> On 12/12/2017 08:56 AM, Eugene Grosbein wrote: > > On 12.12.2017 09:31, Thomas Steen Rasmussen wrote: > > > >> After upgrading to r326782 I get the following error when trying to > >> delete the lo0 entry (I have an rc.d script to do it): > >> > >> $ sudo route delete 185.96.180.10 > >> route: writing to routing socket: Address already in use > >> delete host 185.96.180.10 fib 0: gateway uses the same route > >> $ > >> > >> What gives? What do I do now? :) > > You should be using jail+vnet in first place that allows you to get desired > > behaviour > > by assigning an interface to distinct jail. Take a look at jail(8) manual > > page > > for vnet and vnet.interface parameters. > > > Hello, > > Thanks, I am aware of vnet and it's uses. I am looking for the reason > why the current method doesn't work anymore. :) > Switching 50+ jails over to vnet is not something you "just do", the > rewriting of firewall rules alone will be quite a job. > > I am also pretty curious as to what people have been doing to solve this > over the last many years while waiting for vimage to become stable? Have > people just not been firewalling between jails?
The mistake is that the kernel is doing route decisions at all, that is the domain of a daemon and should of never been put in the kernel, for reasons exactly like this. What I have done on all my systems is I comment out all the loopback route code in the kernel and do the proper routing with either OSPF or BGP. find /sys/ | xargs grep maintain_loopback_route mostly can be fixed in net/if.c. This "routing policy" in the kernel just breaks things in so many ways. -- Rod Grimes rgri...@freebsd.org _______________________________________________ freebsd-net@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
