- Feb 23, 2018
Hi, I am facing a problem, I thought it's probably jail bridge loop. It occurred after update of FreeNAS to 11.2-U1. I was running some jails on 11.1-U6 without any issue. After update, when I start any jail, it seems there is broadcast storm and whole segment is flooded. There are 4 GbE connected to same switch - 1x ILO, 2x onboard NIC as lagg for balancing, 1x PCI-E NIC. DHCP is used for PCI-E NIC and jails, lagg is static IP. I didn't found root cause yet. When I start FreeNAS with stopped jails, there is no problem. When I start jail, loop occur and only disconnecting PCI-E NIC cable or reboot helps. I just found this Multiple network interfaces on a single subnet topic, by @jgreco.
Any ideas before I will start dumping and analyzing traffic is welcomed.Some good practices for using jails as DMZ as well. I'm considering adding another one NIC dedicated for DMZ. On Debian system with KVMs I have two bridges, one with LAN, one with DMZ and assign them to different VMs. Didn't try that with iocage yet, I am still noob in *BSD world. Do I understand it well, that I can't have 2 ports lagg for NAS LAN traffic in IP subnet A, ILO in IP subnet A, jails for internal use in IP subnet A and DMZ jails in IP subnet B? Do I need to use just one logical interface (lagg) per physical subnet, regardless IP subnet? So I can't have NIC dedicated to jail, but I have to use shared interface with rest of the system and if I need separate NIC for DMZ, I have to use separate physical subnet (other switch or VLAN)? ILO is probably other story, as it's actually different system, just sitting in same box, right?
Any ideas before I will start dumping and analyzing traffic is welcomed.