On 18 Mar 2020, at 15:15, Victor Sudakov wrote:

Dear Colleagues,
Is IPv6 in jails supposed to work? Does not work for me, what am I 
doing
wrong?

Here is a test jail:

test4 {
        path = /d02/jails/test4 ;
        mount.devfs;
        ip4 = new;
        ip6 = new;
        ip4.addr = 192.168.4.204/24;
        ip6.addr = 2001:470:ecba:3::4/64;
I usually do something like this:

        ip6.addr += "lo0|2001:db8:1234:5678::ef/128";

to add the single address out of a /64 to the loopback interface on the host and then pass it through to the jail. The /64 however is actually routed to my host so might not work if you have the /64 on the physical interface.
Given it is a jail without vnet you cannot assign a /64 to the jail, you 
want to just specify the address usually (plainly or as /128).

        host.hostname = test4.vas.sibptus.ru ;
        interface = re1 ;
        allow.raw_sockets = true ;
        exec.start = "/bin/sh /etc/rc";
        exec.stop = "/bin/sh /etc/rc.shutdown";
}

However when I look from inside the jail, I see the daemons listening
only on IPv4:

root@test4:/ # sockstat -l
USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS
root     sendmail   17178 3  tcp4   192.168.4.204:25      *:*
root     sshd       17175 3  tcp4   192.168.4.204:22      *:*
root     syslogd    17110 5  udp4   192.168.4.204:514     *:*

If I "ssh 2001:470:ecba:3::4" from outside, I get into the host instead
of the jail (because 2001:470:ecba:3::4 *is* assigned to re1, but not
available inside the jail).
One thing to check first is ifconfig inside the jail does see the 
address?

/bz

_______________________________________________
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"

Reply via email to