asimov-solensan
Contributor
- Joined
- Oct 14, 2016
- Messages
- 113
Hello,
I'm doing some network segmentation at home and I have got FreeNAS connected on a trunk interface. The point here was to have jails and virtual machines in different vlans, but after many tries I'm unable to do this.
I expect it to work this way, I have got the tagged interface em0 connected to bridge bridge200. Then I have got a vlan interface named vlan17020 using parent interface tap17020, also attached to the bridge.
Relevant output from ifconfig:
Then on the jail I tried disabling VIMAGE and selecting NIC vlan17020. But even when I run the jail in question I got no connection to that jail, and still the status shows no carrier. And I thing that's the problem. I read that when a process uses a tap interface it becomes active, but running the jail does nothing.
Where I think the problem may be. I already have got a vlan interface created and configured on the same vlan. This is the one I use to mange FreeNAS in fact. Also I can see that jail configuration appears in the host OS, as you see in the ifconfig output there is the jail IP, and I guess that it can't have two addresses in the same subnet.
Does anyone have an idea on how to solve this problem?
I'm doing some network segmentation at home and I have got FreeNAS connected on a trunk interface. The point here was to have jails and virtual machines in different vlans, but after many tries I'm unable to do this.
I expect it to work this way, I have got the tagged interface em0 connected to bridge bridge200. Then I have got a vlan interface named vlan17020 using parent interface tap17020, also attached to the bridge.
Relevant output from ifconfig:
Code:
bridge200: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 ether 02:c8:7a:06:44:c8 nd6 options=9<PERFORMNUD,IFDISABLED> id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200 root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 member: tap17020 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 10 priority 128 path cost 2000000 member: em2 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 4 priority 128 path cost 2000000 member: tap200 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 9 priority 128 path cost 2000000 tap200: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=80000<LINKSTATE> ether 00:bd:03:f4:00:c8 nd6 options=9<PERFORMNUD,IFDISABLED> media: Ethernet autoselect status: active Opened by PID 8103 tap17020: flags=8903<UP,BROADCAST,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=80000<LINKSTATE> ether 00:bd:07:f4:00:7c nd6 options=9<PERFORMNUD,IFDISABLED> media: Ethernet autoselect status: no carrier vlan17020: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1496 ether 00:bd:07:f4:00:7c inet 192.169.0.3 netmask 0xffffffff broadcast 192.169.0.3 inet 192.168.17.20 netmask 0xffffff00 broadcast 192.168.17.255 nd6 options=9<PERFORMNUD,IFDISABLED> media: Ethernet autoselect status: no carrier vlan: 17 parent interface: tap17020
Then on the jail I tried disabling VIMAGE and selecting NIC vlan17020. But even when I run the jail in question I got no connection to that jail, and still the status shows no carrier. And I thing that's the problem. I read that when a process uses a tap interface it becomes active, but running the jail does nothing.
Where I think the problem may be. I already have got a vlan interface created and configured on the same vlan. This is the one I use to mange FreeNAS in fact. Also I can see that jail configuration appears in the host OS, as you see in the ifconfig output there is the jail IP, and I guess that it can't have two addresses in the same subnet.
Does anyone have an idea on how to solve this problem?
Last edited by a moderator: