Hi All,
I have a fresh Freenas setup, which I am now migrating all my LXC containers (from an ubuntu) to Jails. Everything runs smoothly. Especially the transition from Linux to BSD. Except the ipv6 (and only when routed to outside world) which has heavy packet loss. I pinned it only on jails with VNET use.
My system:
AsRock H370M-ITX, i5-8400, 32Gbytes ram, 4*4TB WD Red. Freenas 11.2U2.1
I do have two ethernet controllers on the System. em0 (connected on VLAN1) and igb0 (connected on DMZ Vlan5).
It is not limited to ping, but with ping we can see the packet loss:
From Jane (the server):
Also some em0 info:
I do not have any other Ipv6 problems but with VNET devices only. This lead to suspect some setting in the system which might be causing this
One of the jails which has the problems:
Tried both allow_socket_af 0/1
I did also try some sysctl settings found around internet (while searching)
Turned of STP on my switch too.
Also when I start pinging from my Router! the IPv6 of the Jail (vnet jail) network becomes stable for the jail!
Thanks
I have a fresh Freenas setup, which I am now migrating all my LXC containers (from an ubuntu) to Jails. Everything runs smoothly. Especially the transition from Linux to BSD. Except the ipv6 (and only when routed to outside world) which has heavy packet loss. I pinned it only on jails with VNET use.
My system:
AsRock H370M-ITX, i5-8400, 32Gbytes ram, 4*4TB WD Red. Freenas 11.2U2.1
I do have two ethernet controllers on the System. em0 (connected on VLAN1) and igb0 (connected on DMZ Vlan5).
It is not limited to ping, but with ping we can see the packet loss:
Code:
root@ns2:/ # ping6 google.com PING6(56=40+8+8 bytes) 2a*******:6eee::3 --> 2a00:1450:400e:80d::200e 16 bytes from 2a00:1450:400e:80d::200e, icmp_seq=14 hlim=57 time=837.461 ms 16 bytes from 2a00:1450:400e:80d::200e, icmp_seq=15 hlim=57 time=1.426 ms 16 bytes from 2a00:1450:400e:80d::200e, icmp_seq=16 hlim=57 time=1.416 ms 16 bytes from 2a00:1450:400e:80d::200e, icmp_seq=17 hlim=57 time=1.368 ms 16 bytes from 2a00:1450:400e:80d::200e, icmp_seq=18 hlim=57 time=1.547 ms 16 bytes from 2a00:1450:400e:80d::200e, icmp_seq=19 hlim=57 time=1.425 ms 16 bytes from 2a00:1450:400e:80d::200e, icmp_seq=20 hlim=57 time=1.607 ms 16 bytes from 2a00:1450:400e:80d::200e, icmp_seq=21 hlim=57 time=1.484 ms 16 bytes from 2a00:1450:400e:80d::200e, icmp_seq=22 hlim=57 time=1.489 ms ^C --- google.com ping6 statistics --- 26 packets transmitted, 9 packets received, 65.4% packet loss round-trip min/avg/max/std-dev = 1.368/94.358/837.461/262.727 ms root@ns2:/ #
From Jane (the server):
Code:
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 02:5f:2f:c2:59:00
nd6 options=9<PERFORMNUD,IFDISABLED>
groups: bridge
id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
member: vnet0:6 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 10 priority 128 path cost 2000
member: vnet0:5 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 9 priority 128 path cost 2000
member: vnet0:4 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 7 priority 128 path cost 2000
member: igb0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 1 priority 128 path cost 55
root@jane[~]# ifconfig igb0
igb0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=2400b9<RXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VLAN_HWTSO,RXCSUM_IPV6>
ether 70:85:c2:7b:b9:35
hwaddr 70:85:c2:7b:b9:35
nd6 options=9<PERFORMNUD,IFDISABLED>
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
Also some em0 info:
Code:
root@jane[~]# ifconfig em0
em0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=2098<VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC>
ether 70:85:c2:7b:b9:33
hwaddr 70:85:c2:7b:b9:33
inet 10.10.0.200 netmask 0xfffffc00 broadcast 10.10.3.255
inet 10.10.0.131 netmask 0xfffffc00 broadcast 10.10.3.255
inet 10.10.0.202 netmask 0xfffffc00 broadcast 10.10.3.255
inet 10.10.0.20 netmask 0xfffffc00 broadcast 10.10.3.255
inet6 fe80::7285:c2ff:fe7b:b933%em0 prefixlen 64 scopeid 0x2
inet6 2******:6eee::cfc prefixlen 64
inet6 2******:6eee::d prefixlen 64
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
bridge1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 02:5f:2f:c2:59:01
nd6 options=9<PERFORMNUD,IFDISABLED>
groups: bridge
id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
member: vnet1:5 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 8 priority 128 path cost 2000
member: em0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 2 priority 128 path cost 55
I do not have any other Ipv6 problems but with VNET devices only. This lead to suspect some setting in the system which might be causing this
One of the jails which has the problems:
Code:
root@jane[~]# iocage get all ns2 CONFIG_VERSION:14.1 allow_chflags:0 allow_mlock:0 allow_mount:0 allow_mount_devfs:0 allow_mount_nullfs:0 allow_mount_procfs:0 allow_mount_tmpfs:0 allow_mount_zfs:0 allow_quotas:0 allow_raw_sockets:1 allow_set_hostname:1 allow_socket_af:1 allow_sysvipc:0 allow_tun:0 available:readonly basejail:no boot:on bpf:yes children_max:0 cloned_release:11.2-RELEASE comment:none compression:lz4 compressratio:readonly coredumpsize:off count:1 cpuset:off cputime:off datasize:off dedup:off defaultrouter:10.10.0.1 defaultrouter6:2********:6eee::1 depends:none devfs_ruleset:4 dhcp:off enforce_statfs:2 exec_clean:1 exec_fib:0 exec_jail_user:root exec_poststart:/usr/bin/true exec_poststop:/usr/bin/true exec_prestart:/usr/bin/true exec_prestop:/usr/bin/true exec_start:/bin/sh /etc/rc exec_stop:/bin/sh /etc/rc.shutdown exec_system_jail_user:0 exec_system_user:root exec_timeout:60 host_domainname:lan.billias.cc host_hostname:ns2 host_hostuuid:ns2 host_time:yes hostid:246d7f05-3808-11e9-9a5c-bc5ff4976051 hostid_strict_check:no interfaces:vnet1:bridge1,vnet0:bridge0 ip4:new ip4_addr:vnet0|10.10.5.3/24,vnet1|10.10.0.3/22 ip4_saddrsel:0 ip6:new ip6_addr:vnet1|2******:6eee::3/64,vnet0|2*******05::3/64 ip6_saddrsel:0 jail_zfs:off jail_zfs_dataset:iocage/jails/ns2/data jail_zfs_mountpoint:none last_started:2019-03-04 06:03:27 login_flags:-f root mac_prefix:bc5ff4 maxproc:off memorylocked:off memoryuse:off mount_devfs:1 mount_fdescfs:1 mount_linprocfs:0 mount_procfs:0 mountpoint:readonly msgqqueued:off msgqsize:off nmsgq:off notes:none nsemop:off nshm:off nthr:off openfiles:off origin:readonly owner:root pcpu:off priority:110 pseudoterminals:off quota:none release:11.2-RELEASE-p9 reservation:none resolver:/etc/resolv.conf rlimits:off securelevel:2 shmsize:off stacksize:off state:up stop_timeout:30 swapuse:off sync_state:none sync_target:none sync_tgt_zpool:none sysvmsg:new sysvsem:new sysvshm:new template:no type:jail used:readonly vmemoryuse:off vnet:on vnet0_mac:bc5ff4552455 bc5ff4552456 vnet1_mac:bc5ff4552457 bc5ff4552458 vnet2_mac:none vnet3_mac:none vnet_default_interface:em0 vnet_interfaces:none wallclock:off root@jane[~]#
Tried both allow_socket_af 0/1
I did also try some sysctl settings found around internet (while searching)
Turned of STP on my switch too.
Also when I start pinging from my Router! the IPv6 of the Jail (vnet jail) network becomes stable for the jail!
Thanks
Last edited:
