Alec Edworthy
Dabbler
- Joined
- Feb 27, 2014
- Messages
- 19
Hello,
Since upgrading to FreeNAS 9.3 earlier today (I know, took me long enough!) I have had issues with NAT'd jails breaking IPv6. At first I thought it was a general issue with IPv6 but since disabling all my jails (turning off autostart) I have found the issue has gone away until I start a NAT'd jail. Here is the outline of my configuration,
Host level:
Static public IPv4 address
Autoconf IPv6 address and manual IPv6 address (issue occurs regardless of if I have one, the other or both)
Jail level:
192.168.254.0/24 as the jail IPv4 range
192.168.254.254 is the bridge IPv4 address
Static IPv4 addresses allocated to jails
IPv6 disabled in jails (still a WIP for FreeNAS I believe)
Prior to starting a NAT'd jail everything is fine, I can connect into the FreeNAS using IPv6 and can make IPv6 connections out of the FreeNAS.
As soon as I start a NAT'd jail however the IPv6 connectivity stops. Sometimes it'll keep going for a few seconds, maybe a minute at most, but it always stops. This feels to me like a cache timing out or advertisements not being acted upon.
Possibly related I have found that if I have multiple NAT'd jails set to start (or manually start them), only one will get an entry in ipfw to make NAT work, all the others have no entry and so can only communicate with the FreeNAS host (when trying to communicate with hosts outside of the FreeNAS the jail's packets go out with the private IP address in the headers).
If I have a jail set up using a public IP address from the same network as the FreeNAS host is on then everything is fine with IPv6 on the host and connectivity into and out of the jail works without issue.
I've just done a test now and 49 seconds after clicking "Yes" to start a NAT'd jail I lost the ability to ping the FreeNAS's manual IPv6 address and for the FreeNAS to ping another host's IPv6 address, 126 seconds after clicking "Yes" the ability to ping the FreeNAS's autoconf IPv6 address stopped.
I've attached three files, two are the output of some commands (ifconfig -a, netstat -nr and ipfw show) before and after starting the jail and the third is the output from dmesg.
Anyone got any idea what's going on please?
Alec
Since upgrading to FreeNAS 9.3 earlier today (I know, took me long enough!) I have had issues with NAT'd jails breaking IPv6. At first I thought it was a general issue with IPv6 but since disabling all my jails (turning off autostart) I have found the issue has gone away until I start a NAT'd jail. Here is the outline of my configuration,
Host level:
Static public IPv4 address
Autoconf IPv6 address and manual IPv6 address (issue occurs regardless of if I have one, the other or both)
Jail level:
192.168.254.0/24 as the jail IPv4 range
192.168.254.254 is the bridge IPv4 address
Static IPv4 addresses allocated to jails
IPv6 disabled in jails (still a WIP for FreeNAS I believe)
Prior to starting a NAT'd jail everything is fine, I can connect into the FreeNAS using IPv6 and can make IPv6 connections out of the FreeNAS.
As soon as I start a NAT'd jail however the IPv6 connectivity stops. Sometimes it'll keep going for a few seconds, maybe a minute at most, but it always stops. This feels to me like a cache timing out or advertisements not being acted upon.
Possibly related I have found that if I have multiple NAT'd jails set to start (or manually start them), only one will get an entry in ipfw to make NAT work, all the others have no entry and so can only communicate with the FreeNAS host (when trying to communicate with hosts outside of the FreeNAS the jail's packets go out with the private IP address in the headers).
If I have a jail set up using a public IP address from the same network as the FreeNAS host is on then everything is fine with IPv6 on the host and connectivity into and out of the jail works without issue.
I've just done a test now and 49 seconds after clicking "Yes" to start a NAT'd jail I lost the ability to ping the FreeNAS's manual IPv6 address and for the FreeNAS to ping another host's IPv6 address, 126 seconds after clicking "Yes" the ability to ping the FreeNAS's autoconf IPv6 address stopped.
I've attached three files, two are the output of some commands (ifconfig -a, netstat -nr and ipfw show) before and after starting the jail and the third is the output from dmesg.
Anyone got any idea what's going on please?
Alec
