No Network in Jails if VNET is enabled

martin481997

Dabbler
Joined
Jan 12, 2020
Messages
17
Hello I try to get Plex running inside a Jail, but as soon as i setup a jail with vnet it has no connection to the network cant ping my Jail from Freenas and Freenas from the jail also no internet inside the Jail.
ifconfig freenas
Code:
igb0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=2400b9<RXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VLAN_HWTSO,RXCSUM_IPV6>
        ether a8:5e:45:3d:41:85
        hwaddr a8:5e:45:3d:41:85
        inet 192.168.212.100 netmask 0xffffff00 broadcast 192.168.212.255
        nd6 options=9<PERFORMNUD,IFDISABLED>
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active
igb1: flags=8c02<BROADCAST,OACTIVE,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=6403bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,VLAN_HWTSO,RXCSUM_IPV6,TXCSUM_IPV6>
        ether a8:5e:45:3d:41:86
        hwaddr a8:5e:45:3d:41:86
        nd6 options=9<PERFORMNUD,IFDISABLED>
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
        inet 127.0.0.1 netmask 0xff000000
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        groups: lo
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        ether 02:35:3a:c3:0c:00
        inet 192.168.212.110 netmask 0xffffff00 broadcast 192.168.212.255
        nd6 options=1<PERFORMNUD>
        groups: bridge
        id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
        maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
        root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
        member: vnet0:33 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                ifmaxaddr 0 port 5 priority 128 path cost 2000
        member: igb0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                ifmaxaddr 0 port 1 priority 128 path cost 20000
vnet0:33: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        description: associated with jail: test as nic: epair0b
        options=8<VLAN_MTU>
        ether 0d:cd:44:ae:1b:75
        hwaddr 02:7e:d0:00:05:0a
        nd6 options=1<PERFORMNUD>
        media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
        status: active
        groups: epair

ifconfig jail
Code:
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
        inet 127.0.0.1 netmask 0xff000000
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        groups: lo
epair0b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8<VLAN_MTU>
        ether 0d:cd:44:ae:1b:76
        hwaddr 02:7e:d0:00:06:0b
        inet 192.168.212.111 netmask 0xffffff00 broadcast 192.168.212.255
        nd6 options=1<PERFORMNUD>
        media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
        status: active
        groups: epair

Allow Raw_sockets is enabled in the Jail. Network is working if I set Interface to bridge0 or igb0.
 

martin481997

Dabbler
Joined
Jan 12, 2020
Messages
17
Freenas Version is 11.2-u7 and when I enable VNET it doesnt show up in network summary. My Mainboard is a Asus P11C-I with a Intel I210AT Controller and two RJ45 connectors. It was a fresh install and reinstalling and starting from zero didnt help.
This happens if i try to ping:


Code:
root@test:~ # ping google.com
ping: cannot resolve google.com: Host name lookup failure
root@test:~ # ping 192.168.212.1
PING 192.168.212.1 (192.168.212.1): 56 data bytes
^C
--- 192.168.212.1 ping statistics ---
56 packets transmitted, 0 packets received, 100.0% packet loss
root@test:~ # ping 192.168.212.100
PING 192.168.212.100 (192.168.212.100): 56 data bytes
^C
--- 192.168.212.100 ping statistics ---
7 packets transmitted, 0 packets received, 100.0% packet loss
 

martin481997

Dabbler
Joined
Jan 12, 2020
Messages
17
Tried now disabling the second NIC in BIOS it wont show now in Freenas and updating to Freenas 11.3 didnt help. I dont know what to do now. Everything seems right to me.:(
 

martin481997

Dabbler
Joined
Jan 12, 2020
Messages
17
Seems to be that the I210AT from Intel isnt working with VNET, created a virtual machine in Vmware on my Notebook and its working.
Is this possible?
 

Patrick M. Hausen

Hall of Famer
Joined
Nov 25, 2013
Messages
7,737
Hardly. Your bridge setup looks ok, but you should put an IP address on the bridge *or* on your physical interface. Then it would probably help if you post the output of this command:
Code:
iocage get all <jailname>


Patrick
 

martin481997

Dabbler
Joined
Jan 12, 2020
Messages
17
ok
Code:
root@freenas[~]# iocage get all Test
CONFIG_VERSION:26
allow_chflags:0
allow_mlock:0
allow_mount:0
allow_mount_devfs:0
allow_mount_fusefs:0
allow_mount_nullfs:0
allow_mount_procfs:0
allow_mount_tmpfs:0
allow_mount_zfs:0
allow_quotas:0
allow_raw_sockets:1
allow_set_hostname:1
allow_socket_af:0
allow_sysvipc:0
allow_tun:0
allow_vmm:0
assign_localhost:0
available:readonly
basejail:0
boot:0
bpf:0
children_max:0
cloned_release:11.3-RELEASE
comment:none
compression:lz4
compressratio:readonly
coredumpsize:off
count:1
cpuset:off
cputime:off
datasize:off
dedup:off
defaultrouter:192.168.212.1
defaultrouter6:auto
depends:none
devfs_ruleset:5
dhcp:0
enforce_statfs:2
exec_clean:1
exec_created:/usr/bin/true
exec_fib:0
exec_jail_user:root
exec_poststart:/usr/bin/true
exec_poststop:/usr/bin/true
exec_prestart:/usr/bin/true
exec_prestop:/usr/bin/true
exec_start:/bin/sh /etc/rc
exec_stop:/bin/sh /etc/rc.shutdown
exec_system_jail_user:0
exec_system_user:root
exec_timeout:60
host_domainname:none
host_hostname:Test
host_hostuuid:Test
host_time:1
hostid:1D80D50D-EDC8-439E-009C-A85E453D4185
hostid_strict_check:0
interfaces:vnet0:bridge0
ip4:new
ip4_addr:vnet0|192.168.212.110/24
ip4_saddrsel:1
ip6:new
ip6_addr:none
ip6_saddrsel:1
ip_hostname:0
jail_zfs:0
jail_zfs_dataset:iocage/jails/Test/data
jail_zfs_mountpoint:none
last_started:2020-01-12 17:02:10
localhost_ip:none
login_flags:-f root
mac_prefix:0dcd44
maxproc:off
memorylocked:off
memoryuse:off
mount_devfs:1
mount_fdescfs:1
mount_linprocfs:0
mount_procfs:0
mountpoint:readonly
msgqqueued:off
msgqsize:off
nat:0
nat_backend:ipfw
nat_forwards:none
nat_interface:none
nat_prefix:172.16
nmsgq:off
notes:none
nsem:off
nsemop:off
nshm:off
nthr:off
openfiles:off
origin:readonly
owner:root
pcpu:off
plugin_name:none
plugin_repository:none
priority:99
pseudoterminals:off
quota:none
readbps:off
readiops:off
release:11.3-RELEASE-p5
reservation:none
resolver:/etc/resolv.conf
rlimits:off
rtsold:0
securelevel:2
shmsize:off
stacksize:off
state:up
stop_timeout:30
swapuse:off
sync_state:none
sync_target:none
sync_tgt_zpool:none
sysvmsg:new
sysvsem:new
sysvshm:new
template:0
type:jail
used:readonly
vmemoryuse:off
vnet:1
vnet0_mac:0dcd441b34d2 0dcd441b34d3
vnet1_mac:none
vnet2_mac:none
vnet3_mac:none
vnet_default_interface:auto
vnet_interfaces:none
wallclock:off
writebps:off
writeiops:off
 

martin481997

Dabbler
Joined
Jan 12, 2020
Messages
17
If i set my jail to DHCP this happens
dhcp.PNG
 

martin481997

Dabbler
Joined
Jan 12, 2020
Messages
17
Ordered now a Intel 9301CT NIC cant be that this isnt running even after 2 Fresh installs and hours of research on my real Hardware and running instantly in VMs. Its arriving Tuesday hopefully this will fix my problem.
 
Joined
Jul 2, 2019
Messages
648
@martin481997 Hmmm... I've been fighting with VLANs and jails for about a month. I have a Supermicro X9DR3-LN4F+ that has a Intel i350 Quad port GbE controller. I have gotten the VLAN working if I put an IP address on the VLAN. You can do that from the Network | Interfaces menu. There has been some bugs reported about VLAN problems for FreeBSD (and also pfSense) where enabling "vlanhwtag" renders VLAN on i210/i350 not functional. I suspect that these are related. I'm looking forward to youre results with the 8310CT NIC which uses the Intel 82574L controller.
 

martin481997

Dabbler
Joined
Jan 12, 2020
Messages
17
After switching to Intel 9301CT all problems are gone and its running perfectly. Seems that the I210AT isnt working correctly in Freenas.
 

KevDog

Patron
Joined
Nov 26, 2016
Messages
462
@martin481997
Can you share how you were able to set up your VLANs and jails. I'm unfortunately stuck at this point.
 

martin481997

Dabbler
Joined
Jan 12, 2020
Messages
17
After it didnt work for me i made sure to follow this tutorial exactly:
And after I replaced my NIC it was instantly working.
 

martin481997

Dabbler
Joined
Jan 12, 2020
Messages
17
I see you motherboard is having the same NIC like mine, so I think you need a new NIC. I would recommend you to buy the another card like me, and better disable the I210AT in BIOS. I bought the Intel 9301CT which is now working fine.
 

KevDog

Patron
Joined
Nov 26, 2016
Messages
462
@martin481997
Not sure who your comment is directed towards..
 

martin481997

Dabbler
Joined
Jan 12, 2020
Messages
17
@KevDog to you.
Forgot to tag you, interestingly, you cannot edit or delete threads in this forum.
 

KevDog

Patron
Joined
Nov 26, 2016
Messages
462
I was able to get the FreeNAS/VLAN/Jail/VM amalgam all working on 11.2-U7.
I anyone reading this thread here are two links to my struggles:
 
Top