From owner-freebsd-net@FreeBSD.ORG Fri Oct 2 19:38:04 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A6C021065694 for ; Fri, 2 Oct 2009 19:38:04 +0000 (UTC) (envelope-from remodeler@alentogroup.org) Received: from courriel.marmotmail.com (courriel.marmotmail.com [85.17.36.172]) by mx1.freebsd.org (Postfix) with ESMTP id 16D488FC16 for ; Fri, 2 Oct 2009 19:38:03 +0000 (UTC) Received: from bruce.epifora.com (localhost.local [127.0.0.1]) by courriel.marmotmail.com (Postfix) with ESMTP id C2551239655 for ; Fri, 2 Oct 2009 22:52:53 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by bruce.epifora.com (Postfix) with ESMTP id 9E0634761F9 for ; Fri, 2 Oct 2009 15:50:29 -0400 (EDT) Received: from bruce.epifora.com ([127.0.0.1]) by localhost (bruce.epifora.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 00160-09 for ; Fri, 2 Oct 2009 15:50:27 -0400 (EDT) Received: from alentogroup.org (localhost [127.0.0.1]) by bruce.epifora.com (Postfix) with ESMTP id 8D5224761F8 for ; Fri, 2 Oct 2009 15:50:27 -0400 (EDT) From: "remodeler" To: freebsd-net@freebsd.org Date: Fri, 2 Oct 2009 15:50:27 -0400 Message-Id: <20091002195008.M13604@alentogroup.org> In-Reply-To: <20091002190821.M69919@alentogroup.org> References: <20091001173851.M50386@alentogroup.org> <4AC4FD98.3000301@elischer.org> <20091002181509.M38849@alentogroup.org> <4ad871310910021136v3dc3cd2l520102bae715c2bc@mail.gmail.com> <20091002190821.M69919@alentogroup.org> X-OriginatingIP: 127.0.0.1 MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Subject: Fw: Re: vimage-assigning interface to jail X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Oct 2009 19:38:04 -0000 Thank you Glen: (sorry this copied twice to glen) > Do you have your nameserver in /etc/resolv.conf ? The jail and hostname both have /etc/resolv.conf set to a nameserver on the local host. I get the same error message pinging to the private-space address of the physical ethernet interface (the server is on a NAT'd development network): PING 192.168.0.10 (192.168.0.10): 56 data bytes ping: sendto: No route to host Some other information: #ngctl list There are 5 total nodes: Name: bridge0 Type: bridge ID: 00000007 Num hooks: 3 Name: ipfw Type: ipfw ID: 00000001 Num hooks: 0 Name: ngeth0 Type: eiface ID: 00000004 Num hooks: 1 Name: ngctl1495 Type: socket ID: 0000000f Num hooks: 0 Name: msk0 Type: ether ID: 00000002 Num hooks: 2 Firewall rules are permissive, allow any to any. The jail environment is: #ifconfig lo0: flags=8049 metric 0 mtu 16384 options=3 inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1 nd6 options=33 maclabel mls/equal(equal-equal) eth0: flags=8843 metric 0 mtu 1500 ether 40:0a:0b:0c:0d:01 inet 172.26.75.10 netmask 0xffffffff broadcast 172.26.75.10 inet6 fe80::420a:bff:fe0c:d01%eth0 prefixlen 64 scopeid 0x2 nd6 options=33 maclabel mls/low(low-low) with eth0 being a ng_eiface node, moved to the jail with vimage -i testvnet ngeth0. The host environment is: #ifconfig msk0: flags=8843 metric 0 mtu 1500 options=11a ether [edited] inet 192.168.0.10 netmask 0xffffff00 broadcast 192.168.0.255 inet6 fe80::223:54ff:fe08:2bf7%msk0 prefixlen 64 scopeid 0x1 nd6 options=41 maclabel mls/low(low-low) media: Ethernet autoselect (100baseTX ) status: active lo0: flags=8049 metric 0 mtu 16384 options=3 inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2 nd6 options=33 maclabel mls/equal(equal-equal) Output of jls from the host is: #jls # JID IP Address Hostname Path # 1 - testnet.myorg.org /jail/j/testnet I cannot set the IP address when I create the jail without an error: ip4.addr=${addr} gives "jail: vnet jails cannot have IP address restrictions"; ip4${addr} gives "jail: ip4: unknown jailsys value "172.26.72.10""; and ip=${addr} gives "jail: unknown parameter: ip". netstat -rn gives: #netstat: kvm not available: /dev/mem: Permission denied #Routing tables #rt_tables: symbol not in namelist /dev/mem is available in the jail environment, and /dev is mounted in the jail. I get a permission denied error on both /dev/mem and /dev/kmem: #ll /dev/kmem (or ll /dev/mem) #ls: /dev/kmem: Permission denied also, #vimage -l testvnet I do have vimage-enabled kernels on both the host and the jails (8.0). I originally installed a non-vimage kernel in the jails, and then updated to a vimage-enabled kernel following instructions in the handbook (using a template system). I am fairly certain I have the new kernel, as uname shows my new build date. Thank you very much again. ------- End of Forwarded Message ------- __ __ ________ ____ ___ ____ ____/ /__ / /__ _____ / ___/ _ \/ __ `__ \/ __ \/ __ / _ \/ / _ \/ ___/ / / / __/ / / / / / /_/ / /_/ / __/ / __/ / /_/ \___/_/ /_/ /_/\____/\__,_/\___/_/\___/_/ The information contained in this message is confidential and is intended for the addressee only. Any unauthorized use, dissemination of the information, or copying of this message is prohibited.