Date: Wed, 29 Jan 2014 14:22:56 +0200 From: Beeblebrox <zaphod@berentweb.com> To: Nikolay Denev <nike_d@cytexbg.com> Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org> Subject: Re: Jails on fib problem Message-ID: <CAPSTsktw2Jyn7_K5zHy1kzOKLkSNbR_KCZKZJauOOV_1Vwx1tQ@mail.gmail.com> In-Reply-To: <CAPSTskts0%2Bc%2BaWE7CbFKMBnHU=NG78TKRU8dA-AFUgzaJ1u7_g@mail.gmail.com> References: <1390909590119-5880672.post@n5.nabble.com> <52E7A9D8.30604@freebsd.org> <CAPSTskviFBMHUXmWhTnGB13ZEYsyQm2_azHNJ65VG42oQLpmpQ@mail.gmail.com> <CA%2BP_MZFZ8Ue46VZOkG9sL2X_KqyXQZZb7B5z2Mm%2Br%2Bxca6UUPQ@mail.gmail.com> <CAPSTskts0%2Bc%2BaWE7CbFKMBnHU=NG78TKRU8dA-AFUgzaJ1u7_g@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Since no answer as to a-or-b option, I assumed (a) option was also flawed, so I went with (b). I moved the jails to a 192 address family. Current rc.conf: cloned_interfaces="lo2" ifconfig_lo2="inet 192.168.2.110/28" static_routes="jail default" route_jail="default 192.168.2.110 -fib 1" route_default="default 192.168.1.1" # setfib 1 netstat -rn Destination Gateway Flags Netif Expire default 192.168.2.110 UGS lo2 127.0.0.1 link#3 UH lo0 192.168.1.0/24 link#1 U re0 192.168.2.99 link#4 UH lo2 (privoxy) 192.168.2.100 link#4 UH lo2 (http cache) 192.168.2.110 link#4 UH lo2 192.168.56.0/28 link#6 U vboxnet0 Traffic for any internet IP gets passed to httpcache -> privoxy jail (99), but does not get forwarded to the 192.168.1.1 gateway. If I try to access the 192.168.1.1 adsl modem page, this does come up correctly (I presume because it is within defined address range on the routing table). What am I missing so that traffic from jail knows to exit from re0 and on to default gateway? In pf.conf I have one NAT rule - Should I be natting on lo2 as well? nat on $ExtIf from !($ExtIf) -> $ExtIf Regards.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPSTsktw2Jyn7_K5zHy1kzOKLkSNbR_KCZKZJauOOV_1Vwx1tQ>