Hi all,
as some probably know we provide web hosting services and we use jails for that.
On some particular host we have 255 vnet jails all of which are connected to the
external interface of the host - renamed to "inet0" in our environment - via
if_bridge(4) and all managed with iocage.
root@ph003:~ # grep inet0 /iocage/jails/vpro*/config.json|wc -l
255
Of these 251 also have a second epair interface connected to a private bridge
named "priv1". These are used for connections to the central database server
which should not be exposed to the Internet.
root@ph003:~ # grep priv1 /iocage/jails/vpro*/config.json | wc -l
251
While looking for a different problem to my great suprise I found today that
ifconfig truncates the list of member interfaces for both bridge instances.
And both to the same value of 102, although the member numbers are (albeit
slightly)
different:
root@ph003:~ # ifconfig inet0|grep member:|wc -l
102
root@ph003:~ # ifconfig priv1 | grep member: | wc -l
102
All 255 jails are connected to the external network and perfectly reachable from
the Internet. That's why I conclude that the display is wrong, not the bridge
configuration.
What's happening here? Is this intentional or shall I file a bug report?
More importantly: either way is this only cosmetic or will we hit another
unexpected
limit of the number of interfaces that can be members of a bridge any time soon?
Kind regards,
Patrick
--
punkt.de GmbH
Patrick M. Hausen
infrastructure
Sophienstr. 187
76185 Karlsruhe
Tel. +49 721 9109500
https://infrastructure.punkt.de
i...@punkt.de
AG Mannheim 108285
Geschäftsführer: Daniel Lienert, Fabian Stein
