On Thu, Jul 12, 2012 at 9:04 PM, Herbert J. Skuhra <h.sku...@gmail.com> wrote: > On Thu, Jul 12, 2012 at 11:56 AM, joris dedieu <joris.ded...@gmail.com> wrote: >> 2012/7/12 Herbert J. Skuhra <h.sku...@gmail.com>: >>> On Wed, Jul 11, 2012 at 11:59 PM, Herbert J. Skuhra <h.sku...@gmail.com> >>> wrote: >>>> Hi, >>>> >>>> although I've followed the instructions in jail(8) and jail.conf(5) I >>>> cannot manage to setup jails on FreeBSD 9.0 STABLE (r238334). >>>> >>>> The symptons: >>>> >>>> * ssh'ing to jail works, but it takes about 20 seconds until password >>>> prompt appears >> >> Does it still the same with UseDNS=no in /etc/ssh/sshd_config ? > > No, I can login instantly. > >>>> * netstat -r in the jail takes about 150 seconds to finish >> >> Does netstat -rn does the same ? > > No, the output appears immediately. > >>>> * connections to the internet time out; with tcpdump I see that >>>> packets leave and enter the public interface on the host, but never >>>> reach the jail >>>> >>>> I use lo1 interface and ip address 192.168.1.1/24 for the jail. Public >>>> interface is fxp0 with both an IPv4 and an IPv6 address assigned. >>>> Of course, nat is enable via pf on the public interface. >> >> Can you post your PF configuration ? >>> >>> After switching to ipfw/natd networking in the jail works. >>> Could this be a bug? >> >> I think you had an issue with firewall that block name resolution and >> makes everything goes slow. At least you need one single line on your >> pf.conf : >> >> nat on $public_interface form $jail_ip to any -> ($public_interface) > > Even when loading only the nat rule it doesn't work: > > nat on fxp0 from 192.168.1.0/24 to any -> $ext_addr > > Thanks. > Herbert > _______________________________________________ > freebsd-j...@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-jail > To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
As Mark Felder wrote You don't have anything in /etc/resolv.conf, in the jail do you? :-) -- Med Venlig Hilsen Kalle R. Møller _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"