== SOLUTION ALREADY FOUND (see below) :) ==
To become more familiar with iocage, I've been trying out a bunch of things using FreeNAS 11.1 that I installed under Virtualbox (Windows guest).
FreeNAS VM network config:
No problems so far, the freenas-vm gets an IP address using DHCP:
The bridge0 is there since I set up the workaround described in https://forums.freenas.org/index.php?threads/iocage-vnet0-and-bridge0.59964/ - configuring these tunables (rc.conf) for my setup:
Create a new jail:
Let's see from within the jail:
Looking back on the freenas-vm itself:
So in my view the jail's vnet0 is correctly bridged to my hosts' network interface. Still, I'm not able to ping to any host from within the mysql-vm jail. Does the above show anything obviously wrong with my configuration?
Edit: From within the mysql-vm jail it is possible to ping the freenas-vm host:
Edit2: seems like I found the solution after so many days:
Some more sysctls added as tunables:
Result:
To become more familiar with iocage, I've been trying out a bunch of things using FreeNAS 11.1 that I installed under Virtualbox (Windows guest).
FreeNAS VM network config:
Code:
VBoxManage modifyvm "%VM_NAME%" --nic1 bridged --nictype1 virtio --bridgeadapter1 "Intel(R) Ethernet Connection I218-LM" --macaddress1 auto
No problems so far, the freenas-vm gets an IP address using DHCP:
Code:
root@freenas-vm:~ # ifconfig vtnet0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=6c03bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,VLAN_HWTSO,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6> ether 08:00:27:ba:9e:07 hwaddr 08:00:27:ba:9e:07 inet 192.168.1.197 netmask 0xffffff00 broadcast 192.168.1.255 nd6 options=9<PERFORMNUD,IFDISABLED> media: Ethernet 10Gbase-T <full-duplex> status: active lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6> inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2 inet 127.0.0.1 netmask 0xff000000 nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> groups: lo bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 ether 02:43:ad:b0:0c:00 nd6 options=9<PERFORMNUD,IFDISABLED> groups: bridge id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200 root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 member: vtnet0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 1 priority 128 path cost 2000
The bridge0 is there since I set up the workaround described in https://forums.freenas.org/index.php?threads/iocage-vnet0-and-bridge0.59964/ - configuring these tunables (rc.conf) for my setup:
Code:
cloned_interfaces - bridge0 ifconfig_bridge0 - addm vtnet0 up
Create a new jail:
Code:
iocage create --release 11.1-RELEASE --name "mysql-vm" boot=on vnet=on ip4_addr="vnet0|192.168.1.100/24" defaultrouter="192.168.1.1" resolver="192.168.1.1" host_hostname="mysql-vm" allow_raw_sockets="1"
Code:
+-----+----------+------+-------+------+-----------------+------------------------+-----+----------+ | JID | NAME | BOOT | STATE | TYPE | RELEASE | IP4 | IP6 | TEMPLATE | +=====+==========+======+=======+======+=================+========================+=====+==========+ | 5 | mysql-vm | on | up | jail | 11.1-RELEASE-p6 | vnet0|192.168.1.100/24 | - | - | +-----+----------+------+-------+------+-----------------+------------------------+-----+----------+
Let's see from within the jail:
Code:
root@freenas-vm:~ # iocage console mysql-vm root@mysql-vm:~ # ifconfig lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6> inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1 inet 127.0.0.1 netmask 0xff000000 nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> groups: lo vnet0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8<VLAN_MTU> ether 02:ff:60:45:74:21 hwaddr 02:4d:a0:00:05:0b inet 192.168.1.100 netmask 0xffffff00 broadcast 192.168.1.255 nd6 options=1<PERFORMNUD> media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>) status: active groups: epair root@mysql-vm:~ # ping 192.168.1.1 PING 192.168.1.1 (192.168.1.1): 56 data bytes ping: sendto: Host is down ping: sendto: Host is down ^C --- 192.168.1.1 ping statistics --- 7 packets transmitted, 0 packets received, 100.0% packet loss root@mysql-vm:~ # cat /etc/resolv.conf 192.168.1.1
Looking back on the freenas-vm itself:
Code:
root@mysql-vm:~ # exit logout root@freenas-vm:~ # ifconfig vtnet0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=2c00b9<RXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VLAN_HWTSO,LINKSTATE,RXCSUM_IPV6> ether 08:00:27:ba:9e:07 hwaddr 08:00:27:ba:9e:07 inet 192.168.1.197 netmask 0xffffff00 broadcast 192.168.1.255 nd6 options=9<PERFORMNUD,IFDISABLED> media: Ethernet 10Gbase-T <full-duplex> status: active lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6> inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2 inet 127.0.0.1 netmask 0xff000000 nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> groups: lo bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 ether 02:43:ad:b0:0c:00 nd6 options=9<PERFORMNUD,IFDISABLED> groups: bridge id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200 root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 member: vnet0:5 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 4 priority 128 path cost 2000 member: vtnet0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 1 priority 128 path cost 2000 vnet0:5: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: associated with jail: mysql-vm options=8<VLAN_MTU> ether 02:ff:60:45:74:20 hwaddr 02:4d:50:00:04:0a nd6 options=1<PERFORMNUD> media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>) status: active groups: epair
So in my view the jail's vnet0 is correctly bridged to my hosts' network interface. Still, I'm not able to ping to any host from within the mysql-vm jail. Does the above show anything obviously wrong with my configuration?
Edit: From within the mysql-vm jail it is possible to ping the freenas-vm host:
Code:
root@mysql-vm:~ # ping 192.168.1.197 PING 192.168.1.197 (192.168.1.197): 56 data bytes 64 bytes from 192.168.1.197: icmp_seq=0 ttl=64 time=0.075 ms 64 bytes from 192.168.1.197: icmp_seq=1 ttl=64 time=0.220 ms 64 bytes from 192.168.1.197: icmp_seq=2 ttl=64 time=0.155 ms ^C --- 192.168.1.197 ping statistics --- 3 packets transmitted, 3 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 0.075/0.150/0.220/0.059 ms
Edit2: seems like I found the solution after so many days:
Code:
iocage set resolver="nameserver 192.168.1.1"
Some more sysctls added as tunables:
Code:
net.inet.ip.forwarding=1 net.link.bridge.pfil_onlyip=0 net.link.bridge.pfil_bridge=0 net.link.bridge.pfil_member=0
Result:
Code:
root@mysql-vm:~ # ping 8.8.8.8 PING 8.8.8.8 (8.8.8.8): 56 data bytes 64 bytes from 8.8.8.8: icmp_seq=0 ttl=56 time=30.391 ms 64 bytes from 8.8.8.8: icmp_seq=1 ttl=56 time=35.297 ms ^C --- 8.8.8.8 ping statistics --- 2 packets transmitted, 2 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 30.391/32.844/35.297/2.453 ms
Last edited: