Re: Jails - vnet- netgraph

Tue, 26 Jan 2021 09:54:31 -0800 

petru garstea wrote:

Greetings FreeBSD community,
   OS: FreeBSD sun 12.2-RELEASE-p1 FreeBSD 12.2-RELEASE-p1 GENERIC amd64
I am trying to build a netgraph vnet jail with support of official jng script that comes with FreeBSD and developed by Devin Teske. 

jail.conf file

netgraph {
  devfs_ruleset = 13;
  enforce_statfs = 2;
  exec.clean;
  exec.consolelog = /var/log/bastille/netgraph_console.log;
  exec.start = '/bin/sh /etc/rc';
  exec.stop = '/bin/sh /etc/rc.shutdown';
  host.hostname = netgraph;
  mount.devfs;
  mount.fstab = /usr/local/bastille/jails/netgraph/fstab;
  path = /usr/local/bastille/jails/netgraph/root;
  securelevel = 2;

  vnet;
  vnet.interface = e0b_bastille0;
# exec.prestart += "jib addm bastille0 re0";
# exec.poststop += "jib destroy bastille0";
  exec.prestart += "jng bridge netgraph re0";
  exec.poststop += "jng shutdown netgraph" ;
}

When I start the jail, netgraph subsystem raise the following exception

ngctl: send msg: No such file or directory
jail: netgraph: jng bridge netgraph re0: failed

I tried also to create the netgraph bridge with not using jng script

ngctl mkpeer re0: bridge lower link0
ngctl: send msg: No such file or directory
From what I found it looks it used to work on FreeBSD 11.x and stopped working in version 12. 

Any thoughts ?

Please advise


Cheers,

Petru Garstea



Don't see any reply so I will try to help you.
If I remember correctly the jib and jng was added as documentation back around freebsd 10.00. I have tried to get it to work 10+, 11+ ,12+ with no joy. There is something missing but can not tell what it is. The jail environment has gone through many changes over time so no wonder jib/jng don't work now.
Netgraph is a complete subsystem for network configuration that has it's own syntax and commands. The learning curve is pretty great. There is a outstanding bug and Devin Teske & (she) has taken up the bug. Hopping 13 holds the bug fix. 









_______________________________________________
freebsd-jail@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"

Reply via email to