Hi Ernie,
jib script is working fine, however in my current setup I need to
emulate bridge interface with netgraph subsystem, I tried to manage that
part with jng script with no luck then I decided to create the netgraph
bridge manually using ngctl client and in the end the result was the same.
In the recent FreeBSD magazines it was mentioned that "bridging" was
refactored and I would like to know if that might be impacted the
netgraph bridge.
Please advise
Cheers,
Petru Garstea
On 1/26/21 12:53 PM, Ernie Luzar wrote:
petru garstea wrote:
Greetings FreeBSD community,
   OS: FreeBSD sun 12.2-RELEASE-p1 FreeBSD 12.2-RELEASE-p1
GENERICÂ amd64
I am trying to build a netgraph vnet jail with support of official
jng script that comes with FreeBSD and developed by Devin Teske.
jail.conf file
netgraph {
 devfs_ruleset = 13;
 enforce_statfs = 2;
 exec.clean;
 exec.consolelog = /var/log/bastille/netgraph_console.log;
 exec.start = '/bin/sh /etc/rc';
 exec.stop = '/bin/sh /etc/rc.shutdown';
 host.hostname = netgraph;
 mount.devfs;
 mount.fstab = /usr/local/bastille/jails/netgraph/fstab;
 path = /usr/local/bastille/jails/netgraph/root;
 securelevel = 2;
 vnet;
 vnet.interface = e0b_bastille0;
# exec.prestart += "jib addm bastille0 re0";
# exec.poststop += "jib destroy bastille0";
 exec.prestart += "jng bridge netgraph re0";
 exec.poststop += "jng shutdown netgraph" ;
}
When I start the jail, netgraph subsystem raise the following exception
ngctl: send msg: No such file or directory
jail: netgraph: jng bridge netgraph re0: failed
I tried also to create the netgraph bridge with not using jng script
ngctl mkpeer re0: bridge lower link0
ngctl: send msg: No such file or directory
From what I found it looks it used to work on FreeBSD 11.x and
stopped working in version 12.
Any thoughts ?
Please advise
Cheers,
Petru Garstea
Don't see any reply so I will try to help you.
If I remember correctly the jib and jng was added as documentation
back around freebsd 10.00. I have tried to get it to work 10+, 11+
,12+ with no joy. There is something missing but can not tell what it
is. The jail environment has gone through many changes over time so no
wonder jib/jng don't work now.
Netgraph is a complete subsystem for network configuration that has
it's own syntax and commands. The learning curve is pretty great.
There is a outstanding bug and Devin Teske & (she) has taken up the
bug. Hopping 13 holds the bug fix.
_______________________________________________
freebsd-jail@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
