# My jails are not seeing the network.



## paulfrottawa (Dec 4, 2008)

I used this example 

http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/jails-application.html

______________________

FreeBSD i386.localhost.bsd 7.0-RELEASE-p6 FreeBSD 7.0-RELEASE-p6 #0: Tue Dec  2 20:35:28 EST 2008     paul@i386.localhost.bsd:/usr/obj/usr/src/sys/GENERIC  i386

___________________________________________
i386# jls
   JID  IP Address      Hostname                      Path
     3  192.168.0.77    http://www.example.org              /usr/home/j/www
     2  192.168.0.18    mail.example.org                        /usr/home/j/mail
     1  192.168.0.17    ns.example.org                          /usr/home/j/ns


----------



## anomie (Dec 4, 2008)

How have you determined they're not seeing the network? 

Please post your jail-related rc.conf entries: 

*# grep 'jail' /etc/rc.conf*


----------



## SirDice (Dec 4, 2008)

Do realize that you can't use ping inside a jail as it needs raw sockets.


----------



## paulfrottawa (Dec 4, 2008)

anomie said:
			
		

> How have you determined they're not seeing the network?
> 
> Please post your jail-related rc.conf entries:
> 
> *# grep 'jail' /etc/rc.conf*



I tried a few test like pkg_add -r nano from inside the jail.

___________________________
i386# grep 'jail' /etc/rc.conf
jail_enable="YES"
jail_set_hostname_allow="NO"
jail_list="ns mail www"
jail_ns_hostname="ns.example.org"
jail_ns_ip="192.168.0.17"
jail_ns_rootdir="/usr/home/j/ns"
jail_ns_devfs_enable="YES"
jail_mail_hostname="mail.example.org"
jail_mail_ip="192.168.0.18"
jail_mail_rootdir="/usr/home/j/mail"
jail_mail_devfs_enable="YES"
jail_www_hostname="www.example.org"
jail_www_ip="192.168.0.77"
jail_www_rootdir="/usr/home/j/www"
jail_www_devfs_enable="YES"


----------



## Mel_Flynn (Dec 4, 2008)

paulfrottawa said:
			
		

> I tried a few test like pkg_add -r nano from inside the jail.



And pkg_add told you what exactly? The error message matters.


----------



## anomie (Dec 4, 2008)

paulfrottawa said:
			
		

> ...
> jail_ns_hostname="ns.example.org"
> jail_ns_ip="192.168.0.17"
> ...



Can you also post *ifconfig* output? (i.e. Let's confirm aliases are set up.)

Since those jails are on private IP space, how are you handling NAT?


----------



## paulfrottawa (Dec 4, 2008)

ns# pkg_add -r nano
Error: FTP Unable to get ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7.0-release/Latest/nano.tbz: No address record
pkg_add: unable to fetch 'ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7.0-release/Latest/nano.tbz' by URL
______________________________________________________

xl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=9<RXCSUM,VLAN_MTU>
        ether 00:06:5b:40:a7:c6
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
plip0: flags=108810<POINTOPOINT,SIMPLEX,MULTICAST,NEEDSGIANT> metric 0 mtu 1500
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
_________________________________________________________

sysinstall/configure/networking/interfaces

No network device available. PUSH[OK]



_____________________________________________

i had this in and out in /etc/rc.conf (jail directory)

network_interfaces=""
rpcbind_enable="NO"
sshd_enable="YES"
syslogd_flags="-ss"

copied from  ~http://dfwlpiki.dfwlp.org/index.php/Creating_and_Managing_A_Jailed_Virtual_Host_in_FreeBSD


----------



## Sylhouette (Dec 4, 2008)

Show the whole content of your /etc/rc.conf file.!!

i guess you will need the alias on your interface


```
ifconfig_bge0="inet 192.168.0.200  netmask 255.255.255.0"
ifconfig_bge0_alias0="inet 192.168.0.17  netmask 255.255.255.255"
ifconfig_bge0_alias1="inet 192.168.0.18  netmask 255.255.255.255"
ifconfig_bge0_alias2="inet 192.168.0.77  netmask 255.255.255.255"
```

change bge0 to the interface you running with xl0 in your case, if your output is right.
(this is in the /etc/rc.conf file of the jailhost!!!)


also make sure there is a /etc/resolv.conf file in every jail.

regards,
Johan Hendriks


----------



## paulfrottawa (Dec 4, 2008)

# This file now contains just the overrides from /etc/defaults/rc.conf.
hostname="i386.localhost.bsd"
ifconfig_xl0="DHCP"
ipv6_enable="YES"
keymap="us.iso"
sshd_enable="YES"

jail_enable="YES"
jail_set_hostname_allow="NO"
jail_list="ns mail www"
jail_ns_hostname="ns.example.org"
jail_ns_ip="192.168.0.17"
jail_ns_rootdir="/usr/home/j/ns"
jail_ns_devfs_enable="YES"
jail_mail_hostname="mail.example.org"
jail_mail_ip="192.168.0.18"
jail_mail_rootdir="/usr/home/j/mail"
jail_mail_devfs_enable="YES"
jail_www_hostname="www.example.org"
jail_www_ip="192.168.0.77"
jail_www_rootdir="/usr/home/j/www"
jail_www_devfs_enable="YES"

# -- sysinstall generated deltas -- # Wed Dec  3 08:44:11 2008
ifconfig_xl0="DHCP"
ipv6_enable="YES"
hostname="i386.localhost.bsd"

#ifconfig_xl0="inet 192.168.0.197  netmask 255.255.255.128"
#ifconfig_xl0_alias0="inet 192.168.0.17  netmask 255.255.255.128"
#ifconfig_xl0_alias1="inet 192.168.0.18  netmask 255.255.255.128"
#ifconfig_xl0_alias2="inet 192.168.0.77  netmask 255.255.255.128"

____________________________________________________

I'm going to set the last lines to the same netmask you used and try that again.

__________________________________

Yeh no /etc/resolve


amd.map                 login.access            profile
apmd.conf               login.conf              protocols
auth.conf               login.conf.db           pwd.db
bluetooth               mac.conf                rc
crontab                 mail                    rc.bsdextended
csh.cshrc               mail.rc                 rc.conf
csh.login               make.conf               rc.d
csh.logout              manpath.config          rc.firewall
defaults                master.passwd           rc.firewall6
devd.conf               motd                    rc.initdiskless
devfs.conf              mtree                   rc.resume
dhclient.conf           netconfig               rc.sendmail
disktab                 netstart                rc.shutdown
dumpdates               network.subr            rc.subr
fbtab                   networks                rc.suspend
freebsd-update.conf     newsyslog.conf          remote
ftpusers                nscd.conf               rpc
gettytab                nsmb.conf               security
gnats                   nsswitch.conf           services
group                   ntp                     shells
gss                     opieaccess              skel
host.conf               pam.d                   snmpd.config
hosts                   passwd                  spwd.db
hosts.allow             pccard_ether            ssh
hosts.equiv             periodic                ssl
hosts.lpd               pf.os                   sysctl.conf
inetd.conf              phones                  syslog.conf
isdn                    portsnap.conf           ttys
libalias.conf           ppp                     zfs


----------



## anomie (Dec 4, 2008)

@Sylhouette: He has xl ethernet card (not bg). 

@paulfrottawa: It looks like you have not set up networking at all. You will need entries similar to those posted by Sylhouette, except use, e.g.: 
*ifconfig_xl0=...*

You'll also want to set *defaultrouter* and *hostname* in /etc/rc.conf. If you run into trouble, post the whole rc.conf file.

---

edit: I was too slow. 

@paulfrottawa: are you _required_ to be a dhcp client in your environment? That will change the advice given here...


----------



## paulfrottawa (Dec 4, 2008)

amd.map                 login.access            profile
apmd.conf               login.conf              protocols
auth.conf               login.conf.db           pwd.db
bluetooth               mac.conf                rc
crontab                 mail                    rc.bsdextended
csh.cshrc               mail.rc                 rc.conf
csh.login               make.conf               rc.d
csh.logout              manpath.config          rc.firewall
defaults                master.passwd           rc.firewall6
devd.conf               motd                    rc.initdiskless
devfs.conf              mtree                   rc.resume
dhclient.conf           netconfig               rc.sendmail
disktab                 netstart                rc.shutdown
dumpdates               network.subr            rc.subr
fbtab                   networks                rc.suspend
freebsd-update.conf     newsyslog.conf          remote
ftpusers                nscd.conf               rpc
gettytab                nsmb.conf               security
gnats                   nsswitch.conf           services
group                   ntp                     shells
gss                     opieaccess              skel
host.conf               pam.d                   snmpd.config
hosts                   passwd                  spwd.db
hosts.allow             pccard_ether            ssh
hosts.equiv             periodic                ssl
hosts.lpd               pf.os                   sysctl.conf
inetd.conf              phones                  syslog.conf
isdn                    portsnap.conf           ttys
libalias.conf           ppp                     zfs


----------



## paulfrottawa (Dec 4, 2008)

I'll get onto the defaultrouter and hostname thx

I suppose I would need advice for the resolve file.


----------



## Sylhouette (Dec 4, 2008)

@anomie look at the line below the ifconfig lines 

try the following (i see you have comment out the desired rules)

make sure the default router adres is the adres of your router/gateway

Secondly why a 25 bits mask (255.255.255.128) cant you use a 24 bits mask!(255.255.255.0)


```
hostname="i386.localhost.bsd"
defaultrouter="192.168.0.1"   
ifconfig_xl0="inet 192.168.0.197 netmask 255.255.255.128"
ifconfig_xl0_alias0="inet 192.168.0.17 netmask 255.255.255.255"
ifconfig_xl0_alias1="inet 192.168.0.18 netmask 255.255.255.255"
ifconfig_xl0_alias2="inet 192.168.0.77 netmask 255.255.255.255"
```
make sure that you have no multiple lines in your /etc/rc.conf file.
the last line is used in this case
and the alias# lines must always be alias0, alias1, alias2, alias3 and so on.
You can not leave a number out, if you going to delete a line (or comment it out) you need to edit the other line so that it staill goes 0 1 2 3 and so on.




the /etc/resolv.conf file has nothing more than your name servers in it and also maybe your domain
domain localhost.bsd is not a must
change the ip adresses to the one from your ISP

```
domain  localhost.bsd
nameserver      194.109.6.66
nameserver      194.109.9.99
```


----------



## anomie (Dec 4, 2008)

Sylhouette said:
			
		

> @anomie look at the line below the ifconfig lines ]
> 
> Whoops, you are correct. Don't mind me.


----------



## paulfrottawa (Dec 4, 2008)

anomie said:
			
		

> Whoops, you are correct. Don't mind me.



sound like i should just do a rebuild and start over.

nonething worked I re done some /etc/rc.conf here.




> # -- sysinstall generated deltas -- # Tue Dec  2 05:06:49 2008
> # Created: Tue Dec  2 05:06:49 2008
> # Enable network daemons for user convenience.
> # Please make all changes to this file, not to /etc/defaults/rc.conf.
> ...


----------



## Mel_Flynn (Dec 5, 2008)

paulfrottawa said:
			
		

> ns# pkg_add -r nano
> Error: FTP Unable to get ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7.0-release/Latest/nano.tbz: *No address record*



On host:

```
for dir in /usr/home/j/*/etc; do
    cp /etc/resolv.conf ${dir}
done
```

It has nothing to do with interfaces, routing is non-existent in jails. If the host can get to the internet so can jails.


----------



## SirDice (Dec 5, 2008)

The aliases aren't needed either. The jail startup script takes care of that, hence the jail_<name>_ip.


----------



## paulfrottawa (Dec 5, 2008)

i386# i386# cp /etc/resolv.conf ${dir}
dir: Undefined variable.
dir: Undefined variable.


Ok I got a new install nothing else. I just did a new install last night. sync src, rebuild world and used -DNO_PROFILE (something different).

Then build my jails with this example: 
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/jails-application.html

I'm going to wait a minute before I guess the (dir) but i suppose its this /usr/home/js/ns/etc


----------



## paulfrottawa (Dec 5, 2008)

# -- sysinstall generated deltas -- # Thu Dec  4 13:05:43 2008
# Created: Thu Dec  4 13:05:43 2008
# Enable network daemons for user convenience.
# Please make all changes to this file, not to /etc/defaults/rc.conf.
# This file now contains just the overrides from /etc/defaults/rc.conf.
keymap="us.iso"
# -- sysinstall generated deltas -- # Thu Dec  4 18:09:55 2008
ifconfig_xl0="inet 192.168.0.15  netmask 255.255.255.0"
defaultrouter="192.168.0.1"
sshd_enable="YES"
hostname="i386.localhost.bsd"
jail_enable="YES"
jail_set_hostname_allow="NO"
jail_list="ns mail www"
jail_ns_hostname="ns.example.org"
jail_ns_ip="192.168.0.17"
jail_ns_rootdir="/usr/home/j/ns"
jail_ns_devfs_enable="YES"
jail_mail_hostname="mail.example.org"
jail_mail_ip="192.168.0.18"
jail_mail_rootdir="/usr/home/j/mail"
jail_mail_devfs_enable="YES"
jail_www_hostname="www.example.org"
jail_www_ip="192.168.0.19"
jail_www_rootdir="/usr/home/j/www"
jail_www_devfs_enable="YES"


----------



## paulfrottawa (Dec 5, 2008)

i386# cp /etc/resolv.conf /usr/home/js/ns/etc
_____________________________________________________

i386# jexec 1 tcsh
ns# pkg_add -r nano
Error: FTP Unable to get ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7.0-release/Latest/nano.tbz: No address record
pkg_add: unable to fetch 'ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7.0-release/Latest/nano.tbz' by URL

_____________________

It did copy I just checked and this is what was in it

domain  localhost.bsd
nameserver      192.168.0.1


----------



## paulfrottawa (Dec 5, 2008)

success
L: 1 C: 1 =====================================================================

# -- sysinstall generated deltas -- # Thu Dec  4 13:05:43 2008
# Created: Thu Dec  4 13:05:43 2008
# Enable network daemons for user convenience.
# Please make all changes to this file, not to /etc/defaults/rc.conf.
# This file now contains just the overrides from /etc/defaults/rc.conf.
keymap="us.iso"
# -- sysinstall generated deltas -- # Thu Dec  4 18:09:55 2008
#ifconfig_xl0="inet 192.168.0.15  netmask 255.255.255.0"
defaultrouter="192.168.0.1"
sshd_enable="YES"
hostname="i386.localhost.bsd"
jail_enable="YES"
jail_set_hostname_allow="NO"
jail_list="ns mail www"
jail_ns_hostname="ns.example.org"
jail_ns_ip="192.168.0.17"
jail_ns_rootdir="/usr/home/j/ns"
jail_ns_devfs_enable="YES"
jail_mail_hostname="mail.example.org"
jail_mail_ip="192.168.0.18"
jail_mail_rootdir="/usr/home/j/mail"
jail_mail_devfs_enable="YES"
jail_www_hostname="www.example.org"
jail_www_ip="192.168.0.19"
jail_www_rootdir="/usr/home/j/www"
jail_www_devfs_enable="YES"
hostname="i386.localhost.bsd"
defaultrouter="192.168.0.1"
ifconfig_xl0="inet 192.168.0.15 netmask 255.255.255.128"
ifconfig_xl0_alias0="inet 192.168.0.17 netmask 255.255.255.255"
ifconfig_xl0_alias1="inet 192.168.0.18 netmask 255.255.255.255"
ifconfig_xl0_alias2="inet 192.168.0.19 netmask 255.255.255.255"


Thank you all.


----------

