Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] Dual stack jails - rc.conf ifconfig_ variable doesn't work. #655

Open
david-ramsden opened this issue Dec 28, 2023 · 3 comments
Open

[BUG] Dual stack jails - rc.conf ifconfig_ variable doesn't work. #655

david-ramsden opened this issue Dec 28, 2023 · 3 comments
Labels
bug Something isn't working

Comments

@david-ramsden
Copy link

[MANDATORY] Describe the bug [MANDATORY]
Disclaimer: New user to FreeBSD, jails and Bastille.

I have the requirement to deploy dual stack jails. I'm doing so using an external bridge so that I can use IPv6 RAs from my VPS provider and also IPv4 using RFC1918 addressing and NAT via pf on the host. As such, I've installed bastille from the latest git main branch to take advantage of dual stack jail deployment.

However, after creating a jail, the rc.conf that has been created doesn't work and no networking comes up. I need to change rc.conf and restart netif to get things going.

See steps to reproduce for detailed information.

[MANDATORY] Bastille and FreeBSD version (paste bastille -v && freebsd-version -kru output)

3a4ebc63bb84b66d456713e608be86e4cba3b637
14.0-RELEASE-p3
14.0-RELEASE-p3
14.0-RELEASE-p4

[MANDATORY] How did you install bastille? (port/pkg/git)
git

[optional] Steps to reproduce?

Create a new jail, e.g: bastille create -B test2 14.0-RELEASE "10.77.4.3/24 SLAAC" bastille1

Output from jail creation:

Valid: (10.77.4.3/24).
Valid: (SLAAC).
Valid: (bastille1).

Creating a thinjail...

no IP address found for not set
[test2]:
epair1a
e1a_test2
e1b_test2
test2: created

[test2]:
Applying template: default/vnet...
[test2]:
Applying template: default/base...
[test2]:
[test2]: 0

[test2]:
syslogd_flags: -s -> -ss

[test2]:
sendmail_enable: NONE -> NO

[test2]:
sendmail_submit_enable: YES -> NO

[test2]:
sendmail_outbound_enable: YES -> NO

[test2]:
sendmail_msp_queue_enable: YES -> NO

[test2]:
cron_flags:  -> -J 60

[test2]:
/etc/resolv.conf -> /usr/local/bastille/jails/test2/root/etc/resolv.conf

Template applied: default/base

No value provided for arg: GATEWAY6
[test2]:
ifconfig_e1b_test2_name:  -> vnet0

[test2]:
ifconfig_vnet0:  ->  inet 10.77.4.3/24 inet6 -ifdisabled accept_rtadv

[test2]:
defaultrouter: NO -> 10.77.4.1
[test2]: 0

[test2]:
[test2]: 0

Template applied: default/vnet

[test2]:
test2: removed

no IP address found for not set
[test2]:
epair1a
e1a_test2
e1b_test2
test2: created

(side note: is there a typo in the text "no IP address found for not set" - should this be "or" instead of "for"?)

Console to the jail and check ifconfig:

lo0: flags=1008049<UP,LOOPBACK,RUNNING,MULTICAST,LOWER_UP> metric 0 mtu 16384
        options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
        inet 127.0.0.1 netmask 0xff000000
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0xb
        groups: lo
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
pflog0: flags=0 metric 0 mtu 33152
        options=0
        groups: pflog
vnet0: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500
        options=8<VLAN_MTU>
        ether 02:5b:06:ae:11:0b
        groups: epair
        media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
        status: active
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>

No IPv4 or IPv6 config has been applied to vnet0 interface.

/etc/rc.conf is as follows:

syslogd_flags="-ss"
sendmail_enable="NO"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"
cron_flags="-J 60"
ifconfig_e1b_test2_name="vnet0"
ifconfig_vnet0=" inet 10.77.4.3/24 inet6 -ifdisabled accept_rtadv"
defaultrouter="10.77.4.1"

When restarting netif, the following error is seen: ifconfig: inet6: bad value

To resolve this, I edit rc.conf and remove the inet6 parameters from the ifconfig_vnet0 variable and use a ifconfig_vnet0_ipv6 specific variable, e.g:

ifconfig_vnet0="inet 10.77.4.3/24"
ifconfig_vnet0_ipv6="inet6 -ifdisabled accept_rtadv"

Now restarting netif produces no errors and IPv4 and IPv6 are configured as expected.
@david-ramsden david-ramsden added the bug Something isn't working label Dec 28, 2023
@david-ramsden
Copy link
Author

david-ramsden commented Dec 28, 2023
edited
Loading

Another observation is that /etc/resolv.conf inside the jail doesn't contain the IPv4 nameserver that is present in the host's /etc/resolv.conf. Only the IPv6 nameserver is present. Unrelated (I think?) to this issue but commenting so that I don't forget about it.

@tschettervictor
Copy link
Collaborator

@david-ramsden Is this still an issue?

@bmac2
Copy link
Collaborator

bmac2 commented Feb 23, 2025

@david-ramsden can you retest your setup with the latest code from git? We need to know if this is still an issue so we can address it.

@tschettervictor @yaazkal

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@bmac2 @david-ramsden @tschettervictor