On May 30, 2013, at 3:35 AM, Pietro Paolini wrote: Hello all,
I am a new bye on the FreeBSD and I am looking at the VIMAGE features experiencing some problems. I added the options : VIMAGE if_bridge and I removed STCP then I recompiled my kernel and install it. After that, following this tutorial http://imunes.tel.fer.hr/virtnet/eurobsdcon07_tutorial.pdf I tried the "Exercise 2" which consist on the following commands: vimage -c n1 vimage -c n2 ngctl mkpeer efface ether ether ngctl mkpeer efface ether ether Don't you just love autocorrect? (does the same thing to me… turns "eiface" into "efface") ngctl mkpeer em0: bridge lower link0 Looks good. ngctl name em0:lower bridge0 I usually do my "connect" before the "name"… but shouldn't matter. Should work all the same. ngctl connect em0: bridge0: upper link1 This looks wrong to me. I'd expect: ngctl connect em0: bridge0:lower upper link1 # The way I see most people using vimage… it seems like almost always a mistake to not hook the upper (unless you have very good reason to make the base machine inaccessible from the jails and vice-versa). Some missing points… # Make sure the bridged-interface is active ifconfig em0 up # Set promiscous mode and # don't override src addr ngctl msg em0: setpromisc 1 ngctl msg em0: setautosrc 0 ngctl connect ngeth0: bridge0: ether link2 ngctl connect ngeth1: bridge0: ether link3 Let's re-work this. Earlier you did 2x "mkpeer" to pre-create your eiface nodes. I don't do this, as it later requires a "connect" for each created peer. What you can do instead is _not_ perform those earlier commands (shown below): ngctl mkpeer eiface ether ether ngctl mkpeer eiface ether ether (followed by the above "connect" statements) But *instead*, you can actually do a contextual "mkpeer" that connects the nodes as they are created. For example… instead of this: ngctl mkpeer eiface ether ether ngctl mkpeer eiface ether ether ngctl connect ngeth0: bridge0: ether link2 ngctl connect ngeth0: bridge0: ether link3 (which doesn't look right to me, because I'm used to creating an ether edge between bridge:lower and the eiface) You can instead do: ngctl mkpeer em0:lower eiface link2 ether ngctl mkpeer em0:lower eiface link3 ether This simplifies 4 statements into 2. NOTE: I can't remember if "em0:lower" can be replaced with the new name of "bridge0" (that you created with "ngctl name em0:lower bridge0"). My scripts continue to use the raw name in the mkpeer statements even after a rename of the lower-link. You *may* be able to instead say "ngctl mkpeer bridge0: eiface link2 ether" etc.) vimage -i n1 ngeth0 e0 But my virtual interface on the n1 vimage does not receive any packet from the external network while I can see the packet go out from it. Try hooking changing your PHY->bridge hook to the lower and hooking your PHY upper into the bridge. For instance using DHCP, e0 on n1 sends DHCP packets but it does not receive the answers (which are send, I verified it from wireshark), in adding the ARP request for his IP address (if I try to add it statically) are not received then it can not answer. At the end of the line the question is: how can I make this "virtual network" and the external real network be able to communicate ? Thanks in advance. Wondering if you've given my solution a try… http://druidbsd.sf.net/vimage.shtml -- Devin _____________ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
