theonlympo
Cadet
- Joined
- Mar 24, 2024
- Messages
- 1
I'll start by saying, neither networking nor BSD are an area of expertise for me-- I appreciate any help here!
TL;DR: My problem is that I have two jails running on my TrueNAS CORE machine which are unable to reach the internet.
I recently configured VLANs on my network. My TrueNAS machine has a physical connection to the trunk (10.18.1.10/24), and has multiple VLANs attached to that physical interface- VLAN 10 (10.18.10.10/24) and VLAN 40 (10.18.40.10/24) are relevant here. I am running two jails within TrueNAS, each on one of the aforementioned VLANs, with IPv4 connections mapping to 10.18.10.12 and 10.18.40.4, respectively. Each jail is generally performing its role with no apparent issue (one is a reverse proxy and the other is a syncthing node) and seems to be otherwise working as expected on their respective VLANs. Each is able to ping the gateway (10.18.1.1) and nameserver (10.18.1.2) on the trunk but neither is able to ping anything on the internet (though they seem able to resolve IPs from DNS). The jails' host (10.18.1.10) is able to reach the nameserver, gateway, and internet without issue. Other devices on each VLAN are also able to access the internet. Because other systems on each VLAN are able to get to the internet, I do not think this is a network config issue outside of TrueNAS. On the other hand. TrueNAS is the only thing on any VLAN whose traffic is not being tagged by the switch it's attached to (i.e., anything untagged coming into the switch's port is put on the trunk).
I've searched the forums here (as well as some BSD jail resources) and seen a lot of folks unable to connect to the internet who also can't ping their gateway... that I understand, but I can't get my head around getting to the gateway, but no farther. My only other thought is that there is some kind of NAT issue I am not considering which is specific to the NAS tagging its own traffic (vs. the switch port doing the tagging) but IDK what that would be.
All results below from the syncthing jail (10.18.10.12)
Results of ifconfgi, netstat, and resolv.conf output:
TL;DR: My problem is that I have two jails running on my TrueNAS CORE machine which are unable to reach the internet.
I recently configured VLANs on my network. My TrueNAS machine has a physical connection to the trunk (10.18.1.10/24), and has multiple VLANs attached to that physical interface- VLAN 10 (10.18.10.10/24) and VLAN 40 (10.18.40.10/24) are relevant here. I am running two jails within TrueNAS, each on one of the aforementioned VLANs, with IPv4 connections mapping to 10.18.10.12 and 10.18.40.4, respectively. Each jail is generally performing its role with no apparent issue (one is a reverse proxy and the other is a syncthing node) and seems to be otherwise working as expected on their respective VLANs. Each is able to ping the gateway (10.18.1.1) and nameserver (10.18.1.2) on the trunk but neither is able to ping anything on the internet (though they seem able to resolve IPs from DNS). The jails' host (10.18.1.10) is able to reach the nameserver, gateway, and internet without issue. Other devices on each VLAN are also able to access the internet. Because other systems on each VLAN are able to get to the internet, I do not think this is a network config issue outside of TrueNAS. On the other hand. TrueNAS is the only thing on any VLAN whose traffic is not being tagged by the switch it's attached to (i.e., anything untagged coming into the switch's port is put on the trunk).
I've searched the forums here (as well as some BSD jail resources) and seen a lot of folks unable to connect to the internet who also can't ping their gateway... that I understand, but I can't get my head around getting to the gateway, but no farther. My only other thought is that there is some kind of NAT issue I am not considering which is specific to the NAS tagging its own traffic (vs. the switch port doing the tagging) but IDK what that would be.
All results below from the syncthing jail (10.18.10.12)
Code:
root@syncthing-host:~ # ping 10.18.1.1 PING 10.18.1.1 (10.18.1.1): 56 data bytes 64 bytes from 10.18.1.1: icmp_seq=0 ttl=64 time=0.947 ms 64 bytes from 10.18.1.1: icmp_seq=1 ttl=64 time=0.870 ms ^C --- 10.18.1.1 ping statistics --- 2 packets transmitted, 2 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 0.870/0.909/0.947/0.038 ms root@syncthing-host:~ # root@syncthing-host:~ # root@syncthing-host:~ # ping 10.18.1.2 PING 10.18.1.2 (10.18.1.2): 56 data bytes 64 bytes from 10.18.1.2: icmp_seq=0 ttl=63 time=0.879 ms 64 bytes from 10.18.1.2: icmp_seq=1 ttl=63 time=1.327 ms ^C --- 10.18.1.2 ping statistics --- 2 packets transmitted, 2 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 0.879/1.103/1.327/0.224 ms root@syncthing-host:~ # root@syncthing-host:~ # root@syncthing-host:~ # ping truenas.com PING truenas.com (192.41.228.5): 56 data bytes ^C --- truenas.com ping statistics --- 86 packets transmitted, 0 packets received, 100.0% packet loss root@syncthing-host:~ #
Results of ifconfgi, netstat, and resolv.conf output:
Code:
root@syncthing-host:~ # ifconfig
em0: flags=8963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: em0
options=4810099<RXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,VLAN_HWFILTER,NOMAP>
ether 04:42:1a:05:25:a0
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
groups: lo
pflog0: flags=0<> metric 0 mtu 33160
groups: pflog
vlan10: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: Trusted Devices VLAN
options=4000001<RXCSUM,NOMAP>
ether 04:42:1a:05:25:a0
inet 10.18.10.12 netmask 0xffffff00 broadcast 10.18.10.255
groups: vlan
vlan: 10 vlanproto: 802.1q vlanpcp: 0 parent interface: em0
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
vlan4090: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: Management VLAN
options=4000001<RXCSUM,NOMAP>
ether 04:42:1a:05:25:a0
groups: vlan
vlan: 4090 vlanproto: 802.1q vlanpcp: 0 parent interface: em0
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
vlan40: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: Homelab VLAN
options=4000001<RXCSUM,NOMAP>
ether 04:42:1a:05:25:a0
groups: vlan
vlan: 40 vlanproto: 802.1q vlanpcp: 0 parent interface: em0
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 58:9c:fc:10:ff:bf
id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
member: vnet0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 8 priority 128 path cost 2000000
member: em0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 1 priority 128 path cost 20000
groups: bridge
vnet0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=80000<LINKSTATE>
ether fe:a0:98:6c:27:fc
hwaddr 58:9c:fc:00:1c:15
groups: tap
media: Ethernet autoselect
status: active
Opened by PID 1928
root@syncthing-host:~ #
root@syncthing-host:~ #
root@syncthing-host:~ # cat /etc/resolv.conf
domain home.lan
search home.lan
nameserver 10.18.1.2
root@syncthing-host:~ #
root@syncthing-host:~ #
root@syncthing-host:~ # netstat -rn
Routing tables
Internet:
Destination Gateway Flags Netif Expire
10.18.10.12 link#4 UHS lo0
root@syncthing-host:~ #
