# [FIX] Jails fail to start after recent update - How to fix



## Beeblebrox (Nov 7, 2012)

If your jails do not start and instead die with no error output, it could be an IPv6 issue. Solution here:
http://freebsd.1045724.n5.nabble.co...cent-update-fix-found-td5758573.html#a5758861


----------



## SirDice (Nov 7, 2012)

It's not an IPv6 issue, it's the lack of IPv6 that's the issue. The script should check for their existence. It'll fail in a similar fashion if you have an IPv6-only network (because ip4.addr would be undefined).


----------



## Beeblebrox (Nov 7, 2012)

If you have placed in your /etc/src.conf these:

```
WITHOUT_INET6=YES 
WITHOUT_INET6_SUPPORT=YES
```
You are going to have a bad time.


----------



## gkontos (Nov 7, 2012)

I am sorry but I fail to understand the problem here. Why would someone want to use:


```
WITHOUT_INET6=YES 
WITHOUT_INET6_SUPPORT=YES
```

And why is this related to IPv6 or jails?


----------



## Beeblebrox (Nov 7, 2012)

> And why is this related to IPv6 or jails?


Am I missing something?
First IPv6 - from Teh Handbook for example:


> options          INET6             #IPv6 communications protocols


So those 2 options are used to disable IPv6 and related functionality in world. As to the "why", that I think would be a personal choice (which is what FreeBSD is about in essence).

Since INET6 setting has influence on IPv6, the other question is what it has to do with jails: I don't konw for sure, but I would guess that since the proposed solution (link) removes the IPv6 reference and that since having applied the described solution my jails now start, I submit that there must be causality.

Regards...


----------



## usdmatt (Nov 7, 2012)

I don't know why someone would explicitly remove ipv6 support from a system but then it will most likely be years before most people actually need it so why not?

As for why it relates to jails, it looks like the jail rc script was changed 2012/08/19 to allow ipv6 configuration to be set during startup. If you have actually removed ipv6 support from your system with the make.conf options, this doesn't work so the script fails and the jail doesn't start. The fix is to manually remove the ipv6 options from the jail scripts but ideally they should detect a lack of ipv6 (or ipv4) and adjust the start command automatically. (That or the jail executable itself should be adjusted to ignore ip4.* ip6.* options if the support isn't there).


----------



## gkontos (Nov 7, 2012)

Beeblebrox said:
			
		

> Am I missing something?
> First IPv6 - from Teh Handbook for example:
> 
> So those 2 options are used to disable IPv6 and related functionality in world. As to the "why", that I think would be a personal choice (which is what FreeBSD is about in essence).



In the handbook link you provided, do you see anywhere saying that those options should be in your src.conf?

Let me give you an example. It is like not building SENDMAIL but trying to use it.


----------



## gkontos (Nov 7, 2012)

usdmatt said:
			
		

> I don't know why someone would explicitly remove ipv6 support from a system but then it will most likely be years before most people actually need it so why not?



I explicitly use IPv6 only to manage my remote servers when I don't have the option for a IPv4 VPN. 



			
				usdmatt said:
			
		

> As for why it relates to jails, it looks like the jail rc script was changed 2012/08/19 to allow ipv6 configuration to be set during startup. If you have actually removed ipv6 support from your system with the make.conf options, this doesn't work so the script fails and the jail doesn't start. The fix is to manually remove the ipv6 options from the jail scripts but ideally they should detect a lack of ipv6 (or ipv4) and adjust the start command automatically. (That or the jail executable itself should be adjusted to ignore ip4.* ip6.* options if the support isn't there).



Right, but still my question was why would someone use this in src.conf.


----------



## Beeblebrox (Nov 7, 2012)

> In the handbook link you provided, do you see anywhere saying that those options should be in your src.conf?


No, those knobs are optional my friend - as is almost everything else in FreeBSD.

And thanks again to SirDice for showing me how to use /etc/src.conf back in the day in the first place.


----------



## usdmatt (Nov 7, 2012)

@gkontos

From the src.conf(5) manpage:



> WITHOUT_INET6
> Set to not build programs and libraries related to IPv6 network-
> ing.  When set, it also enforces the following options:
> 
> WITHOUT_INET6_SUPPORT



People would use this if they want to build an ipv4 only system. According to the manpage you only actually need WITHOUT_INET6=YES.

You say you use ipv6 only, but this is about building an ipv4 only system.


----------



## Beeblebrox (Nov 7, 2012)

@gkontos: We are co-posting, so expect starnge results.



> Right, but still my question was why would someone use this in src.conf.



Could you then please share your preferred method to disable IPv6?



> Let me give you an example. It is like not building SENDMAIL but trying to use it.


That's the point - I don't want to use it and I am not using it.

@usdmatt: Yes you are right, disabling INET6 automatically disables INTE6-subservient services /functions. I just placed both of them together in the conf file, in case I fiddle with IPv6 in the future.


----------



## usdmatt (Nov 7, 2012)

> Let me give you an example. It is like not building SENDMAIL but trying to use it.



This makes it sound like you think people are trying to disable ipv6, but then use it. This is not the case. The jails fail to start at all without ipv6 support because it tries to pass 'ip6' options to the jail command, even if you haven't actually specified an ipv6 address. Look at the message linked in the original post, there is no attempt to set ipv6 config. This could cause headaches for people rebuilding world to 9.1 release/stable when it comes out who use jails, have ipv6 disabled, and haven't seen this thread.

As SirDice said right at the start, the script should check for ipv4 or ipv6 support and pass the relevant options, rather than always passing both. A simpler method would be to only pass ip4 options if there is only ipv4 addresses set for the jail in /etc/rc.conf, only ip6 options if there's just ipv6 addresses, or both if there's both, if you see what I mean.


----------



## gkontos (Nov 7, 2012)

Ok guys point taken. I obviously misunderstood the whole issue here. 

So, even if you disable IPv6 in the KERNEL and in src.conf the jails will refuse to start?


----------



## usdmatt (Nov 7, 2012)

Yes, /etc/rc.d/jail has been modified to always pass ip4.addr and ip6.addr options to the jail command, regardless of whether any addresses have been set for either, which unfortunately appears to cause the whole thing to fail if support for one or the other is not there. (Well lack of ipv4 support hasn't been confirmed to have the same problem but it's likely)


----------



## Beeblebrox (Nov 7, 2012)

> So, even if you disable IPv6 in the KERNEL and in src.conf the jails will refuse to start?



Yes, unfortunately the /usr/local/etc/rc.d/jail.sh script refuses to play along if IPv6 is disabled.


Here's a puppy to calm teh nerves:




I just need a dogshed for the little guy...


----------

