Re: FreeBSD 11 - BETA-1 Xen DOMU loses network when jail (VIMAGE) starts

From: Miguel C <miguelmclara_at_gmail.com>
Date: Tue, 9 Aug 2016 12:12:34 +0100
Melhores Cumprimentos // Best Regards
-----------------------------------------------
*Miguel Clara*
*IT - Sys Admin & Developer*

On Tue, Aug 9, 2016 at 9:55 AM, Roger Pau Monné <roger.pau_at_citrix.com>
wrote:

> On Sat, Jul 23, 2016 at 08:46:49PM +0100, Miguel C wrote:
> > Just as a note using netgraph (with jng script as a workaround) works....
> >
> > Also manually creating a bridge in the domu and adding xn0 as a member
> > makes this fail.... so the issue is indeed related to the bridge.
> >
> > I'll open a PR later in case someone want to look into it, but I'm happy
> it
> > works with netgraph.
>
> I seem to be able to use xn* interfaces with bridges without problems:
>
> xn0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0
> mtu 1500
>         options=3<RXCSUM,TXCSUM>
>         ether 00:16:3e:74:3d:76
>         nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
>         media: Ethernet manual
>         status: active
> bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu
> 1500
>         ether 02:77:3d:4a:18:00
>         inet 172.16.1.140 netmask 0xffffff00 broadcast 172.16.1.255
>         nd6 options=9<PERFORMNUD,IFDISABLED>
>         groups: bridge
>         id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
>         maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
>         root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
>         member: xn0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
>                 ifmaxaddr 0 port 2 priority 128 path cost 2000000
>
> Is this a GENERIC kernel or are you using some custom
> configuration/patches?
> Can you provide some more information about how to reproduce this?
>
> GENERIC + VIMAGE, but that's just it, no other custom changes or patches.

Note however that this is under a NetbBSD Dom0, and I see the "vifXX"
interface disappear in the Dom0 side when the bridge is create on FreeBSD
DomU.

I'm actually happy with netgraph, although I've never played with it, and
seems more complex, the script provide in /share/examples is perfect to use
with "jail.conf" and pf seems happy in FreeBSD-11 (which is not CURRENT,
should we move this to a different mailing list!?) too, no panics so far.

I suspect the main issue, since it works fine for you is the fact that this
is in a NetBSD Dom0.


> Roger.
>
Received on Tue Aug 09 2016 - 09:13:17 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:07 UTC