Re: epair(4)

[Kristof Provost]

On 15 May 2025, at 21:40, Cy Schubert wrote:
In message <406249f9-b0fc-4e22-9402-683531321...@freebsd.org>, Kristof
Provost
writes:
On 15 May 2025, at 20:59, Cy Schubert wrote:
In message <20250515162552.9209b...@slippy.cwsent.com>, Cy Schubert 
wri=
tes:
Over the last couple of days epair(4) fails to set up when an IP 
addre=
ss is
specified.
bob# service jail onestart test2
Starting jails: cannot start jail  "test2":
epair0a
ifconfig: ioctl (SIOCAIFADDR): Invalid argument
jail: test2: /sbin/ifconfig epair0a inet 10.1.1.70 netmask 
0xffffff00 =
up:
failed
.
bob# ifconfig epair0a inet 10.1.1.70 netmask 0xffffff00
ifconfig: ioctl (SIOCAIFADDR): Invalid argument
bob# ifconfig epair0a inet up
bob#

This regression is caused by b61850c4e6f6.

Is epair0a a member of a bridge? If so, that=E2=80=99s a 
configuration er=
ror which is now prevented (by default).

Yes, epair0a, member of bridge0 is prevented from coming up.

My jail configuration:

test2 {
  $if                 = "0";                  # Jail ID number
  $ip_addr            = "10.1.1.71";      # Jail ipv4 address
  $netmask            = "0xffffff00";
  $ip_host            = "10.1.1.70";          # Gateway or host's ipv4
address
  $ip_route           = "10.1.1.254";          # Gateway or host's 
ipv4
address
  $ip6_addr           = "fc00:1:1:1::47";      # Jail ipv6 address
  $ip6_route          = "fc00:1:1:1::fffe";   # Gateway or host's ipv6
address
  vnet;
  vnet.interface      = "epair${if}b";
  allow.set_hostname  = "1";
  exec.prestart       = "/sbin/sysctl kern.sugid_coredump=1";
  exec.prestart       = "ifconfig epair${if} create up";
  exec.prestart      += "ifconfig bridge0 addm epair${if}a";
  # exec.prestart      += "ifconfig bridge0 addm sk0";
  exec.prestart      += "/sbin/ifconfig epair${if}a inet ${ip_host} 
netmask
${netmask} up";
  # exec.prestart      += "/sbin/route change -host ${ip_host} -iface
epair${if}a";
  # exec.prestart      += "/sbin/route add -host ${ip_addr} -iface
epair${if}a";
  exec.start          = "/sbin/ifconfig epair${if}b inet ${ip_addr} 
netmask
${netmask} up";
  exec.start         += "/sbin/ifconfig epair${if}b inet6 ${ip6_addr} 
up";
  exec.start         += "/sbin/route add default -gateway 
${ip_route}";
  exec.start         += "/sbin/route add -inet6 default -gateway
${ip6_route}";
  exec.start         += "/bin/sh /etc/rc";
  exec.stop           = "/bin/sh /etc/rc.shutdown";
  exec.poststop       = "ifconfig epair${if}a destroy";
  # exec.poststop      += "ifconfig bridge0 deletem sk0";
}


You’ll want to assign the IP address to the bridge, not to epair0a.
It’s less obvious with IPv4 than it would be with IPv6, but assigning 
the address to epair0a breaks multicast.

Best regards,
Kristof