Joe <fbsd8@...> writes:
> Your 67.205.xx.xx ip address looks like a dynamic ip address that you > use dhcp to automatically obtain all the network configuration > information needed by your host. Static ip addresses don't work that > way. You have to manually configure the static network. If I remember > correctly, for a block of 3 assignable ip addresses you need a block of > 5 from your provider. The first and last ip address are used to config > the network. This address was provided and I manually configured the nic. > You never said if you have a firewall on your host. The firewall rules > maybe dropping unsolicited inbound traffic for those 174 prefixed ip > addresses. Try putting a pass all log from that NIC rule or just a log > all rule or turn off the firewall all together and see what happens. > Verify your NAT is not trying to NAT unsolicited inbound traffic for > those 174 prefixed ip addresses. I had no firewall installed on the machine as we were still setting up and usually only add firewalling last. Here is something interesting though, since compiling a custom kernel and including: device<><------>pf device<><------>pflog nooptions<----->sctp options><------>VIMAGE device ><------>epair device ><------>if_bridge options><------>NULLFS #firewall options MROUTING # Multicast routing options IPFIREWALL #firewall options IPFIREWALL_VERBOSE #enable logging to syslogd(8) options IPFIREWALL_VERBOSE_LIMIT=100 #limit verbosity options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by default options IPFIREWALL_FORWARD #packet destination changes options ACCEPT_FILTER_DATA options ACCEPT_FILTER_DNS options ACCEPT_FILTER_HTTP options ZERO_COPY_SOCKETS My JAILS now both receive and respond to traffic! This was the only change i remember making. Just running on firewall_type="OPEN" and have not even defined any other rules. So the problem seems solved, however still not sure what fixed it....!! Is NAT a requirement for Jail networking where the default gateway is not on the same subnet as the Jail? _______________________________________________ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
