DI-604; jail does not see network
Hello folks! I've posted this in a couple of forums, but then found this one which looks very active!
Here is the problem. From inside the jail I can ping host and jail ip addresses, but the network is unreachable. Looking to do all kinds of fun things like test CRM packages that run with php or perl and apache, among other things. I'm going to need routine network access from the jails. (Used ezjail for setup and followed some of the common guides -- went smoothly up until network problem.)
I use a D-Link DI-604 broadband router/firewall, which has been very nice since every system can be setup with the same ip address, even if it is set to dhcp (allows dhcp, static ip, and static-dhcp). After first encountering the problem, I moved the server ip to a higher static ip. Also limited DHCP to a lower range, and set all possible ips there to static-DHCP. The jail ip is in the static ip range as well.
Static-DHCP requires unique MAC addresses -- this is what forced me to static ip addresses on the host and jail.
Yet I still cannot ping outside the system and package installations do not work.
Does anyone else have a functional jail behind a DI-604 router?
Also, I am wondering if the router is blocking aliasing because the MAC address is the same for host and any jails?
fwe0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8<VLAN_MTU> ether 02:01:99:03:9d:82 ch 1 dma -1 fwip0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500 lladdr 0.1.99.0.0.3.9d.82.a.2.ff.fe.0.0.0.0 nfe0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=10b<RXCSUM,TXCSUM,VLAN_MTU,TSO4> ether 00:19:21:ef:f5:c0 inet6 fe80::219:21ff:feef:f5c0%nfe0 prefixlen 64 scopeid 0x3 inet 192.168.0.120 netmask 0xffffffff broadcast 192.168.0.120 media: Ethernet autoselect (100baseTX <full-duplex>) status: active plip0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> metric 0 mtu 1500 lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=3<RXCSUM,TXCSUM> inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5 pflog0: flags=0<> metric 0 mtu 33152 pfsync0: flags=0<> metric 0 mtu 1460 syncpeer: 22.214.171.124 maxupd: 128 lagg0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=10b<RXCSUM,TXCSUM,VLAN_MTU,TSO4> ether 00:19:21:ef:f5:c0 inet 192.168.0.199 netmask 0xffffff00 broadcast 192.168.0.255 inet6 fe80::219:21ff:feef:f5c0%lagg0 prefixlen 64 scopeid 0x8 media: Ethernet autoselect status: active laggproto failover laggport: nfe0 flags=5<MASTER,ACTIVE> lo1: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=3<RXCSUM,TXCSUM> inet 10.1.1.1 netmask 0xffffff00
(192.168.0.199 is the host and .120 is the jail). domain and nameservers are in the resolv.conf of jail and host. jail rc.conf has default router (192.168.0.1) and jail starts up fine. (ssh to jail works from host)
Any help is much appreciated!
Last edited by Carpetsmoker; 2nd May 2010 at 09:31 PM. Reason: Added [code] tags
|Thread||Thread Starter||Forum||Replies||Last Post|
|minimal jail install with sysinstall||daemon-dd||FreeBSD General||3||16th September 2008 08:28 AM|
|Set time in Jail||tanked||FreeBSD General||5||22nd August 2008 01:51 PM|
|Getting around Jail IP Adresses||starbuck||FreeBSD Security||8||9th August 2008 01:15 AM|
|Internet access within jail||Weaseal||FreeBSD General||5||26th June 2008 02:45 PM|
|Network not working in my jail.||krreagan||FreeBSD Security||7||5th May 2008 11:43 PM|