On Mon, 12 Apr 2021 19:57:40 +0200
Michael Gmelin <free...@grem.de> wrote:
> On Mon, 12 Apr 2021 17:45:36 +0300
> Özkan KIRIK <ozkan.ki...@gmail.com> wrote:
>
> > root@f13:~ # jls -s -j client
> > devfs_ruleset=0 enforce_statfs=2 host=new ip4=inherit ip6=inherit
> > jid=2 name=client osreldate=1300139 osrelease=13.0-RC5 path=/
> > persist securelevel=-1 sysvmsg=disable sysvsem=disable
> > sysvshm=disable vnet=new allow.nochflags allow.nomlock allow.nomount
> > allow.mount.nodevfs allow.mount.noprocfs allow.mount.notmpfs
> > allow.noquotas allow.noraw_sockets allow.noread_msgbuf
> > allow.reserved_ports allow.set_hostname allow.nosocket_af
> > allow.suser allow.nosysvipc allow.unprivileged_proc_debug
> > children.max=0 host.domainname="" host.hostid=0 host.hostname=""
> > host.hostuuid=00000000-0000-0000-0000-000000000000
>
> I can reproduce the issue now, I'll try to dig deeper into it.
>
> -m
>
> [...snipsnap...]
>
Hi Özkan,
This is caused by ping using getaddrinfo to determine the address
family to be used. You can check this by running
getaddrinfo www.google.com
inside and outside of your jail and compare the results.
Inside your jail, inet6 entries are on top, while on your host, inet
entries are on top.
Configuration of address selection is done using /etc/rc.d/ip6addrctl,
which is enabled by default using a policy of AUTO (see
/etc/defaults/rc.conf).
As your simple jail doesn't call any rc scripts, your missing this step.
The easiest way to workaround the issue is to explicitly call:
service ip6addrctl start
after creating your vnet jail, or creating your vnet jail using:
jail -c name=client persist vnet vnet.interface=em1 \
exec.start="service ip6addrctl start"
Best,
Michael
--
Michael Gmelin
_______________________________________________
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
