# Proper configuration for jails and routing table?



## wonslung (Nov 13, 2013)

I am running two jails on lo1 which *I* created using cloned_interfaces in my /etc/rc.conf.

Here is the valid section of my /etc/rc.conf


```
cloned_interfaces="lo1"
ifconfig_lo1="inet 10.0.0.1 netmask 255.255.255.255"
ifconfig_lo1_alias0="inet 10.0.0.2 netmask 255.255.255.255"
```

When I run `netstat -nr` I notice that my *Destination* and my *Gateway* on one of the jails is the same.


```
Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use  Netif Expire
default            9x.xxx.xxx.1       UGS         0 12493108    em1
[B]10.0.0.1[/B]           [B]10.0.0.1[/B]             UH          0     2726    lo1
10.0.0.2           link#5           UH          0   346223    lo1
9x.xxx.xxx.0/24    link#2             U           0      104    em1
9x.xxx.xxx.xx4     link#2             UHS         0        0    lo0
127.0.0.1          link#4             UH          0   102426    lo0
192.168.1.0/24     link#1             U           0 217906260    em0
192.168.1.1        link#1             UHS         0    19552    lo0
```

When I manually remove *10.0.0.1* with `ifconfig` and re-add it, the routing table automatically changes, and the other address on lo1 has the same issue:


```
Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use  Netif Expire
default            96.238.189.1       UGS         0 12493108    em1
10.0.0.1           link#5             UH          0     2726    lo1
[B]10.0.0.2[/B]           [B]10.0.0.2[/B]           UH          0   346223    lo1
96.238.189.0/24    link#2             U           0      104    em1
96.238.189.194     link#2             UHS         0        0    lo0
127.0.0.1          link#4             UH          0   102426    lo0
192.168.1.0/24     link#1             U           0 217906260    em0
192.168.1.1        link#1             UHS         0    19552    lo0
```

I'm pretty sure this is causing me problems with some of the applications *I*'m running in the jail.  I think it may also be causing issues with applications running on the host. Any help would be greatly appreciated.


----------



## kpa (Nov 13, 2013)

Why do you think it's a problem? What are the problems you're experiencing with the applications running in the jail?


----------



## wonslung (Nov 14, 2013)

I've seen logs on the host system with IP mappings appearing to originate from the jail IP, when in fact they originated from 127.0.0.1 or 192.168.1.1. I'm also having an issue where munin-node running inside of the jail appeared to have the same data as munin-node running on the host system. (I know this worked properly in 9.2).

I am not sure this is the cause, but it seemed a likely candidate to me.


----------

