Hello list,
Apologies if this has been discussed already but I searched the web
and the mailing lists and haven't found hints on my problem.
I've got a jail, I assign it a set of IP addresses, and it just won't
take the IP6 I give it.
Uname:
FreeBSD 7.2-STABLE
Sysctl jail MIBs:
security.jail.jail_max_af_ips: 255
security.jail.mount_allowed: 0
security.jail.chflags_allowed: 0
security.jail.allow_raw_sockets: 1
security.jail.enforce_statfs: 2
security.jail.sysvipc_allowed: 0
security.jail.socket_unixiproute_only: 1
security.jail.set_hostname_allowed: 0
/etc/rc.conf settings:
jail_enable="YES"
jail_set_hostname_allow="NO"
jail_list="ns"
jail_ns_interface="lo252"
jail_ns_hostname="[snip]"
jail_ns_ip="192.168.0.252,fe80::c0a8:fc"
jail_ns_rootdir="/var/jail/ns"
jail_ns_devfs_enable="YES"
jls -v:
JID Hostname Path
Name State
CPUSetID
IP Address(es)
23 [snip] /var/jail/ns
ALIVE
2
192.168.0.252
fe80::c0a8:fc
ifconfig lo252 from the host:
lo252: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
inet 192.168.0.252 netmask 0xffffffff
inet6 fe80::c0a8:fc%lo252 prefixlen 128 scopeid 0x5
ifconfig from the jail:
re0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=389b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_UCAST,WOL_MCAST,WOL_MAGIC>
ether 00:e0:f4:19:e9:d2
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
pflog0: flags=141<UP,RUNNING,PROMISC> metric 0 mtu 33204
lo252: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
inet 192.168.0.252 netmask 0xffffffff
ping6 from the host:
PING6(56=40+8+8 bytes) fe80::c0a8:fc%lo252 --> fe80::c0a8:fc%lo252
16 bytes from fe80::c0a8:fc%lo252, icmp_seq=0 hlim=64 time=0.082 ms
I fail to see what could be going wrong :(
Any pointers please ?
Regards
On Tue, Sep 01, 2009 at 09:30:15PM +0200, Major Domo wrote:> Hello list, > > > Apologies if this has been discussed already but I searched the web > and the mailing lists and haven't found hints on my problem. > > I've got a jail, I assign it a set of IP addresses, and it just won't > take the IP6 I give it. > > > Uname: > FreeBSD 7.2-STABLE > > > Sysctl jail MIBs: > security.jail.jail_max_af_ips: 255 > security.jail.mount_allowed: 0 > security.jail.chflags_allowed: 0 > security.jail.allow_raw_sockets: 1 > security.jail.enforce_statfs: 2 > security.jail.sysvipc_allowed: 0 > security.jail.socket_unixiproute_only: 1 > security.jail.set_hostname_allowed: 0 > > > /etc/rc.conf settings: > jail_enable="YES" > jail_set_hostname_allow="NO" > jail_list="ns" > jail_ns_interface="lo252" > jail_ns_hostname="[snip]" > jail_ns_ip="192.168.0.252,fe80::c0a8:fc" > jail_ns_rootdir="/var/jail/ns" > jail_ns_devfs_enable="YES" > > > jls -v: > JID Hostname Path > Name State > CPUSetID > IP Address(es) > 23 [snip] /var/jail/ns > ALIVE > 2 > 192.168.0.252 > fe80::c0a8:fc > > > ifconfig lo252 from the host: > lo252: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 > inet 192.168.0.252 netmask 0xffffffff > inet6 fe80::c0a8:fc%lo252 prefixlen 128 scopeid 0x5 > > > ifconfig from the jail: > re0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 > options=389b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_UCAST,WOL_MCAST,WOL_MAGIC> > ether 00:e0:f4:19:e9:d2 > media: Ethernet autoselect (100baseTX <full-duplex>) > status: active > lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 > pflog0: flags=141<UP,RUNNING,PROMISC> metric 0 mtu 33204 > lo252: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 > inet 192.168.0.252 netmask 0xffffffff > > > ping6 from the host: > PING6(56=40+8+8 bytes) fe80::c0a8:fc%lo252 --> fe80::c0a8:fc%lo252 > 16 bytes from fe80::c0a8:fc%lo252, icmp_seq=0 hlim=64 time=0.082 ms > > > I fail to see what could be going wrong :( > > Any pointers please ?I have not used jails with link-local addresses, only global addresses and that works. It looks like you did not specify the whole link-local address in the jail_*_ip line. You need to add the %interface for a proper ipv6 link-local address, eg. fe80::c0a8:fc%lo252. Not everything works with link-local addresses though and jail might be one of them. John -- John Hay -- jhay@meraka.csir.co.za / jhay@FreeBSD.org
On Tue, 1 Sep 2009, Major Domo wrote: Hi,> Apologies if this has been discussed already but I searched the web > and the mailing lists and haven't found hints on my problem. > > I've got a jail, I assign it a set of IP addresses, and it just won't > take the IP6 I give it. > > > Uname: > FreeBSD 7.2-STABLE > > jail_ns_ip="192.168.0.252,fe80::c0a8:fc" > > jls -v: > JID Hostname Path > Name State > CPUSetID > IP Address(es) > 23 [snip] /var/jail/ns > ALIVE > 2 > 192.168.0.252 > fe80::c0a8:fc > > > ifconfig lo252 from the host: > lo252: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 > inet 192.168.0.252 netmask 0xffffffff > inet6 fe80::c0a8:fc%lo252 prefixlen 128 scopeid 0x5 > > > ifconfig from the jail: > re0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 > options=389b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_UCAST,WOL_MCAST,WOL_MAGIC> > ether 00:e0:f4:19:e9:d2 > media: Ethernet autoselect (100baseTX <full-duplex>) > status: active > lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 > pflog0: flags=141<UP,RUNNING,PROMISC> metric 0 mtu 33204 > lo252: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 > inet 192.168.0.252 netmask 0xffffffffThis is a rather special case. For link-local addresses you have to give the scope as well but it won't take the scope with the %lo252 notation but only in the KAME in-kernel syntax I would assume. Can you try: jail_ns_ip="192.168.0.252,fe80:5::c0a8:fc" Note the added 5 in the second group of hex digits. That five is the interface index. I took it from the "scopeid 0x5". In case your interface index changes you will need to adjust the address. I cannot say if it'll work but it would be worth a try. /bz -- Bjoern A. Zeeb What was I talking about and who are you again?