Date: Tue, 28 May 2013 10:07:19 +0200 From: =?utf-8?B?SsOBS8OTIEFuZHLDoXM=?= <jako.andras@eik.bme.hu> To: Mogamat Abrahams <lists@tabits.co.za>, freebsd-jail@freebsd.org, Ian Smith <smithi@nimnet.asn.au> Subject: Re: Cant reach Jailed services from internet. Message-ID: <20130528080719.GA11195@eik.bme.hu> In-Reply-To: <20130528145629.X55451@sola.nimnet.asn.au> References: <loom.20130527T091739-282@post.gmane.org> <cc5f425486d0fc06e1ddc0a8cbe300ad@nanogene.org> <loom.20130527T215634-190@post.gmane.org> <20130528145629.X55451@sola.nimnet.asn.au>
next in thread | previous in thread | raw e-mail | index | archive | help
> > > Any reason you are running your webjail on the broadcast IP for the > > > subnet? IP range for your 0xfffffffc net would be (.77|.78). > > > > Hi, > > > > Thanks, however thats the info I got the from people providing the machine : > > That's a worry .. you won't do any good trying to use the broadcast > address. Mats is right, you only get 2 usable addresses with a /30. Assigning a /30 for four jails is perfectly valid, if it's an aggregate of four /32s. I would configure a static route on the default gateway for 174.x.x.76/30 -> 67.x.x.x, then on the host I'd assign the four /32s to lo1..lo4. Packets arrive to the jails because of the /30 static route in the neighbouring router, packets leave the jail because of the host's already existing default route, and of course traffic between the jails and the host are OK because the kernel knows its own interfaces. (Actually that's how I run my FreeBSD jails.) > > The hosts rc.conf: > > > > ipv4_addrs_em0="67.x.x.x/27 174.x.x.76-79/30" Regards, AndrĂ¡s
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130528080719.GA11195>