On 28/08/16 00:26, Ernie Luzar wrote:
Roger Leigh wrote:
In my case, I haven't set anything related to the loopback interface
lo0 for the jail. The host has working v4 and v6 loopback addresses.
The guest has only working v4. Why not for v6?
interface = "bge0";
ip4.addr = "192.168.1.12";
ip6.addr = "2001:8b0:860:ddbd:3aea:a7ff:feab:7002";
allow.raw_sockets = "1";
is the extent of the configuration. I specify both v4 and v6
addresses on bge0. I don't specify anything loopback-related, so why
is it mapping v4 and not v6? The discrepancy seems a little odd.
Is there a solution to the problem at present? What would the
recommended configuration in jail.conf be for obtaining working v4 and
v6 addresses on the loopback interface inside the jail?
Previously you posted this as your jail.conf
bfcpp {
host.hostname = "bfcpp.codelibre.net";
interface = "bge0";
ip4.addr = "192.168.1.12";
ip6.addr = "2001:8b0:860:ddbd:3aea:a7ff:feab:7002";
allow.raw_sockets = "1";
path = "/jail/bfcpp";
mount.devfs;
mount.fdescfs;
mount.procfs;
mount.fstab="/etc/fstab.bfcpp";
exec.start = "/bin/sh /etc/rc";
exec.stop = "/bin/sh /etc/rc.shutdown";
exec.clean;
exec.jail_user = "root";
exec.system_jail_user;
}
I see no reason for these
mount.fdescfs;
mount.procfs;
exec.clean;
exec.jail_user = "root";
exec.system_jail_user;
not the cause of your problem, just not needed.
Your assuming that ping6 is broken just because its having a problem
with localhost. Try ping6 against some other box on the lan using it's
ipv6 ip address.
I'm not assuming that ping6 is broken. The jail has a working v6 global
address. ping6 works fine to other hosts using global addresses, and I
can SSH into the jail from any v6 system using its AAAA record.
% host bfcpp.codelibre.net
bfcpp.codelibre.net has IPv6 address 2001:8b0:860:ddbd:3aea:a7ff:feab:7002
% ssh bfcpp.codelibre.net
Last login: Sat Aug 27 20:23:24 2016 from
7.5.2.1.f.5.e.f.f.f.c.4.4.a.2.6.d.b.d.d.0.6.8.0.0.b.8.0.1.0.0.2.ip6.arpa
FreeBSD 11.0-RC2 (GENERIC) #0 r304729: Wed Aug 24 06:59:03 UTC 2016
The fact that global IPv6 networking is functional is not really
relevant to the question I asked though.
What I can't do is ping6 the *localhost*, which I mentioned purely to
demonstrate the lack of a working v6 loopback, and hence I can't run v6
services on the localhost due to missing the v6 loopback. This is the
missing functionality I need, and the question I'm asking here which has
been unanswered is how to enable that.
You need to define the hosts ipv6 ip address to localhost in the hosts
/etc/hosts file.
You may also have to define the jails ipv6 ip address to localhost in
the jails /etc/hosts file.
This isn't what I want or need I'm afraid. I do require the loopback
working on v6 specifically, and not just a tweak to the localhost
hostname. Some of the services to be deployed in the jails run on the
public interfaces, some on the local loopback, and that type of hack
wouldn't be acceptable for deployment.
Is it possible to enable v6 loopback on lo0 in the jail using jail.conf?
Regards,
Roger
_______________________________________________
freebsd-jail@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
