VNET interface not attaching to jail

Farhan Khan

unread,

Jun 24, 2019, 4:39:42 PM6/24/19

to iocage

Hi all,

I am having trouble getting vnet jails to attach an interface. The jail will come up, but no interface attaches to the jail when I try to use vnet. Please note the lack of an interface:

Within the jail, I see this:

root@mytest1:~ # ifconfig -a
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
        inet 127.0.0.1 netmask 0xff000000
        groups: lo
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>

I have re1 attached to bridge2. I am attempting to create a vnet jail as follows:

[farhan@think ~]$ sudo iocage create -n mytest1 ip4_addr="vnet0:bridge2|192.168.3.2/24" -r 12.0-RELEASE vnet=on

When I start the jail and stop the jail, I see this:

[farhan@think ~]$ sudo iocage start mytest1
* Starting mytest1
+ Started OK
+ Using devfs_ruleset: 6
+ Configuring VNET OK
+ Starting services OK
+ Executing poststart OK
[farhan@think ~]$ sudo iocage stop mytest1
* Stopping mytest1
+ Executing prestop OK
+ Stopping services OK
+ Tearing down VNET FAILED
ifconfig: interface vnet0.23 does not exist
+ Removing devfs_ruleset: 6 OK
+ Removing jail process OK
+ Executing poststop OK

Note the "Tearing down: VNET FAILED" line.

I should add, non-vnet jails work perfectly fine.

My bridge2 is setup as follows:

[farhan@think ~]$ ifconfig bridge2
bridge2: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
        ether 02:ca:dd:02:9f:02
        id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
        maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
        root id 00:00:00:00:00:00 priority 0 ifcost 0 port 0
        member: re1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                ifmaxaddr 0 port 3 priority 128 path cost 55
        groups: bridge
        nd6 options=9<PERFORMNUD,IFDISABLED>

I am using the latest iocage version:

[farhan@think ~]$ iocage --version
Version 1.1 RELEASE 2019/01

What is causing VNET to fail?

Thanks,

Farhan

Brandon Schneider

unread,

Jun 24, 2019, 4:41:12 PM6/24/19

to Farhan Khan, iocage

Your vnet0:bridge2 configuration should actually be in the interfaces property. Not the ip4_addr.

ip4_addr would look like ip4_addr="vnet0|192.168.3.2/24” afterwards

Brandon

--
You received this message because you are subscribed to the Google Groups "iocage" group.
To unsubscribe from this group and stop receiving emails from it, send an email to iocage+un...@googlegroups.com.
To post to this group, send email to ioc...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/iocage/2b7707c4-7bab-4fa0-89d9-ab29cae6a5a9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

signature.asc

Farhan Khan

unread,

Jun 24, 2019, 4:49:08 PM6/24/19

to iocage

Hi Brandon, thanks for your prompt response. This still seems to fail.

-----------------------

[farhan@think ~]$ sudo iocage create -n mytest1 ip4_addr="vnet0|192.168.3.2/24" -r 12.0-RELEASE vnet=on
mytest1 successfully created!
[farhan@think ~]$ sudo iocage console mytest1
mytest1 is not running, starting jail

Stopped mytest1 due to VNET failure

-----------------------

My /etc/rc.conf has this line:

cloned_interfaces="bridge2"

(On a side note, curious how you got a signature block on Google groups)

To unsubscribe from this group and stop receiving emails from it, send an email to ioc...@googlegroups.com.

Brandon Schneider

unread,

Jun 24, 2019, 4:53:59 PM6/24/19

to Farhan Khan, iocage

Heh, not sure.

As for the issue, your /etc/rc.conf only sets up the bridge. You need to set the interface property for the jail to vnet0:bridge2

Brandon

To unsubscribe from this group and stop receiving emails from it, send an email to iocage+un...@googlegroups.com.

To post to this group, send email to ioc...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/iocage/2076ff36-062e-4c8e-9ea9-5e46d4c796f8%40googlegroups.com.

signature.asc

Farhan Khan

unread,

Jun 24, 2019, 4:59:44 PM6/24/19

to iocage

Perhaps I am misunderstanding the man page on how to do that. What am I failing to set in /etc/rc.conf to tell it to use vnet0:bridge2?

Brandon Schneider

unread,

Jun 24, 2019, 5:04:21 PM6/24/19

to ioc...@googlegroups.com

iocage set interfaces=“vnet0:bridge2” mytest1 :) not the hosts rc.conf

To unsubscribe from this group and stop receiving emails from it, send an email to iocage+un...@googlegroups.com.

To post to this group, send email to ioc...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/iocage/1c6c9342-fc74-4798-854b-208e024f56ea%40googlegroups.com.

Farhan Khan

unread,

Jun 24, 2019, 5:13:32 PM6/24/19

to iocage

I have a different error now, the jail is unable to start due to a VNET failure. I am using 12.0-RELEASE-p3, so VNET should be enabled by default and is in use by other non-iocage jails.

----------------------

[farhan@think ~]$ sudo iocage destroy mytest1

This will destroy jail mytest1

Are you sure? [y/N]: y
Destroying mytest1
[farhan@think ~]$ sudo iocage create -n mytest1 interfaces="vnet0:bridge2|192.168.3.2/24" -r 12.0-RELEASE vnet=on
mytest1 successfully created!

[farhan@think ~]$ sudo iocage start mytest1
* Starting mytest1
+ Started OK
+ Using devfs_ruleset: 6

ifconfig: interface bridge2|192.168.3.2/24 does not exist
+ Configuring VNET FAILED

Stopped mytest1 due to VNET failure
----------------------

Brandon Schneider

unread,

Jun 24, 2019, 5:23:49 PM6/24/19

to ioc...@googlegroups.com

You’re now combining interfaces and ip4_addr prop ;)

sudo iocage create -n mytest1 interfaces="vnet0:bridge2” ip4_addr=“vnet0:192.168.3.2/24" -r 12.0-RELEASE vnet=on

They’re separate domains :)

To unsubscribe from this group and stop receiving emails from it, send an email to iocage+un...@googlegroups.com.

To post to this group, send email to ioc...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/iocage/83195691-d208-4d0e-94e7-f2cb2ee6833c%40googlegroups.com.

Brandon Schneider

unread,

Jun 24, 2019, 5:25:32 PM6/24/19

to ioc...@googlegroups.com

Sorry that had a typo. (On mobile :P)

sudo iocage create -n mytest1 interfaces="vnet0:bridge2” ip4_addr=“vnet0|192.168.3.2/24" -r 12.0-RELEASE vnet=on

To view this discussion on the web visit https://groups.google.com/d/msgid/iocage/b28bf94e-4de1-4edc-8f24-d53bc77f1193%40www.fastmail.com.

Farhan Khan

unread,

Jun 24, 2019, 5:50:02 PM6/24/19

to iocage

That was it! I super super appreciate it!

Was this documented and I just did not combine the two?

To view this discussion on the web visit https://groups.google.com/d/msgid/iocage/83195691-d208-4d0e-94e7-f2cb2ee6833c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "iocage" group.

To unsubscribe from this group and stop receiving emails from it, send an email to ioc...@googlegroups.com.
To post to this group, send email to ioc...@googlegroups.com.

Brandon Schneider

unread,

Jun 24, 2019, 5:51:12 PM6/24/19

to ioc...@googlegroups.com

Yeah this is documented on the readthedocs but is a little cumbersome. Glad you got it going!

To unsubscribe from this group and stop receiving emails from it, send an email to iocage+un...@googlegroups.com.

To post to this group, send email to ioc...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/iocage/5c0a5a42-ae8a-4124-a5b2-0657e6737592%40googlegroups.com.

Reply all

Reply to author

Forward