From owner-freebsd-jail@FreeBSD.ORG  Wed Apr 11 05:12:42 2012
Return-Path: <owner-freebsd-jail@FreeBSD.ORG>
Delivered-To: freebsd-jail@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id A1F2A106566B
	for <freebsd-jail@freebsd.org>; Wed, 11 Apr 2012 05:12:42 +0000 (UTC)
	(envelope-from anders.hagman@netplex.se)
Received: from smtp-out12.han.skanova.net (smtp-out12.han.skanova.net
	[195.67.226.212])
	by mx1.freebsd.org (Postfix) with ESMTP id 0791A8FC15
	for <freebsd-jail@freebsd.org>; Wed, 11 Apr 2012 05:12:42 +0000 (UTC)
Received: from [10.1.10.18] (31.210.252.116) by smtp-out12.han.skanova.net
	(8.5.133) (authenticated as u48002568)
	id 4F5CB81D00800DC4 for freebsd-jail@freebsd.org;
	Wed, 11 Apr 2012 07:11:51 +0200
References: <493438014.49159.1333999007132.JavaMail.root@mrelmx09.mrec.ar>
	<op.wcik10bo34t2sn@tech304>
	<903CBCF8-5096-4C5B-A5A9-F8495AA8751C@netplex.se>
	<op.wcklefqm34t2sn@cr48.lan>
From: Anders Hagman <anders.hagman@netplex.se>
Content-Type: text/plain;
	charset=us-ascii
X-Mailer: iPad Mail (9B176)
In-Reply-To: <op.wcklefqm34t2sn@cr48.lan>
Message-Id: <DA12BFA7-65F6-439A-BED3-0858A42718E2@netplex.se>
Date: Wed, 11 Apr 2012 07:11:51 +0200
To: "freebsd-jail@freebsd.org" <freebsd-jail@freebsd.org>
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (1.0)
Subject: Re: Jail source address selection broken, patch for ping
X-BeenThere: freebsd-jail@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Discussion about FreeBSD jail\(8\)" <freebsd-jail.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-jail>,
	<mailto:freebsd-jail-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-jail>
List-Post: <mailto:freebsd-jail@freebsd.org>
List-Help: <mailto:freebsd-jail-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-jail>,
	<mailto:freebsd-jail-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Apr 2012 05:12:42 -0000


11 apr 2012 kl. 00:14 skrev Mark Felder <feld@feld.me>:

> On Tue, 10 Apr 2012 04:03:22 -0500, Anders Hagman <anders.hagman@netplex.s=
e> wrote:
>=20
>> I have used vnet jail to get your own IP stack.
>> One strange thing is that tcpdump on the host can not see the packets.
>=20
>=20
> Yes, vnet avoids this issue. You shouldn't be able to tcpdump on the host t=
o see the packets; those interfaces are now entirely owned by the jail.

I did tcpdump on the main vr0 interface and still no packets.

> Unfortunately we cannot use vnet because it is very experimental still and=
 I have been able to cause it to panic many times.

Just by running it or during start/stop?=