Re: ipv6 only host and no IPV4 in jail?

Reply: Benoit Chesneau : "Re: ipv6 only host and no IPV4 in jail?"
Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: <felix.reichenberger_at_tuta.io>
Date: Mon, 02 Oct 2023 10:30:49 UTC
Hi,

since your VNET jail has its own network stack, it shouldn't matter that your host is IPv6-only.
I myself run dual-stack Bastille jails on IPv6-only hosts without any problems.

What kind of errors do you get when trying to access the internet via IPv4 from your jail, and does it work with IPv6?

Regards


2. Okt. 2023, 11:55 von benoitc@enki-multimedia.eu:

> Hi all, 
>
> I have a weird issue there,
>
> I have an ipv6 only host aon which I am starting a jail.Jalil have a vnet interface  through a bridge created on the host:
>
> For some reason the jail can't get access and is not accessible to internet when I setup an IPV4 on it (and right gateway). Is this something expected? SHould the Host be also IPV4 aware?
>
> Host config:
>
> Host:
> ```
> vlan200bridge: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 9000
> ether 58:9c:fc:10:fc:41
> id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
> maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
> root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
> member: e0a_bastille4 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
>        ifmaxaddr 0 port 8 priority 128 path cost 2000
> member: tap0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
>        ifmaxaddr 0 port 9 priority 128 path cost 2000000
> member: tap1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
>        ifmaxaddr 0 port 10 priority 128 path cost 2000000
> member: vlan200 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
>        ifmaxaddr 0 port 6 priority 128 path cost 800
> groups: bridge
>
> e0a_bastille4: flags=8963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 9000
> description: vnet host interface for Bastille jail fpcouchdb
> options=8<VLAN_MTU>
> ether 02:20:9c:4c:84:f0
> hwaddr 02:c4:b5:3a:91:0a
> groups: epair
> media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
> status: active
> nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
> ```
>
> Guest
>
> ```
> # ifconfig vnet0
> vnet0: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
> options=8<VLAN_MTU>
> ether 0e:20:9c:4c:84:f0
> hwaddr 02:c4:b5:3a:91:0b
> inet6 XXXX:XXXX:XXXX:200::30 prefixlen 64
> inet6 fe80::c20:9cff:fe4c:84f0%vnet0 prefixlen 64 scopeid 0x2
> inet 10.200.1.8 netmask 0xffffff00 broadcast 10.200.1.255
> groups: epair
> media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
> status: active
> nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
> # netstat -rn4
> Routing tables
>
> Internet:
> Destination        Gateway            Flags     Netif Expire
> default            10.200.1.1         UGS       vnet0
> 10.200.1.0/24      link#2             U         vnet0
> 10.200.1.8         link#2             UHS         lo0
> 127.0.0.1          link#1             UH          lo0
> ```
>
> Benoît Chesneau, Enki Multimedia
> —
> t. +33608655490 
>
> Sent with > Proton Mail <https://proton.me/>>  secure email.
>