Freebsd 10.1 - Ezjail - OpenVPN - Tun Interface

James Lodge James at Lodge.me.uk
Fri Oct 23 15:38:10 UTC 2015 

Hello all,


I'm trying to build a jail on FreeBSD 10.1 using ezjail in order to run OpenVPN. I'm not using vimage and don't particularly want to but I'm having an issue with networking.


OpenVPN daemon is up and running and I can connect successfully as a client. I receive an IP address as expected, but I cannot route traffic to/from client/server. The routing table on the client (which is a Windows machine) looks fine so I assume the issue is on the server side. I have a tun interface created on the host and exposed to the jail via devfs rules. The IP address on the tun interface is configure on the host and not from the jail. I can ping the tun interface IP from the host and the jail, but not from the client when connected.


Client---------public IP --------- lo1 (Jail alias Interface)------tun0 (OpenVPN Interface)

10.8.06          x.x.x.x                   172.16.1.8                              10.8.0.1



OpenVPN Jail Routing Table:

Internet:
Destination        Gateway            Flags      Netif Expire
172.16.1.8         link#4             UH          lo1

Jail Host Routing Table:
Internet:
Destination        Gateway            Flags      Netif Expire
default            x.x.0.1         UGS      vtnet0
10.8.0.0           10.8.0.2           UGS        tun0
10.8.0.1              link#5             UHS         lo0
10.8.0.2              link#5             UH         tun0
x.x.0.0/18          link#1             U        vtnet0
x.x.x.x                 link#1             UHS         lo0
localhost            link#3             UH          lo0
172.16.1.1         link#4             UH          lo1
172.16.1.2         link#4             UH          lo1
172.16.1.3         link#4             UH          lo1
172.16.1.4         link#4             UH          lo1
172.16.1.5         link#4             UH          lo1
172.16.1.6         link#4             UH          lo1
172.16.1.7         link#4             UH          lo1
172.16.1.8         link#4             UH          lo1

Client Routing Table:

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.8.0.5         10.8.0.6     20
         10.8.0.1  255.255.255.255         10.8.0.5         10.8.0.6     20
         10.8.0.4  255.255.255.252         On-link          10.8.0.6    276
         10.8.0.6  255.255.255.255         On-link          10.8.0.6    276
         10.8.0.7  255.255.255.255         On-link          10.8.0.6    276



I'm a little stumped as to how to trouble shoot the issue so any help much appreciated.


James

More information about the freebsd-jail mailing list