bridged and routed jails are with not working network.

[UlasSAYGINIM]

Hi,

thank you for this work.

I tried to create jails both bridged and routed versions.

but for routed version i am not able to ping google.com or any other website.
I used resolv.conf
but no luck. but internal network was working.

I also tried bridged version but
in this case, i couldnt ping 10.0.2.2
but i can ping 10.0.2.101-102-103 from 101.
and still can not ping google.com o any outside from local network.

i didnt use nat or pf for any of them.
do i need to use nat ? i think for routed version didnt need.
but i couldnt be sure.

one another thing, how i can debug netgraph network to see it is going to outside of network?

I also tried other connection types for jails other than your script on another vm installations.,
but i couldnt find document for checking netgraph network properly.if you have any recommendations, i will be happy.

thanks in advance.

[genneko]

@UlasSAYGINIM Sorry for being so late. There was a series of sad events for me and I missed this issue.
Maybe it's too late but anyway I'm trying to answer your questions.

For routed version, you may need one of the following combinations.

• Enable IP forwarding and NAT on the jail host
• Enable IP forwarding on the jail host, and configure a route to the internal jail subnet on the external gateway

For bridged version, are you using a virtual machine for a jail host?
If yes, you might have to allow promiscuous mode on your vm's network interface.
Please take a look at my post on a FreeBSD forum.
https://forums.freebsd.org/threads/jail-vnet-problem.73903/#post-451498

For netgraph, the following links are almost all I got.

• Devin Teske - Jail Networking, MeetBSD 2016
  https://www.youtube.com/watch?v=aoW7pWuhT_A

• Daemon News: All About Netgraph
  https://people.freebsd.org/~julian/netgraph.html

• NetBSD: Introduction to NETGRAPH on FreeBSD Systems (PDF)
  http://www.netbsd.org/gallery/presentations/ast/2012_AsiaBSDCon/Tutorial_NETGRAPH.pdf

Hope this helps.