From nobody Sat May 07 08:13:44 2022 X-Original-To: jail@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 401AA11CBAAB for ; Sat, 7 May 2022 08:13:44 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4KwKvW6GpVz4XLP for ; Sat, 7 May 2022 08:13:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id B7B9350A8 for ; Sat, 7 May 2022 08:13:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 2478DhAY056290 for ; Sat, 7 May 2022 08:13:43 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 2478DhKE056289 for jail@FreeBSD.org; Sat, 7 May 2022 08:13:43 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 240106] VNET issue with ARP and routing sockets in jails Date: Sat, 07 May 2022 08:13:44 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 12.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: ohartmann@walstatt.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: jail@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Discussion about FreeBSD jail(8) List-Archive: https://lists.freebsd.org/archives/freebsd-jail List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-jail@freebsd.org MIME-Version: 1.0 ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1651911223; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Wv+ZbXw39jhsP2p8htWtXtBe/p3gv6yMXRSPhCtsRcE=; b=sDhDaGmrKBRna9AdiwgW1VYh4irDJY8s4rV75I/e37Xn3+sZSwPT70hGgSlsk8hBjm5jHS luKIQhTU6mZIfLy99eFakZOzDwLbf9tRQcBr66bzxKZAY3OkEmgOlAa1blc4rPUwzDA/L4 1kpFDVbGZfgEFwmSDgkHAlxX+SsvMWjruuKZO8BMj8EPIZY/lIzT3gI8nAs9EqnxVeSwbA j/ZcELQKDEVIAzezDM3PL0qIsNqW581K8FDfvOeoqnxcLJcv9tImStlnQjNx2jqBEjSTUG vwiC348MZBCjxlmF9MYKEk3ra3GE577TXjiShjsyCFd87g7uUcFLvdNW9TWymg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1651911223; a=rsa-sha256; cv=none; b=meIvQ2dgyM4Yga4NqLNIZme5AW7rp41vKSpdOklXJ9SJJhsNAX+g0SU+cPYS2EHb7JkotK SM7JsGNd6ZXQU477fTI3kOqzVBagftIxqwfoz/iC2uA5jeipunKvzo8hYa/kbpLCJFX+kf nrwVubLpEceOKLx614j4fAS0By5gcuun9XravRVI2Omz4YQk+wp7V2xIB+vLllGmB0M9mT Tow72q/0RjV3glBi5YwfSaJQ+CDYqz1jwbbDbybIW1BLWsRx7IAOrqZka4DjPgRB+84YUn pKIYdPFV3Yy+lk5G2WtiPtzQVSLYquxyQoUa00VwB8NzAqetVDwsi+LmbXVVaQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D240106 O. Hartmann changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |ohartmann@walstatt.org --- Comment #19 from O. Hartmann --- Hello. We also have an similar issue on FreeBSD 12.3-RELEASE-p2 (XigmaNAS, stuck at -p2 for the moment) as described. The boxes in question do have two NICs, o= ne is supposed for the management (em0) access and the other one is supposed t= o be bound to offered services. Additionally, the second NIC (igb0) is accessible via an IP AND serves as the physical NIC as member of a bridge for vnet jai= ls, which do have epair interfaces (in Xigmanas created via the FreeBSD in-tree tool "jib"). Binding provided services as SAMBA and NFS to the second NIC (igb0) works as expected, also ping and ssh is no problem. Base host's IP (both NICs) and those of the jails are within the same netwo= rk. When it comes to the vnet jails on the bridge, of which the igb0 NIC is mem= ber of, trouble begins. We use several jails on those boxes. Pinging those jails from outside the campus network does work sporadically with some IPs, it takes a long time u= ntil the jail starts repsonding. Same behaviour is within the LAN.=20 We also already disabled pfil on the bridges as suggested: device if_bridge net.link.bridge.ipfw: 0 net.link.bridge.allow_llz_overlap: 0 net.link.bridge.inherit_mac: 0 net.link.bridge.log_stp: 0 net.link.bridge.pfil_local_phys: 0 net.link.bridge.pfil_member: 0 net.link.bridge.ipfw_arp: 0 net.link.bridge.pfil_bridge: 0 net.link.bridge.pfil_onlyip: 0 A curiosity is that if one can ping one or two out of the five jails on the host, in another attempt to do so one, at most two different hosts would an= swer the ping then and the former working pinged hosts do not anymore. It is like gambling. We also run another host with the very same XigmaNAS version, in that case,= he second NIC is configured to be part of another network and attached to anot= her switch - not problem there! In the problematic cases described above, we do not have direct access to t= he switches of the backend of the department, so I can't see whether I'm the culprit (misconfiguration, misunderstanding et cetera of network technology= ). Hope the problem could be solved anyway within FreeBSD 12.3. --=20 You are receiving this mail because: You are the assignee for the bug.=