From wevers@cg.nu  Sun Mar 25 09:51:46 2001
Return-Path: <wevers@cg.nu>
Received: from cg.nu (a140117.upc-a.chello.nl [62.163.140.117])
	by hub.freebsd.org (Postfix) with ESMTP
	id 73ADF37B718; Sun, 25 Mar 2001 09:51:45 -0800 (PST)
	(envelope-from wevers@cg.nu)
Received: from localhost (localhost [127.0.0.1])
	by cg.nu (Postfix) with ESMTP
	id 4AA681317D; Sun, 25 Mar 2001 19:51:44 +0200 (CEST)
Received: by cg.nu (Postfix, from userid 1001)
	id 95ABC13173; Sun, 25 Mar 2001 19:51:38 +0200 (CEST)
Message-Id: <20010325175138.95ABC13173@cg.nu>
Date: Sun, 25 Mar 2001 19:51:38 +0200 (CEST)
From: wevers@cg.nu
Reply-To: wevers@cg.nu
To: FreeBSD-gnats-submit@freebsd.org
Cc: phk@freebsd.org
Subject: Localhost Problem's with 20+ jail's 
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         26078
>Category:       kern
>Synopsis:       Jails cannot connect to the main server and to there own local services
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Mar 25 10:00:02 PST 2001
>Closed-Date:    Thu Oct 24 18:26:36 PDT 2002
>Last-Modified:  Thu Oct 24 18:26:36 PDT 2002
>Originator:     Henk Wevers
>Release:        FreeBSD 4.3-RC i386
>Organization:
>Environment:
System: FreeBSD bofh.cg.nu 4.3-RC FreeBSD 4.3-RC #0: Sat Mar 24 14:01:40 CET 2001     root@bofh.cg.nu:/usr/obj/usr/src/sys/CG-SERVER  i386
CPU: Pentium III/Pentium III Xeon/Celeron (736.46-MHz 686-class CPU)
  Origin = "GenuineIntel"  Id = 0x683  Stepping = 3
  Features=0x383f9ff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE>
real memory  = 536788992 (524208K bytes)

fxp0: <Intel Pro 10/100B/100+ Ethernet> port 0xa800-0xa81f mem 0xe4800000-0xe48fffff,0xe6000000-0xe6000fff irq 10 at device 14.0 on pci0
fxp0: Ethernet address 00:a0:c9:a6:04:9c


>Description:

I have a server with 20+ jail's
Alway in one or more of the jail's i can not connect to it's own services.
like  telnet JailIP 25 is not possible(inside the jail), every service is working fine, and i can connect to ssh from outside the machine. Services like php-imap does not work because apache can not connect to the imap server. Again an connection to the imap server from outside the server is no problem.
This problem is here sinds Oktober 2000 with FreeBSD 4.x Stable.
Before Okt 2000 netstat -nr did give a jail ip the arp adresses to both the fxp device and the lo0 device.
With the kernel from Feb 26 2001 some off the arp entry's where gone.
I think that those where the jailIP's that did not could connect to there own services.

With the kernel of yesterday i did not see any lo0 devices with jailIP's in netstat -nr.
The problem is that after every reboot the jail with an "localhost" problem is not the same ipnumber!


>How-To-Repeat:
	
>Fix:

	
The workaround is to bind all the jailsIP's to lo0 (thanks to Poul-Henning Kamp)
and do a arp -s $jailip $MACfxp0 pub
Example:
ifconfig lo0 inet alias 10.10.10.224 netmask 255.255.255.255
arp -s 10.10.10.224 00:a0:c9:a6:04:9c pub

Henk Wevers
The Netherlands
>Release-Note:
>Audit-Trail:

From: Marc Perisa <perisa@porsche.de>
To: freebsd-gnats-submit@FreeBSD.org, wevers@cg.nu
Cc:  
Subject: Re: kern/26078: Jails cannot connect to the main server and to there
 own local services
Date: Wed, 29 May 2002 05:10:57 +0200

 Hi,
 
 does this problem still exists in a recent FreeBSD 4-STABLE system?
 
 Thanks
 
 Marc
 
 
 
 

From: Henk Wevers <henk@wevers.org>
To: Marc Perisa <perisa@porsche.de>
Cc: freebsd-gnats-submit@FreeBSD.org, wevers@cg.nu
Subject: Re: kern/26078: Jails cannot connect to the main server and to there
 own local services
Date: Wed, 29 May 2002 09:23:20 +0200

 No this problem can be closed.
 This is because in -STABLE it is not allowed anymore to make aliases in 
 the same netmask again with an /24 entry, it now must be for a alias /23
 
 Henk
 
 Marc Perisa wrote:
 > Hi,
 > 
 > does this problem still exists in a recent FreeBSD 4-STABLE system?
 > 
 > Thanks
 > 
 > Marc
 > 
 > 
 > 
 > 
 
 
State-Changed-From-To: open->closed 
State-Changed-By: iedowse 
State-Changed-When: Thu Oct 24 18:24:32 PDT 2002 
State-Changed-Why:  

Submitter says that this can be closed (apparently it was caused 
by an incorrect netmask on an interface alias address). 

http://www.freebsd.org/cgi/query-pr.cgi?pr=26078 
>Unformatted:
