Hello Dave, I had the same problem. I found out, that the system will crash, if I do the 'ifconfig epair0a destroy' direct after the 'jail -r'.
My solution is to sleep 2 seconds after the 'jail -r' command.
Maybe a little bit dirty.
Ole
Sun, 7 Jun 2020 21:59:03 -0400 - David Mehler <dave.meh...@gmail.com>:
> Hello,
>
> I've finally created a vnet jail on FreeBSD 12.1 that will get out to
> the internet. Whenever I atempt to shut it down the system crashes, I
> have no idea why.
>
> I found an example and adapted and pounded on it until I got it
> working. Here's my configuration. On the host:
>
> /etc/rc.conf fragment:
> cloned_interfaces="bridge0"
> ifconfig_bridge0="inet 192.168.122.1/24 addm vtnet0 up"
>
> #cat /etc/jail.conf
> exec.clean;
> exec.start = "/bin/sh /etc/rc";
> exec.stop = "/bin/sh /etc/rc.shutdown";
> mount.devfs;
> allow.raw_sockets;
> exec.system_user = "root";
> exec.jail_user = "root";
> vnet;
>
> jail1 {
> host.hostname = jail1.lan;
> path = "/jails/jail1";
> devfs_ruleset = "5";
> vnet.interface = "epair0b";
> exec.prestart = "ifconfig epair0 create up";
> exec.prestart += "ifconfig bridge0 addm epair0a";
> exec.poststop = "ifconfig bridge0 deletem epair0a";
> exec.poststop += "ifconfig epair0a destroy";
> exec.consolelog = "/var/log/jail_jail1_console.log";
> }
>
> ifconfig fragment:
> bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0
> mtu 1500 ether 02:e7:79:f2:c4:00
> inet 192.168.122.1 netmask 0xffffff00 broadcast
> 192.168.122.255 id 00:00:00:00:00:00 priority 32768 hellotime 2
> fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
> root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
> member: epair0a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
> ifmaxaddr 0 port 4 priority 128 path cost 2000
> member: vtnet0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
> ifmaxaddr 0 port 1 priority 128 path cost 2000
> groups: bridge
> nd6 options=9<PERFORMNUD,IFDISABLED>
> epair0a: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST>
> metric 0 mtu 1500
> options=8<VLAN_MTU>
> ether 02:ad:9b:f9:5e:0a
> inet6 fe80::ad:9bff:fef9:5e0a%epair0a prefixlen 64 scopeid 0x4
> groups: epair
> media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
> status: active
> nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
>
> In the vnet jail:
> # cat /etc/rc.conf
> hostname="jail1.lan"
> ifconfig_epair0b="inet 192.168.122.50 netmask 255.255.255.0"
> defaultrouter="192.168.122.1"
>
> I wish I knew why stopping this jail takes the whole system down,
> suggestions welcome.
> Thanks.
> Dave.
> _______________________________________________
> freebsd-jail@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-jail
> To unsubscribe, send any mail to
> "freebsd-jail-unsubscr...@freebsd.org"
pgpyQ3UsFFnOK.pgp
Description: Digitale Signatur von OpenPGP
