrew Reilly
2016-May-02 11:30 UTC
Did anything change WRT Jail network access in the last week or so? (10.3-STABLE #17 r298791)
Hi all,
Some time ago I resorted to setting up a Jail to support my
SqueezeBox system: the version in ports (audio/squeezeboxserver)
is not current, and needs an old version of mysql and an old
version of perl. A Jail seemed like the right answer. For a
while it worked OK (for small values of OK), but in the last
week, perhaps even with my most recent weekly upgrade to STABLE
(revision as above) the wheels have fallen off in the form that
the player devices no longer seem to be able to do whatever
network boot thing they do, against the server. One of them
has been power-cycled and seems dead to the world, the other
is still running from its last boot, but claims not to be able
to "see" the server. The server can't see either of them. I
assume that some sort of proprietary broadcast protocol is
involved in this discovery process, although the devices acquire
IP addresses from my 10.3 server's DHCPD.
My jail configuration (in /etc/jail.conf) is:
SB {
host.hostname = "SB.reilly.home";
path = "/usr/home/SB";
ip4.addr += "10.0.0.26/24";
allow.raw_sockets = 1;
exec.clean;
exec.system_user = "root";
exec.jail_user = "root";
exec.start += "/bin/sh /etc/rc";
exec.stop = "/bin/sh /etc/rc.shutdown";
exec.consolelog = "/var/log/jail_SB_console.log";
mount.devfs;
allow.set_hostname = 0;
allow.sysvipc = 0;
}
I believe that the "allow.raw_sockets = 1;" line is the part
that had previosuly allowed the auto-discovery protocol to work.
I'm not sure if it's redundant or not, but I also have the
following line in my /etc/rc.conf:
ifconfig_re0_alias0="inet 10.0.0.26 netmask 0xffffff00"
FWIW the host that this jail is running on is at 10.0.0.2/24.
As I said above, this was all working up to a week or so ago,
and all I've done in the mean time is a base upgrade and a
portmaster upgrade of installed ports (not the jail ports: they
haven't changed since installed.)
Cheers,
--
Andrew