jail - vnet bug - ping: UDP connect: No route to host
Özkan KIRIK
ozkan.kirik at gmail.com
Tue Apr 27 13:57:02 UTC 2021
Hello Michael,
Sorry for late reply. It works after starting ip6addrctl service.
Thank you.
On Mon, Apr 12, 2021 at 10:20 PM Michael Gmelin <freebsd at grem.de> wrote:
>
>
> On Mon, 12 Apr 2021 19:57:40 +0200
> Michael Gmelin <freebsd at grem.de> wrote:
>
> > On Mon, 12 Apr 2021 17:45:36 +0300
> > Özkan KIRIK <ozkan.kirik at gmail.com> wrote:
> >
> > > root at f13:~ # jls -s -j client
> > > devfs_ruleset=0 enforce_statfs=2 host=new ip4=inherit ip6=inherit
> > > jid=2 name=client osreldate=1300139 osrelease=13.0-RC5 path=/
> > > persist securelevel=-1 sysvmsg=disable sysvsem=disable
> > > sysvshm=disable vnet=new allow.nochflags allow.nomlock allow.nomount
> > > allow.mount.nodevfs allow.mount.noprocfs allow.mount.notmpfs
> > > allow.noquotas allow.noraw_sockets allow.noread_msgbuf
> > > allow.reserved_ports allow.set_hostname allow.nosocket_af
> > > allow.suser allow.nosysvipc allow.unprivileged_proc_debug
> > > children.max=0 host.domainname="" host.hostid=0 host.hostname=""
> > > host.hostuuid=00000000-0000-0000-0000-000000000000
> >
> > I can reproduce the issue now, I'll try to dig deeper into it.
> >
> > -m
> >
> > [...snipsnap...]
> >
>
> Hi Özkan,
>
> This is caused by ping using getaddrinfo to determine the address
> family to be used. You can check this by running
>
> getaddrinfo www.google.com
>
> inside and outside of your jail and compare the results.
>
> Inside your jail, inet6 entries are on top, while on your host, inet
> entries are on top.
>
> Configuration of address selection is done using /etc/rc.d/ip6addrctl,
> which is enabled by default using a policy of AUTO (see
> /etc/defaults/rc.conf).
>
> As your simple jail doesn't call any rc scripts, your missing this step.
>
> The easiest way to workaround the issue is to explicitly call:
>
> service ip6addrctl start
>
> after creating your vnet jail, or creating your vnet jail using:
>
> jail -c name=client persist vnet vnet.interface=em1 \
> exec.start="service ip6addrctl start"
>
> Best,
> Michael
>
> --
> Michael Gmelin
>
More information about the freebsd-net
mailing list