Hi Vitaliy, One way could be to install arping from /ports/net/arping and see if you can reach the NIC on the border router from the LAN zone.
Cheers, -- On 04/06/2013 22:34, wishmaster wrote:
Hi. Since I setuped Jail for www stuff in server there are network problems. Router has 3 NIC's in bridge with aliases. cloned_interfaces="bridge0" ifconfig_bridge0="addm rl1 addm rl2 addm rl3 up" ifconfig_rl1="up -wol" ifconfig_rl2="up -wol" ifconfig_rl3="up -wol" ifconfig_bridge0_alias0="inet 10.11.1.1 netmask 255.255.255.0" ifconfig_bridge0_alias1="inet 10.12.1.1 netmask 255.255.255.0" ifconfig_bridge0_alias2="inet 10.13.1.1 netmask 255.255.255.0" ifconfig_bridge0_alias3="inet 10.14.1.1 netmask 255.255.255.192" ifconfig_bridge0_alias4="inet 10.15.1.1 netmask 255.255.255.0" Also I use PF for filtering traffic. There are a lot of rules. In two words: it is unable to reach any host in LAN and also any IP addresses on router, allowed access to Internet only. In other words Jail in original DMZ zone with IP 10.15.1.1. In random time (about one incident per-(2|3)days) the strange situations is occur: I am unable to ping/ftp/http from jail or from LAN any host in Internet. From/to router - it's ok. Restarting PF and jail seems to have no effect, only router's reboot. From pftop I see traffic, coming from jail or LAN but in the other way - no. Anybody can give me some help in debugging this situation and figure out the problem? OS: FreeBSD 9.1-STABLE #0: Fri Feb 22 20:51:16 EET 2013 i386 Cheers, Vitaliy _______________________________________________ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
_______________________________________________ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
