Date: Fri, 23 Dec 2016 09:33:17 -0500 From: "James B. Byrne" <byrnejb@harte-lyne.ca> To: freebsd-jail@freebsd.org Subject: IP address assignments to jails using ezjail Message-ID: <a991de9aa44a7ae47b4810f8753ebe83.squirrel@webmail.harte-lyne.ca> In-Reply-To: <20161223152836.N26979@sola.nimnet.asn.au> References: <20161223152836.N26979@sola.nimnet.asn.au>
next in thread | previous in thread | raw e-mail | index | archive | help
I am experimenting with jails on a bhyve vm guest running FBSD-11.0
using ezjail. I am having a problem with network connections to the
outside from within the jail. I have sshd configured and I can reach
the jail from the outside:
$ ssh -vv 192.168.216.196
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 192.168.216.196 [192.168.216.196] port 22.
debug1: Connection established.
But inside the jail I cannot connect out:
ssh -vv 192.168.216.22
OpenSSH_7.2p2, OpenSSL 1.0.2j-freebsd 26 Sep 2016
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: resolving "192.168.216.22" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to 192.168.216.22 [192.168.216.22] port 22.
debug1: connect to address 192.168.216.22 port 22: Operation timed out
ssh: connect to host 192.168.216.22 port 22: Operation timed out
On the host system I see this:
# ifconfig
vtnet0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST>
metric 0 mtu 1500
options=80028<VLAN_MTU,JUMBO_MTU,LINKSTATE>
ether 00:a0:98:fa:aa:b6
inet 216.185.71.16 netmask 0xffffff00 broadcast 216.185.71.255
inet 192.168.216.16 netmask 0xffffff00 broadcast 192.168.216.255
inet 192.168.216.196 netmask 0xffffffff broadcast 192.168.216.196
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
media: Ethernet 10Gbase-T <full-duplex>
status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
inet 127.0.0.1 netmask 0xff000000
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
groups: lo
lo1: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
inet 127.0.1.1 netmask 0xffffffff
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
groups: lo
pflog0: flags=141<UP,RUNNING,PROMISC> metric 0 mtu 33160
groups: pflog
Inside the jail I see this:
root@hlldrupal:~ # ifconfig
vtnet0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST>
metric 0 mtu 1500
options=80028<VLAN_MTU,JUMBO_MTU,LINKSTATE>
ether 00:a0:98:fa:aa:b6
inet 192.168.216.196 netmask 0xffffffff broadcast 192.168.216.196
media: Ethernet 10Gbase-T <full-duplex>
status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
groups: lo
lo1: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
inet 127.0.1.1 netmask 0xffffffff
groups: lo
pflog0: flags=141<UP,RUNNING,PROMISC> metric 0 mtu 33160
groups: pflog
Any ideas as to what I may have failed to do?
--
*** e-Mail is NOT a SECURE channel ***
Do NOT transmit sensitive data via e-Mail
Do NOT open attachments nor follow links sent by e-Mail
James B. Byrne mailto:ByrneJB@Harte-Lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?a991de9aa44a7ae47b4810f8753ebe83.squirrel>