Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

TrueNAS CORE jail does not start with link local + scope as the IPv6 default gateway

Description

Hi folks,

when specifying the default gateway for a statically configured jail with IPv6 as link local address + scope - which is common (even considered best by some) practice, the jail fails to start.

See screenshot for configuration, please. The error message is this:

root@freenas[~]# iocage start rdp

  • Starting rdp
    + Started OK
    + Using devfs_ruleset: 1003 (iocage generated default)
    + Configuring VNET FAILED
    route: writing to routing socket: Network is unreachable
    add net default: gateway fe80::3eec:efff:fe00:5430%epair0b fib 0: Network is unreachable

My guess is that in the resulting jail the link local address is missing. That would require the auto_linklocal flag in addition to the address. The UI won't let me enter that.

Kind regards,
Patrick

Problem/Justification

None

Impact

None

Activity

Louis 
December 15, 2021 at 3:36 PM

Hello,

I repeat my comment here under the new Jira number and will also attach

Hello,

 

I am trying to setup a 12U7 system. However the IPV6 communication between TrueNas and the firewall (pfSense running FreeBSd 12.3) ,does NOT WORK at all!

Minimal not for static addresses, not sure about DHCP and SLAAC jet, however also some tests in that direction failed!

The IPV6-commmunication always starts with the Neighbor Solicitation (135), and that communication essential for the start of IPV6, fails if the communication is initiated from the TrueNas side.

(Note it does work when initiated from the pfSence / router side)

The problem is that pfSence / the router simply can not answer the Neighbor Solicitation as send by TrueNas, because of wrong return addresses

Note that I observed this problem with both the TrueNas host as well as TrueNas Jails.

Where the TrueNas host is connected via a vlan this way  "vlan-x =>" ix0 => TrueNas Host

And the Jails like this ix0 => vlan-y  => bridge-y => vnet0 => jail

 

IMHO lack of proper IPV6 communication IPV6 very severe !!

In fact it is blocking for me!!

 

The problem is easy to reproduce, however if necessary I can provide wireshark traces.

Michelle Johnson 
December 15, 2021 at 2:57 PM

Thank you for your submission!

This issue is now in our queue for review. An engineering representative will update with further questions or details in the near future. Your duplicate issue submission https://jira.ixsystems.com/browse/NAS-113822 is now closed to focus effort on the existing ticket.

Bonnie Follweiler 
November 22, 2021 at 5:48 PM

Thank you for the report and the screenshots, . 

Can you please attach a debug file to this ticket? To generate a debug file on TrueNAS CORE, log in to the TrueNAS web interface, go to System > Advanced, then click Save Debug and wait for the file to download to your local system.

Need additional information

Details

Assignee

Reporter

Labels

Impact

Components

Fix versions

Affects versions

Priority

More fields

Katalon Platform

Created November 20, 2021 at 9:11 PM
Updated July 6, 2022 at 8:57 PM
Resolved December 14, 2021 at 2:44 PM