Date: Fri, 12 Jun 2020 13:48:55 -0400 From: David Mehler <dave.mehler@gmail.com> To: Ole <ole@free.de> Cc: Kyle Evans <kevans@freebsd.org>, freebsd-jail@freebsd.org Subject: Re: vnet jail shutdown crashes system Message-ID: <CAPORhP5UPZLOoGAP9ixrfKrMnYXr03iWzv0sqcDy8ZYd%2B9BPVQ@mail.gmail.com> In-Reply-To: <20200609182546.6693d2e3.ole@free.de> References: <CAPORhP57h6yoDZF%2B3h2kLApN-hLmedPfX819LJW8Ec2A7DNW_A@mail.gmail.com> <20200609182546.6693d2e3.ole@free.de>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello,
Thanks to everyone who offered suggestions on my vnet jail. I'm
passing this on, a friend of mine sent me his configuration, which he
modified from mine, it does not crash on vnet jail shutdown and takes
down the interfaces both epair0a and epair0b. My rc.conf in the
original post is unchanged. Here's the revised and working
/etc/jail.conf:
#cat jail.conf
exec.clean;
exec.start = "/bin/sh /etc/rc";
exec.stop = "/bin/sh /etc/rc.shutdown";
mount.devfs;
allow.raw_sockets;
#exec.system_user = "root";
#exec.jail_user = "root";
vnet;
jail1 {
host.hostname = jail1.lan;
path = "/jails/jail1";
devfs_ruleset = "4";
mount.devfs;
vnet = "new";
vnet.interface = "epair0b";
exec.prestart = "ifconfig epair0 create up";
exec.prestart += "ifconfig bridge0 addm epair0a";
exec.start = "/bin/sh /etc/rc";
exec.start += "ifconfig epair0b inet 192.168.122.50 netmask
255.255.255.0";
exec.start += "route add default 192.168.122.1";
exec.stop = "/bin/sh /etc/rc.shutdown";
exec.poststop = "ifconfig bridge0 deletem epair0a";
exec.poststop += "ifconfig epair0a destroy";
exec.consolelog = "/var/log/jail_jail1_console.log";
}
I have no idea why this works but it is here I'm passing it on hoping
it helps others with vnet and/or track down the epair teardown issue.
Thanks and HTH
Dave.
On 6/9/20, Ole <ole@free.de> wrote:
> Hello Dave,
>
> I had the same problem. I found out, that the system will crash, if I do
> the 'ifconfig epair0a destroy' direct after the 'jail -r'.
>
> My solution is to sleep 2 seconds after the 'jail -r' command.
>
> Maybe a little bit dirty.
>
> Ole
>
>
>
> Sun, 7 Jun 2020 21:59:03 -0400 - David Mehler <dave.mehler@gmail.com>:
>
>> Hello,
>>
>> I've finally created a vnet jail on FreeBSD 12.1 that will get out to
>> the internet. Whenever I atempt to shut it down the system crashes, I
>> have no idea why.
>>
>> I found an example and adapted and pounded on it until I got it
>> working. Here's my configuration. On the host:
>>
>> /etc/rc.conf fragment:
>> cloned_interfaces="bridge0"
>> ifconfig_bridge0="inet 192.168.122.1/24 addm vtnet0 up"
>>
>> #cat /etc/jail.conf
>> exec.clean;
>> exec.start = "/bin/sh /etc/rc";
>> exec.stop = "/bin/sh /etc/rc.shutdown";
>> mount.devfs;
>> allow.raw_sockets;
>> exec.system_user = "root";
>> exec.jail_user = "root";
>> vnet;
>>
>> jail1 {
>> host.hostname = jail1.lan;
>> path = "/jails/jail1";
>> devfs_ruleset = "5";
>> vnet.interface = "epair0b";
>> exec.prestart = "ifconfig epair0 create up";
>> exec.prestart += "ifconfig bridge0 addm epair0a";
>> exec.poststop = "ifconfig bridge0 deletem epair0a";
>> exec.poststop += "ifconfig epair0a destroy";
>> exec.consolelog = "/var/log/jail_jail1_console.log";
>> }
>>
>> ifconfig fragment:
>> bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0
>> mtu 1500 ether 02:e7:79:f2:c4:00
>> inet 192.168.122.1 netmask 0xffffff00 broadcast
>> 192.168.122.255 id 00:00:00:00:00:00 priority 32768 hellotime 2
>> fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
>> root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
>> member: epair0a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
>> ifmaxaddr 0 port 4 priority 128 path cost 2000
>> member: vtnet0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
>> ifmaxaddr 0 port 1 priority 128 path cost 2000
>> groups: bridge
>> nd6 options=9<PERFORMNUD,IFDISABLED>
>> epair0a: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST>
>> metric 0 mtu 1500
>> options=8<VLAN_MTU>
>> ether 02:ad:9b:f9:5e:0a
>> inet6 fe80::ad:9bff:fef9:5e0a%epair0a prefixlen 64 scopeid 0x4
>> groups: epair
>> media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
>> status: active
>> nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
>>
>> In the vnet jail:
>> # cat /etc/rc.conf
>> hostname="jail1.lan"
>> ifconfig_epair0b="inet 192.168.122.50 netmask 255.255.255.0"
>> defaultrouter="192.168.122.1"
>>
>> I wish I knew why stopping this jail takes the whole system down,
>> suggestions welcome.
>> Thanks.
>> Dave.
>> _______________________________________________
>> freebsd-jail@freebsd.org mailing list
>> https://lists.freebsd.org/mailman/listinfo/freebsd-jail
>> To unsubscribe, send any mail to
>> "freebsd-jail-unsubscribe@freebsd.org"
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPORhP5UPZLOoGAP9ixrfKrMnYXr03iWzv0sqcDy8ZYd%2B9BPVQ>