Re: epair and vnet jail loose connection.
- In reply to: Patrick M. Hausen: "Re: epair and vnet jail loose connection."
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sun, 13 Mar 2022 13:15:44 UTC
> On 13. Mar 2022, at 14:07, Patrick M. Hausen <hausen@punkt.de> wrote: > > Hi all, > > i was a bit puzzled by Michael using bhyve trying to reproduce. > Up until now I thought bhyve uses tap and not epair? > In my setup, FreeBSD 14 runs on a bhyve vm, hosting the jails, which use vnet. Bare metal -> FreeBSD 13.0 -> bhyve -> FreeBSD Current -> vnet jails haproxy/web01 Replace bhyve with VMware, AWS, or a bare metal server to understand the setup. The reason I’m doing this is: 1. I don’t want to update the bare metal host to a non-release version 2. Johan is running his setup inside a vm as well. Best Michael > Anyway ... > >> Am 13.03.2022 um 14:01 schrieb Johan Hendriks <joh.hendriks@gmail.com>: >> I have no idea why it does not work on my setup, which is nothing out of the ordinary i think, basic full jails connected to a bridge interface and one of them exposed to the world wide web using pf binat. > > What we do is full exposed VNET jails connected to the bridge > on the external interface of the host. ipfw kernel module loaded > but not used in this case, i.e. only the "default to accept" rule active > in the jails. > > I will probably downgrade the production host from 13.1-PRERELEASE > to 13.0-pX tomorrow and see if that changes anything. > > Kind regards, > Patrick > -- > punkt.de GmbH > Patrick M. Hausen > .infrastructure > > Kaiserallee 13a > 76133 Karlsruhe > > Tel. +49 721 9109500 > > https://infrastructure.punkt.de > info@punkt.de > > AG Mannheim 108285 > Geschäftsführer: Jürgen Egeling, Daniel Lienert, Fabian Stein