https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=231773
Bug ID: 231773
Summary: Nested jails: "IPv4 addresses clash"
Product: Base System
Version: CURRENT
Hardware: Any
OS: Any
Status: New
Severity: Affects Some People
Priority: ---
Component: kern
Assignee: b...@freebsd.org
Reporter: k...@freebsd.org
I recently upgraded one of my stable/11 machines to head (so what will be
stable/12 soon), and ran into an issue with my nested jails setup.
I run standard (i.e. non-vnet) jails, by assigning e.g. 172.16.4.2 to the
parent jail, and starting a jail with that IP address from within that jail
(basically, so I can delegate a jailed setup to other people).
That used to work on stable/11, but now it failed with ‘IPv4 addresses clash’.
To the extent that I understand the relevant code it looks like we try to
verify that no other jail uses the address we’re trying to assign to the new
jail.
I think this block tries to ensure we start at either the host system or the
vnet jail that’s hosting us. I suspect that’s just wrong, because we don’t do
that if VIMAGE is not enabled (and there’s no need either, because this check
will already have been done for the parent jail).
#ifdef VIMAGE
for (; tppr != &prison0; tppr = tppr->pr_parent)
if (tppr->pr_flags & PR_VNET)
break;
#endif
I can work around the problem by resetting 'tppr = ppr;' just before the
FOREACH_PRISON_DESCENDANT() loop.
(The IPv6 code has exactly the same problem.)
Presumably the trigger for this is the enabling of VIMAGE in CURRENT.
--
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"
