From owner-freebsd-questions@FreeBSD.ORG Tue May 21 04:02:13 2013 Return-Path: Delivered-To: freebsd-questions@Freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 9160C200; Tue, 21 May 2013 04:02:13 +0000 (UTC) (envelope-from Devin.Teske@fisglobal.com) Received: from mx1.fisglobal.com (mx1.fisglobal.com [199.200.24.190]) by mx1.freebsd.org (Postfix) with ESMTP id 5E6EBCEF; Tue, 21 May 2013 04:02:12 +0000 (UTC) Received: from smtp.fisglobal.com ([10.132.206.15]) by ltcfislmsgpa03.fnfis.com (8.14.5/8.14.5) with ESMTP id r4L425cp001456 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Mon, 20 May 2013 23:02:05 -0500 Received: from LTCFISWMSGMB26.FNFIS.com ([10.132.99.18]) by LTCFISWMSGHT04.FNFIS.com ([10.132.206.15]) with mapi id 14.02.0309.002; Mon, 20 May 2013 23:02:05 -0500 From: "Teske, Devin" To: Joe Subject: Re: ngctl list ? Thread-Topic: ngctl list ? Thread-Index: AQHOVNIwXFfQJGFeN0CDQ+tJB0izZpkNreoAgAFftwCAAEx0AA== Date: Tue, 21 May 2013 04:02:04 +0000 Message-ID: <13CA24D6AB415D428143D44749F57D7201F53802@ltcfiswmsgmb26> References: <51993A7A.8070302@a1poweruser.com> <13CA24D6AB415D428143D44749F57D7201F51DFF@ltcfiswmsgmb26> <519AB19A.50100@a1poweruser.com> In-Reply-To: <519AB19A.50100@a1poweruser.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.132.253.126] Content-Type: text/plain; charset="Windows-1252" Content-ID: Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.10.8626, 1.0.431, 0.0.0000 definitions=2013-05-21_02:2013-05-20,2013-05-21,1970-01-01 signatures=0 Cc: Devin Teske , "" X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: Devin Teske List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 May 2013 04:02:13 -0000 On May 20, 2013, at 4:28 PM, Joe wrote: [=85] > Without netgraph compiled into the kernel, issuing "ngctl list" command o= n the host only shows the socket for ngctl. >=20 > After I issue the kldload command on the host for netgraph ng_bridge ng_e= iface ng_ether ng_socket, then issuing "ngctl list" command now shows the r= eal NIC interface device names. >=20 > Thanks for you insight. >=20 Cool=85 glad module-based ng_ether is working. (in 8.1 the ng_* modules all= worked, but for ng_ether, it wasn't producing the expected results as a mo= dule -- glad that's been fixed). > I have another problem. >=20 > To standardize my bridge and eiface names I want to use the JID number as= a suffix. >=20 > jid=3D`jls -j ${jailname} jid` >=20 > bridge_name=3D"bridge${jid} > When creating the bridge it gets assigned bridge_name just like I want. >=20 > I want to assign the ${jid} to the ieface peer name and can not figure ou= t the syntax. This is the command I am using now >=20 > ngctl mkpeer eiface ether ether >=20 The syntax for renaming anything in netgraph with ngctl (non-interactively)= is "ngctl name ". First you create the node and then you rename it. As an aside... It looks like you're creating the eiface separately from connecting it to t= he bridge. You can combine the mkpeer and the (not shown) later "connect" b= y doing a contextual mpeer (which will result in a peer being created that = is already connected to the bridge). For example: ngctl mkpeer rl0:lower eiface link# ether You're creating a new eiface peer off the rl0:lower ether device and assign= ing the link all in one go. "rl0" is your ng_ether device and rl0:lower is (presumably) your ng_bridge = device. "link#" is the new link to create. To find the "#" value in "link#"= , I run a loop that starts from "2" (because rl0:upper is "link0", and rl0:= lower is "link1") and counts upward until it finds an unused link#. How I test for the existence of a link is by issuing: ngctl info rl0:lower getstats # Where # is the link# you're interested in. So here's the loop I run to find= link# LINKNUM=3D2 while ngctl msg rl0:bridge getstats $LINKNUM > /dev/null 2>&1; do LINKNUM=3D$(($LINKNUM+1)) done At that point, I've calculated LINKNUM and can then issue the above command= with: ngctl mkpeer rl0:lower eiface link$LINKNUM ether NOTE: Again, assuming your ng_ether device is "rl0" (a Realtek NIC; replace= with "em0", "bge0", or whatever as needed). Resulting in a new eiface that is already connected to the bridge (previous= ly connected to rl0:lower). Now=85 to rename that interface=85 ngctl name rl0:lower:link$LINKNUM But once you've done that, you're not finished yet. You now need to rename = the interface using ifconfig. The syntax for renaming interfaces visible to ifconfig(8) is: ifconfig name The old name is obtainable with the following ngctl syntax: ngctl show -n rl0:lower:link$LINKNUM NOTE: It's the second word, so "| awk '{print $2}'" is handy here Once you've got that value, you can then do your ifconfig re-naming. This i= s the safe way to do the renaming (interrogate netgraph for the ifconfig na= me using the above method). NOTE: The netgraph renaming is entirely optional (should have mentioned tha= t earlier); all that is really needed is the ifconfig renaming (using the n= gctl show syntax to parse out the current ifconfig name for a peer). Howeve= r, one of the things that the netgraph-based naming buys you is that when y= ou dump the current config (using "ngctl dot"), you have a good mapping of = eifaces-to-JIDs; in my case=85 with the vimage script I developed=85 this i= s why I actually tend to favor the jail-name truncated to fit into the inte= rface name=85 it's much more useful than staring at a graphviz rendering ho= lding nothing but JIDs). > This creates a default name of ngeth0 > I would be ok with ngeth${jid} > But would really like to assign my own peer name vetjail${kid} All you really need is the above recipe and you should be on your way. Let = me know if you need additional help. > Does the mkpeer syntax allow doing this? >=20 Well=85 not really. The "name" syntax of ngctl allows this. > Thanks >=20 Cheers. --=20 Devin _____________ The information contained in this message is proprietary and/or confidentia= l. If you are not the intended recipient, please: (i) delete the message an= d all copies; (ii) do not disclose, distribute or use the message in any ma= nner; and (iii) notify the sender immediately. In addition, please be aware= that any message addressed to our domain is subject to archiving and revie= w by persons other than the intended recipient. Thank you.