Jails - vnet- netgraph

Ernie Luzar luzar722 at gmail.com
Tue Jan 26 17:53:50 UTC 2021 

petru garstea wrote:
> Greetings FreeBSD community,
> 
> 
> Â Â Â  OS: FreeBSD sun 12.2-RELEASE-p1 FreeBSD 12.2-RELEASE-p1 GENERICÂ  
> amd64
> 
> 
> I am trying to build a netgraph vnet jail with support of official jng 
> script that comes with FreeBSD and developed by Devin Teske.
> 
> jail.conf file
> 
> netgraph {
> Â  devfs_ruleset = 13;
> Â  enforce_statfs = 2;
> Â  exec.clean;
> Â  exec.consolelog = /var/log/bastille/netgraph_console.log;
> Â  exec.start = '/bin/sh /etc/rc';
> Â  exec.stop = '/bin/sh /etc/rc.shutdown';
> Â  host.hostname = netgraph;
> Â  mount.devfs;
> Â  mount.fstab = /usr/local/bastille/jails/netgraph/fstab;
> Â  path = /usr/local/bastille/jails/netgraph/root;
> Â  securelevel = 2;
> 
> Â  vnet;
> Â  vnet.interface = e0b_bastille0;
> # exec.prestart += "jib addm bastille0 re0";
> # exec.poststop += "jib destroy bastille0";
> Â  exec.prestart += "jng bridge netgraph re0";
> Â  exec.poststop += "jng shutdown netgraph" ;
> }
> 
> When I start the jail, netgraph subsystem raise the following exception
> 
> ngctl: send msg: No such file or directory
> jail: netgraph: jng bridge netgraph re0: failed
> 
> I tried also to create the netgraph bridge with not using jng script
> 
> ngctl mkpeer re0: bridge lower link0
> ngctl: send msg: No such file or directory
> 
>  From what I found it looks it used to work on FreeBSD 11.x and stopped 
> working in version 12.
> 
> Any thoughts ?
> 
> Please advise
> 
> 
> Cheers,
> 
> Petru Garstea
> 

Don't see any reply so I will try to help you.
If I remember correctly the jib and jng was added as documentation back 
around freebsd 10.00. I have tried to get it to work 10+, 11+ ,12+ with 
no joy. There is something missing but can not tell what it is. The jail 
environment has gone through many changes over time so no wonder jib/jng 
don't work now.

Netgraph is a complete subsystem for network configuration that has it's 
own syntax and commands. The learning curve is pretty great. There is a 
outstanding bug and Devin Teske & (she) has taken up the bug. Hopping 13 
holds the bug fix.

More information about the freebsd-jail mailing list