Hi guys, going by your wiki guide for setting up jail and plugins, I seem to have arrived at what I think may be a catch 22 in setting this up.
Background/Hardware
FreeNAS-8.3.0-RELEASE-p1-x64
Supermicro board with dual intel NICs, bridged (in process of upgrading to a new NAS and have the old connected to the new for moving stuff)
2Wire 3600HGV router from ATT
Jail version FreeNAS-8.3.0-RELEASE-x64.Plugins_Jail.pbi
So following the guide, I set up the jail with an ip of 192.168.1.253, 255.255.255.0 for the netmask, which is the IP range my router is serving DHCP from. 192.168.1.253 is not in use by another device. I have my router's IP (192.168.1.254) defined as the default gateway in the global config, but no DNS servers (not getting that far).
From inside the jail after setting/starting the jail up...
from outside the jail...
netstat from outside...
I see the second bridge was created, bridge1, but I don't see the router connected primary NIC as a member, am I likely correct in assuming this is the problem?
I saw in another thread someone suggesting adding the MAC of the virtual NIC into the router under the DHCP assignments, so as to rule out the router being the problem, but if that's the case I have a bit of a catch 22 since this router will only accept new MACs as DHCP, from which you can then assign a static address via the DHCP table. I tried setting the virtual NIC in the jail to DHCP but I got a error about BPF not existing so I suppose that's not possible without BPF?
Background/Hardware
FreeNAS-8.3.0-RELEASE-p1-x64
Supermicro board with dual intel NICs, bridged (in process of upgrading to a new NAS and have the old connected to the new for moving stuff)
2Wire 3600HGV router from ATT
Jail version FreeNAS-8.3.0-RELEASE-x64.Plugins_Jail.pbi
So following the guide, I set up the jail with an ip of 192.168.1.253, 255.255.255.0 for the netmask, which is the IP range my router is serving DHCP from. 192.168.1.253 is not in use by another device. I have my router's IP (192.168.1.254) defined as the default gateway in the global config, but no DNS servers (not getting that far).
From inside the jail after setting/starting the jail up...
Code:
jls JID IP Address Hostname Path 2 - plugins /mnt/media/jail/plugins [root@NAS] /mnt/media# jexec 2 csh plugins# ifconfig -a lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=3<RXCSUM,TXCSUM> inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1 nd6 options=3<PERFORMNUD,ACCEPT_RTADV> epair0b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8<VLAN_MTU> ether 02:cb:52:00:0f:0b inet 192.168.1.253 netmask 0xffffff00 broadcast 192.168.1.255 inet6 fe80::cb:52ff:fe00:f0b%epair0b prefixlen 64 scopeid 0x2 nd6 options=3<PERFORMNUD,ACCEPT_RTADV> media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>) status: active plugins# ping 192.168.1.254 PING 192.168.1.254 (192.168.1.254): 56 data bytes ping: sendto: Host is down ping: sendto: Host is down ping: sendto: Host is down ^C --- 192.168.1.254 ping statistics --- 8 packets transmitted, 0 packets received, 100.0% packet loss
from outside the jail...
Code:
[root@NAS] /mnt/media# ifconfig -a em0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=4219b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MAGIC,VLAN_HWTSO> ether 00:25:90:c2:86:60 inet 192.168.1.69 netmask 0xffffff00 broadcast 192.168.1.255 media: Ethernet autoselect (100baseTX <full-duplex>) status: active em1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=4219b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MAGIC,VLAN_HWTSO> ether 00:25:90:c2:86:61 inet 0.0.0.0 netmask 0xff000000 broadcast 255.255.255.255 media: Ethernet autoselect (1000baseT <full-duplex>) status: active lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=3<RXCSUM,TXCSUM> inet6 fe80::1%lo0 prefixlen 64 scopeid 0xb inet6 ::1 prefixlen 128 inet 127.0.0.1 netmask 0xff000000 nd6 options=3<PERFORMNUD,ACCEPT_RTADV> bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 ether 02:10:7d:6d:0b:00 inet 192.168.1.6 netmask 0xffffff00 broadcast 192.168.1.255 id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 100 timeout 1200 root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 member: em1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 6 priority 128 path cost 20000 member: em0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 5 priority 128 path cost 200000 bridge1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 ether 02:10:7d:6d:0b:01 id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 100 timeout 1200 root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 member: epair0a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 14 priority 128 path cost 2000 epair0a: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8<VLAN_MTU> ether 02:cb:52:00:0e:0a media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>) status: active
netstat from outside...
Code:
[root@NAS] /mnt/media# netstat -rn Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire 0.0.0.0/8 link#6 U 0 0 em1 => default 192.168.1.254 UGS 0 347 em0 127.0.0.1 link#11 UH 0 53605 lo0 192.168.1.0/24 link#5 U 0 162740 em0 192.168.1.6 link#12 UHS 0 0 lo0 192.168.1.69 link#5 UHS 0 81 lo0 Internet6: Destination Gateway Flags Netif Expire ::/96 ::1 UGRS lo0 ::1 link#11 UH lo0 ::ffff:0.0.0.0/96 ::1 UGRS lo0 fe80::%lo0/64 link#11 U lo0 fe80::1%lo0 link#11 UHS lo0 ff01::%lo0/32 fe80::1%lo0 U lo0 ff02::%lo0/32 fe80::1%lo0 U lo0
I see the second bridge was created, bridge1, but I don't see the router connected primary NIC as a member, am I likely correct in assuming this is the problem?
I saw in another thread someone suggesting adding the MAC of the virtual NIC into the router under the DHCP assignments, so as to rule out the router being the problem, but if that's the case I have a bit of a catch 22 since this router will only accept new MACs as DHCP, from which you can then assign a static address via the DHCP table. I tried setting the virtual NIC in the jail to DHCP but I got a error about BPF not existing so I suppose that's not possible without BPF?