Re: epair and vnet jail loose connection.
- Reply: Michael Gmelin : "Re: epair and vnet jail loose connection."
- In reply to: Patrick M. Hausen: "Re: epair and vnet jail loose connection."
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sun, 13 Mar 2022 13:32:50 UTC
On 13/03/2022 14:06, Patrick M. Hausen wrote: > Hi all, > > i was a bit puzzled by Michael using bhyve trying to reproduce. > Up until now I thought bhyve uses tap and not epair? > > Anyway ... > >> Am 13.03.2022 um 14:01 schrieb Johan Hendriks <joh.hendriks@gmail.com>: >> I have no idea why it does not work on my setup, which is nothing out of the ordinary i think, basic full jails connected to a bridge interface and one of them exposed to the world wide web using pf binat. > What we do is full exposed VNET jails connected to the bridge > on the external interface of the host. ipfw kernel module loaded > but not used in this case, i.e. only the "default to accept" rule active > in the jails. > > I will probably downgrade the production host from 13.1-PRERELEASE > to 13.0-pX tomorrow and see if that changes anything. > > Kind regards, > Patrick Downgrading to 13.0-p7 worked for me, it even works on 13.0-STABLE till this commit 18 days ago. https://freshbsd.org/freebsd/src/commit/2e0bee4c7f8176e0f8396c9389275745bac1e263 After that commit my setup stops working. regards Johan Hendriks