From owner-freebsd-virtualization@FreeBSD.ORG Wed Dec 9 17:57:26 2009 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 16CA71065693 for ; Wed, 9 Dec 2009 17:57:26 +0000 (UTC) (envelope-from reinhard.haller@interactive-net.de) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.187]) by mx1.freebsd.org (Postfix) with ESMTP id 935E88FC22 for ; Wed, 9 Dec 2009 17:57:25 +0000 (UTC) Received: from interactive.dnsalias.net (ppp-88-217-3-236.dynamic.mnet-online.de [88.217.3.236]) by mrelayeu.kundenserver.de (node=mreu1) with ESMTP (Nemesis) id 0MDl62-1NIyIZ0jy2-00HGag; Wed, 09 Dec 2009 18:44:49 +0100 Received: from scalix.interactive.de ([fd08:e8a3:4825:0:20c:29ff:feaa:3622]) by interactive.dnsalias.net with esmtp (Exim 4.70 (FreeBSD)) (envelope-from ) id 1NIQam-000DWD-AC for freebsd-virtualization@freebsd.org; Wed, 09 Dec 2009 18:44:48 +0100 Received: from scalix.interactive.de (localhost.localdomain [127.0.0.1]) by scalix.interactive.de (8.13.8/8.13.8) with ESMTP id nB9Hilm2019873 for ; Wed, 9 Dec 2009 18:44:47 +0100 Received: from [127.0.0.1] (Core2Duo.interactive.de [192.168.0.196]) by scalix.interactive.de (Scalix SMTP Relay 11.4.5.13150) via ESMTP; Wed, 09 Dec 2009 18:44:47 +0100 (CET) Date: Wed, 9 Dec 2009 18:44:45 +0100 From: Reinhard Haller To: freebsd-virtualization@freebsd.org Message-ID: <4B1FE20D.9000009@interactive-net.de> x-scalix-Hops: 1 User-Agent: Thunderbird 2.0.0.23 (Windows/20090812) MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Disposition: inline X-ACL-rcpt: freebsd-virtualization@freebsd.org X-ACL-Send: reinhard.haller@interactive-net.de X-Provags-ID: V01U2FsdGVkX19ef9JNuAergLneFSp8JGVfpdGQdUETsCL9aXp ZraYx02M3TaURHieLR/1jSwqOL2gp7Z5Lw3SqIPkOf9XadeOYU 10RX/I+pYfvmQf6ijvDyCrf/VtgmxTVpCykKYWyyf4tQUIeFG0 x8g== Subject: create a vnet jail in rc.conf X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Dec 2009 17:57:26 -0000 Hi, I'm searching for a way to create vnet jails in rc.conf. I tried it with jail_flags (-c vnet) with no success. The documentation is not very helpful, I'm missing the way to create the vnet jail and I suspect the specification of an ipv6 address to the epair in the jail is not working. Any suggestions? Thanks Reinhard From owner-freebsd-virtualization@FreeBSD.ORG Wed Dec 9 23:10:09 2009 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6FE6C106566B for ; Wed, 9 Dec 2009 23:10:09 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from mail.cksoft.de (mail.cksoft.de [IPv6:2001:4068:10::3]) by mx1.freebsd.org (Postfix) with ESMTP id 055A28FC1B for ; Wed, 9 Dec 2009 23:10:09 +0000 (UTC) Received: from localhost (amavis.fra.cksoft.de [192.168.74.71]) by mail.cksoft.de (Postfix) with ESMTP id 6972141C7A4; Thu, 10 Dec 2009 00:10:07 +0100 (CET) X-Virus-Scanned: amavisd-new at cksoft.de Received: from mail.cksoft.de ([192.168.74.103]) by localhost (amavis.fra.cksoft.de [192.168.74.71]) (amavisd-new, port 10024) with ESMTP id bd4Gxbuj4z36; Thu, 10 Dec 2009 00:10:06 +0100 (CET) Received: by mail.cksoft.de (Postfix, from userid 66) id 9FF7341C7AA; Thu, 10 Dec 2009 00:10:06 +0100 (CET) Received: from maildrop.int.zabbadoz.net (maildrop.int.zabbadoz.net [10.111.66.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.int.zabbadoz.net (Postfix) with ESMTP id 724324448EC; Wed, 9 Dec 2009 23:07:57 +0000 (UTC) Date: Wed, 9 Dec 2009 23:07:57 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@maildrop.int.zabbadoz.net To: Reinhard Haller In-Reply-To: <4B1FE20D.9000009@interactive-net.de> Message-ID: <20091209230225.L83957@maildrop.int.zabbadoz.net> References: <4B1FE20D.9000009@interactive-net.de> X-OpenPGP-Key: 0x14003F198FEFA3E77207EE8D2B58B8F83CCF1842 MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: FreeBSD virtualization mailing list Subject: Re: create a vnet jail in rc.conf X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Dec 2009 23:10:09 -0000 On Wed, 9 Dec 2009, Reinhard Haller wrote: Hi, > I'm searching for a way to create vnet jails in rc.conf. I tried it with > jail_flags (-c vnet) with no success. > > The documentation is not very helpful, I'm missing the way to create the > vnet jail and I suspect the specification of an ipv6 address to the > epair in the jail is not working. > > Any suggestions? vnets are not yet supported by the legacy jail management framework and will not. The plan is to have something different for when vimages are no longer "experimental" (tech preview, ... call it what you like to and what sounds good;). Ideally for 8.2 but that's just a wild handwaving. I have some uncommented old notes lying around here: http://people.freebsd.org/~bz/jail-persist.txt The current ones are actually a lot more complex and no longer good examples. Rather than using "persist" you can still give a command to start a jail starting all the rc framework etc. in it. /bz -- Bjoern A. Zeeb It will not break if you know what you are doing. From owner-freebsd-virtualization@FreeBSD.ORG Wed Dec 9 23:57:16 2009 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2E655106568D for ; Wed, 9 Dec 2009 23:57:16 +0000 (UTC) (envelope-from sfourman@gmail.com) Received: from mail-px0-f190.google.com (mail-px0-f190.google.com [209.85.216.190]) by mx1.freebsd.org (Postfix) with ESMTP id 024468FC19 for ; Wed, 9 Dec 2009 23:57:15 +0000 (UTC) Received: by pxi28 with SMTP id 28so2385582pxi.7 for ; Wed, 09 Dec 2009 15:57:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=TA+wlAFoKaGVAsblrbYwnp8Ejfry3NBcIYM6PndOBNE=; b=KjOGaDiHUqqqTLU2r5ORGlXltxtlDb7boLkLYvVGhtTDkfK56QCUeE/DShNe122s0B wEXTVXAydZ/ob5kyK8qYa6pF7XPF2foCKGjd7nPeXnyVnjrOvHgV4L34VVbbhgfLLb0G YNenT8C3cxM+80STe+w8M0hIO1TzZxoJQ9sOA= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=TbLrrUJhYpWROykix0JXR1ZUhB8b5hxieEu+HnWZ1A6vnaOEoT3E2sWOx6Ri/GN5G8 geq5NlqBP9T8znH+Rs3BJZNpCKqut1apl8X5cbCtc3DDzDr80ScPrk8S3sSyKLMHtuet /BVu2XXgZt6iTJQ0IeAyZKcLJhlcoKmfbHkm4= MIME-Version: 1.0 Received: by 10.142.67.6 with SMTP id p6mr1684713wfa.20.1260401303698; Wed, 09 Dec 2009 15:28:23 -0800 (PST) In-Reply-To: <20091209230225.L83957@maildrop.int.zabbadoz.net> References: <4B1FE20D.9000009@interactive-net.de> <20091209230225.L83957@maildrop.int.zabbadoz.net> Date: Wed, 9 Dec 2009 17:28:23 -0600 Message-ID: <11167f520912091528x65faf33avec0d5a85dc0729c3@mail.gmail.com> From: "Sam Fourman Jr." To: "Bjoern A. Zeeb" Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: FreeBSD virtualization mailing list Subject: Re: create a vnet jail in rc.conf X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Dec 2009 23:57:16 -0000 On Wed, Dec 9, 2009 at 5:07 PM, Bjoern A. Zeeb wrote: > On Wed, 9 Dec 2009, Reinhard Haller wrote: > > Hi, > >> I'm searching for a way to create vnet jails in rc.conf. I tried it with >> jail_flags (-c vnet) with no success. >> >> The documentation is not very helpful, I'm missing the way to create the >> vnet jail and I suspect the specification of an ipv6 address to the >> epair in the jail is not working. >> >> Any suggestions? > > vnets are not yet supported by the legacy jail management framework > and will not. > The plan is to have something different for when vimages are no longer > "experimental" (tech preview, ... call it what you like to and what > sounds good;). =A0Ideally for 8.2 but that's just a wild handwaving. How would we make a vnet jail come up automaticly on reboot? Sam Fourman Jr. Fourman Networks From owner-freebsd-virtualization@FreeBSD.ORG Thu Dec 10 06:26:38 2009 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EF2AE1065670 for ; Thu, 10 Dec 2009 06:26:38 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outP.internet-mail-service.net (outp.internet-mail-service.net [216.240.47.239]) by mx1.freebsd.org (Postfix) with ESMTP id D3D628FC0A for ; Thu, 10 Dec 2009 06:26:38 +0000 (UTC) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id 21DD62439; Wed, 9 Dec 2009 22:26:39 -0800 (PST) X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (h-67-100-89-137.snfccasy.static.covad.net [67.100.89.137]) by idiom.com (Postfix) with ESMTP id C55962D6018; Wed, 9 Dec 2009 22:26:37 -0800 (PST) Message-ID: <4B2094AB.3070400@elischer.org> Date: Wed, 09 Dec 2009 22:26:51 -0800 From: Julian Elischer User-Agent: Thunderbird 2.0.0.23 (Macintosh/20090812) MIME-Version: 1.0 To: "Sam Fourman Jr." References: <4B1FE20D.9000009@interactive-net.de> <20091209230225.L83957@maildrop.int.zabbadoz.net> <11167f520912091528x65faf33avec0d5a85dc0729c3@mail.gmail.com> In-Reply-To: <11167f520912091528x65faf33avec0d5a85dc0729c3@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: "Bjoern A. Zeeb" , FreeBSD virtualization mailing list Subject: Re: create a vnet jail in rc.conf X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Dec 2009 06:26:39 -0000 Sam Fourman Jr. wrote: > On Wed, Dec 9, 2009 at 5:07 PM, Bjoern A. Zeeb > wrote: >> On Wed, 9 Dec 2009, Reinhard Haller wrote: >> >> Hi, >> >>> I'm searching for a way to create vnet jails in rc.conf. I tried it with >>> jail_flags (-c vnet) with no success. >>> >>> The documentation is not very helpful, I'm missing the way to create the >>> vnet jail and I suspect the specification of an ipv6 address to the >>> epair in the jail is not working. >>> >>> Any suggestions? >> vnets are not yet supported by the legacy jail management framework >> and will not. >> The plan is to have something different for when vimages are no longer >> "experimental" (tech preview, ... call it what you like to and what >> sounds good;). Ideally for 8.2 but that's just a wild handwaving. > > How would we make a vnet jail come up automaticly on reboot? /etc/rc.local? > > Sam Fourman Jr. > > Fourman Networks > _______________________________________________ > freebsd-virtualization@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization > To unsubscribe, send any mail to "freebsd-virtualization-unsubscribe@freebsd.org" From owner-freebsd-virtualization@FreeBSD.ORG Thu Dec 10 09:02:51 2009 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9B1A1106566C for ; Thu, 10 Dec 2009 09:02:50 +0000 (UTC) (envelope-from reinhard.haller@interactive-net.de) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.186]) by mx1.freebsd.org (Postfix) with ESMTP id E30E48FC32 for ; Thu, 10 Dec 2009 09:02:49 +0000 (UTC) Received: from interactive.dnsalias.net (ppp-88-217-3-93.dynamic.mnet-online.de [88.217.3.93]) by mrelayeu.kundenserver.de (node=mreu2) with ESMTP (Nemesis) id 0LpRtB-1NxTqY3jzp-00f8dz; Thu, 10 Dec 2009 10:02:44 +0100 Received: from scalix.interactive.de ([fd08:e8a3:4825:0:20c:29ff:feaa:3622]) by interactive.dnsalias.net with esmtp (Exim 4.70 (FreeBSD)) (envelope-from ) id 1NIev5-000MJG-3J; Thu, 10 Dec 2009 10:02:43 +0100 Received: from scalix.interactive.de (localhost.localdomain [127.0.0.1]) by scalix.interactive.de (8.13.8/8.13.8) with ESMTP id nBA92fUC010517; Thu, 10 Dec 2009 10:02:41 +0100 Received: from [127.0.0.1] (Core2Duo.interactive.de [192.168.0.196]) by scalix.interactive.de (Scalix SMTP Relay 11.4.5.13150) via ESMTP; Thu, 10 Dec 2009 10:02:41 +0100 (CET) Date: Thu, 10 Dec 2009 10:02:38 +0100 From: Reinhard Haller To: "Bjoern A. Zeeb" Message-ID: <4B20B92E.2070105@interactive-net.de> In-Reply-To: <20091209230225.L83957@maildrop.int.zabbadoz.net> References: <4B1FE20D.9000009@interactive-net.de> References: <20091209230225.L83957@maildrop.int.zabbadoz.net> x-scalix-Hops: 1 User-Agent: Thunderbird 2.0.0.23 (Windows/20090812) MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Disposition: inline X-ACL-rcpt: bzeeb-lists@lists.zabbadoz.net X-ACL-rcpt: freebsd-virtualization@freebsd.org X-ACL-Send: reinhard.haller@interactive-net.de X-Provags-ID: V01U2FsdGVkX18r0ZdKJHob9Mz8DydjIabQZY78IEl0ACzzg8y nzmMp/pzVRIcUsU5Mx6qWAa8W07KLBT6DSqbpmq/fm68bAxBAm Nai7yq2hnqOLXR2MLjUwmyboWzb7NqK471Kq7IxjAZZUULn9Oh qqg== Cc: FreeBSD virtualization mailing list Subject: Re: create a vnet jail in rc.conf X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Dec 2009 09:02:51 -0000 Bjoern A. Zeeb schrieb: > On Wed, 9 Dec 2009, Reinhard Haller wrote: > > Hi, > >> I'm searching for a way to create vnet jails in rc.conf. I tried it with >> jail_flags (-c vnet) with no success. >> >> The documentation is not very helpful, I'm missing the way to create the >> vnet jail and I suspect the specification of an ipv6 address to the >> epair in the jail is not working. >> >> Any suggestions? > > vnets are not yet supported by the legacy jail management framework > and will not. > The plan is to have something different for when vimages are no longer > "experimental" (tech preview, ... call it what you like to and what > sounds good;). Ideally for 8.2 but that's just a wild handwaving. > Wasting another year? > I have some uncommented old notes lying around here: > http://people.freebsd.org/~bz/jail-persist.txt > > The current ones are actually a lot more complex and no longer good > examples. Rather than using "persist" you can still give a command to > start a jail starting all the rc framework etc. in it. > > /bz > I tried it with the following, but suffered intermittent routing problems (route6d died and cannot be restarted): jail -c vnet name=d1 host.hostname=dns1.intern.de path=/jails/dns1 persist jail -c vnet name=d2 host.hostname=dns2.intern.de path=/jails/dns2 persist ifconfig bridge0 create ifconfig epair create ifconfig epair create ifconfig bridge0 addm epair0a addm epair1a up ifconfig epair0a inet6 fd08:e8a3:4825:10::1 ifconfig epair0b vnet 1 ifconfig epair1b vnet 2 jexec 1 csh ifconfig epair0b inet6 fd08:e8a3:4825:10::10 route -n add -inet6 default fd08:e8a3:4825:10::1 exit jexec 2 csh ifconfig epair1b inet6 fd08:e8a3:4825:10::11 route -n add -inet6 default fd08:e8a3:4825:10::1 exit Is this the way to get a stable vnet system? Thanks Reinhard From owner-freebsd-virtualization@FreeBSD.ORG Thu Dec 10 17:49:02 2009 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EBECE106566B for ; Thu, 10 Dec 2009 17:49:01 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outV.internet-mail-service.net (outv.internet-mail-service.net [216.240.47.245]) by mx1.freebsd.org (Postfix) with ESMTP id CFAD58FC23 for ; Thu, 10 Dec 2009 17:49:00 +0000 (UTC) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id 5A97110C7C; Thu, 10 Dec 2009 09:49:45 -0800 (PST) X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (h-67-100-89-137.snfccasy.static.covad.net [67.100.89.137]) by idiom.com (Postfix) with ESMTP id C41A72D6019; Thu, 10 Dec 2009 09:46:57 -0800 (PST) Message-ID: <4B213495.4020108@elischer.org> Date: Thu, 10 Dec 2009 09:49:09 -0800 From: Julian Elischer User-Agent: Thunderbird 2.0.0.23 (Macintosh/20090812) MIME-Version: 1.0 To: Reinhard Haller References: <4B1FE20D.9000009@interactive-net.de> <4B20B92E.2070105@interactive-net.de> In-Reply-To: <4B20B92E.2070105@interactive-net.de> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: "Bjoern A. Zeeb" , FreeBSD virtualization mailing list Subject: Re: create a vnet jail in rc.conf X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Dec 2009 17:49:02 -0000 Reinhard Haller wrote: > Bjoern A. Zeeb schrieb: >> On Wed, 9 Dec 2009, Reinhard Haller wrote: >> >> Hi, >> >>> I'm searching for a way to create vnet jails in rc.conf. I tried it with >>> jail_flags (-c vnet) with no success. >>> >>> The documentation is not very helpful, I'm missing the way to create the >>> vnet jail and I suspect the specification of an ipv6 address to the >>> epair in the jail is not working. >>> >>> Any suggestions? >> vnets are not yet supported by the legacy jail management framework >> and will not. >> The plan is to have something different for when vimages are no longer >> "experimental" (tech preview, ... call it what you like to and what >> sounds good;). Ideally for 8.2 but that's just a wild handwaving. >> > Wasting another year? >> I have some uncommented old notes lying around here: >> http://people.freebsd.org/~bz/jail-persist.txt >> >> The current ones are actually a lot more complex and no longer good >> examples. Rather than using "persist" you can still give a command to >> start a jail starting all the rc framework etc. in it. >> >> /bz >> > I tried it with the following, but suffered intermittent routing > problems (route6d died and cannot be restarted): > > jail -c vnet name=d1 host.hostname=dns1.intern.de path=/jails/dns1 > persist > jail -c vnet name=d2 host.hostname=dns2.intern.de path=/jails/dns2 > persist > ifconfig bridge0 create > ifconfig epair create > ifconfig epair create > ifconfig bridge0 addm epair0a addm epair1a up > ifconfig epair0a inet6 fd08:e8a3:4825:10::1 > ifconfig epair0b vnet 1 > ifconfig epair1b vnet 2 > jexec 1 csh > ifconfig epair0b inet6 fd08:e8a3:4825:10::10 > route -n add -inet6 default fd08:e8a3:4825:10::1 > exit > jexec 2 csh > ifconfig epair1b inet6 fd08:e8a3:4825:10::11 > route -n add -inet6 default fd08:e8a3:4825:10::1 > exit > > Is this the way to get a stable vnet system? using epair and bridge is probably suboptimal. try using: 1: three epair sets to make a mesh (usable with smal nunbers fo jails) 2: using netgraph to make a bridge.. I'm doing thsii from memory so you may need to tweak it: ngctl mkpeer em0: bridge lower link0 ngctl name em0:lower switch ngctl connect switch: em0: link1 upper # and then for each vnet, ngctl mkpeer switch: eiface link2 ether ifconfig ngeth0 vnet d1 ngctl mkpeer switch: eiface link3 ether ifconfig nget1 vnet d2 ngctl mkpeer switch: eiface link4 ether ifconfig ngeth2 vnet d3 ngctl mkpeer switch: eiface link5 ether ifconfig ngeth3 vnet d4 etc you'll need to kldload ng_ether, ng_bridge and ng_eiface (though I think ngctl may do that for you) > > Thanks > Reinhard > > _______________________________________________ > freebsd-virtualization@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization > To unsubscribe, send any mail to "freebsd-virtualization-unsubscribe@freebsd.org" From owner-freebsd-virtualization@FreeBSD.ORG Thu Dec 10 17:58:36 2009 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C4BCA1065670 for ; Thu, 10 Dec 2009 17:58:36 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outV.internet-mail-service.net (outv.internet-mail-service.net [216.240.47.245]) by mx1.freebsd.org (Postfix) with ESMTP id A78D38FC24 for ; Thu, 10 Dec 2009 17:58:36 +0000 (UTC) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id 20275ADA5F; Thu, 10 Dec 2009 09:59:38 -0800 (PST) X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (h-67-100-89-137.snfccasy.static.covad.net [67.100.89.137]) by idiom.com (Postfix) with ESMTP id 8E1322D6018; Thu, 10 Dec 2009 09:56:32 -0800 (PST) Message-ID: <4B2136D8.9000404@elischer.org> Date: Thu, 10 Dec 2009 09:58:48 -0800 From: Julian Elischer User-Agent: Thunderbird 2.0.0.23 (Macintosh/20090812) MIME-Version: 1.0 To: Reinhard Haller References: <4B1FE20D.9000009@interactive-net.de> <4B20B92E.2070105@interactive-net.de> <4B213495.4020108@elischer.org> In-Reply-To: <4B213495.4020108@elischer.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: "Bjoern A. Zeeb" , FreeBSD virtualization mailing list Subject: Re: create a vnet jail in rc.conf X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Dec 2009 17:58:36 -0000 Julian Elischer wrote: > Reinhard Haller wrote: >> Bjoern A. Zeeb schrieb: >>> On Wed, 9 Dec 2009, Reinhard Haller wrote: >>> >>> Hi, >>> >>>> I'm searching for a way to create vnet jails in rc.conf. I tried it >>>> with >>>> jail_flags (-c vnet) with no success. >>>> >>>> The documentation is not very helpful, I'm missing the way to create >>>> the >>>> vnet jail and I suspect the specification of an ipv6 address to the >>>> epair in the jail is not working. >>>> >>>> Any suggestions? >>> vnets are not yet supported by the legacy jail management framework >>> and will not. >>> The plan is to have something different for when vimages are no longer >>> "experimental" (tech preview, ... call it what you like to and what >>> sounds good;). Ideally for 8.2 but that's just a wild handwaving. >>> >> Wasting another year? >>> I have some uncommented old notes lying around here: >>> http://people.freebsd.org/~bz/jail-persist.txt >>> >>> The current ones are actually a lot more complex and no longer good >>> examples. Rather than using "persist" you can still give a command to >>> start a jail starting all the rc framework etc. in it. >>> >>> /bz >>> >> I tried it with the following, but suffered intermittent routing >> problems (route6d died and cannot be restarted): >> >> jail -c vnet name=d1 host.hostname=dns1.intern.de path=/jails/dns1 >> persist >> jail -c vnet name=d2 host.hostname=dns2.intern.de path=/jails/dns2 >> persist >> ifconfig bridge0 create >> ifconfig epair create >> ifconfig epair create >> ifconfig bridge0 addm epair0a addm epair1a up >> ifconfig epair0a inet6 fd08:e8a3:4825:10::1 >> ifconfig epair0b vnet 1 >> ifconfig epair1b vnet 2 >> jexec 1 csh >> ifconfig epair0b inet6 fd08:e8a3:4825:10::10 >> route -n add -inet6 default fd08:e8a3:4825:10::1 >> exit >> jexec 2 csh >> ifconfig epair1b inet6 fd08:e8a3:4825:10::11 >> route -n add -inet6 default fd08:e8a3:4825:10::1 >> exit >> >> Is this the way to get a stable vnet system? > > > > > > using epair and bridge is probably suboptimal. > > try using: > 1: three epair sets to make a mesh (usable with smal nunbers fo jails) > 2: using netgraph to make a bridge.. > > > I'm doing thsii from memory so you may need to tweak it: > > > ngctl mkpeer em0: bridge lower link0 > ngctl name em0:lower switch > ngctl connect switch: em0: link1 upper > > # and then for each vnet, > ngctl mkpeer switch: eiface link2 ether # I forgot, you have to give each a different mac addr I think: ifconfig ngeth0 ether 1:2:3:4:5:6 > ifconfig ngeth0 vnet d1 > > ngctl mkpeer switch: eiface link3 ether > ifconfig nget1 vnet d2 > > ngctl mkpeer switch: eiface link4 ether > ifconfig ngeth2 vnet d3 > > ngctl mkpeer switch: eiface link5 ether > ifconfig ngeth3 vnet d4 > > etc > > you'll need to kldload ng_ether, ng_bridge and ng_eiface > (though I think ngctl may do that for you) > > >> >> Thanks >> Reinhard >> >> _______________________________________________ >> freebsd-virtualization@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization >> To unsubscribe, send any mail to >> "freebsd-virtualization-unsubscribe@freebsd.org" > > _______________________________________________ > freebsd-virtualization@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization > To unsubscribe, send any mail to > "freebsd-virtualization-unsubscribe@freebsd.org" From owner-freebsd-virtualization@FreeBSD.ORG Fri Dec 11 08:31:12 2009 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C39871065676 for ; Fri, 11 Dec 2009 08:31:12 +0000 (UTC) (envelope-from reinhard.haller@interactive-net.de) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.17.8]) by mx1.freebsd.org (Postfix) with ESMTP id 357988FC15 for ; Fri, 11 Dec 2009 08:31:11 +0000 (UTC) Received: from interactive.dnsalias.net (ppp-93-104-66-1.dynamic.mnet-online.de [93.104.66.1]) by mrelayeu.kundenserver.de (node=mrbap1) with ESMTP (Nemesis) id 0Lmws0-1O04xT34Zg-00hfhE; Fri, 11 Dec 2009 09:31:09 +0100 Received: from scalix.interactive.de ([fd08:e8a3:4825:0:20c:29ff:feaa:3622]) by interactive.dnsalias.net with esmtp (Exim 4.71 (FreeBSD)) (envelope-from ) id 1NJ0u2-000Mps-VU; Fri, 11 Dec 2009 09:31:06 +0100 Received: from scalix.interactive.de (localhost.localdomain [127.0.0.1]) by scalix.interactive.de (8.13.8/8.13.8) with ESMTP id nBB8V6vf015705; Fri, 11 Dec 2009 09:31:06 +0100 Received: from [127.0.0.1] (Core2Duo.interactive.de [192.168.0.196]) by scalix.interactive.de (Scalix SMTP Relay 11.4.5.13150) via ESMTP; Fri, 11 Dec 2009 09:31:06 +0100 (CET) Date: Fri, 11 Dec 2009 09:31:02 +0100 From: Reinhard Haller To: Julian Elischer Message-ID: <4B220346.1090204@interactive-net.de> In-Reply-To: <4B2136D8.9000404@elischer.org> References: <4B1FE20D.9000009@interactive-net.de> References: <4B20B92E.2070105@interactive-net.de> References: <4B213495.4020108@elischer.org> References: <4B2136D8.9000404@elischer.org> x-scalix-Hops: 1 User-Agent: Thunderbird 2.0.0.23 (Windows/20090812) MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Disposition: inline X-ACL-rcpt: julian@elischer.org X-ACL-rcpt: bzeeb-lists@lists.zabbadoz.net X-ACL-rcpt: freebsd-virtualization@freebsd.org X-ACL-Send: reinhard.haller@interactive-net.de X-Provags-ID: V01U2FsdGVkX1/uz3LHutUtYPT7fEPzVQKluESbZVgLLQ/3/df b7k2cKV0p7DCpcfu2ALIm4WH0V7E9ledBi990COqJdW0/sMRS+ WJqbUMz/sUB0qQqdx2QtcFnBbFX5ZTdRA5Fru5h9Iw4q2kpKVi axg== Cc: "Bjoern A. Zeeb" , FreeBSD virtualization mailing list Subject: Re: create a vnet jail in rc.conf X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Dec 2009 08:31:12 -0000 Julian Elischer schrieb: > Julian Elischer wrote: >> Reinhard Haller wrote: >>> I tried it with the following, but suffered intermittent routing >>> problems (route6d died and cannot be restarted): >>> >>> jail -c vnet name=d1 host.hostname=dns1.intern.de path=/jails/dns1 >>> persist >>> jail -c vnet name=d2 host.hostname=dns2.intern.de path=/jails/dns2 >>> persist >>> ifconfig bridge0 create >>> ifconfig epair create >>> ifconfig epair create >>> ifconfig bridge0 addm epair0a addm epair1a up >>> ifconfig epair0a inet6 fd08:e8a3:4825:10::1 >>> ifconfig epair0b vnet 1 >>> ifconfig epair1b vnet 2 >>> jexec 1 csh >>> ifconfig epair0b inet6 fd08:e8a3:4825:10::10 >>> route -n add -inet6 default fd08:e8a3:4825:10::1 >>> exit >>> jexec 2 csh >>> ifconfig epair1b inet6 fd08:e8a3:4825:10::11 >>> route -n add -inet6 default fd08:e8a3:4825:10::1 >>> exit >>> >>> Is this the way to get a stable vnet system? >> >> using epair and bridge is probably suboptimal. >> >> try using: >> 1: three epair sets to make a mesh (usable with smal nunbers fo jails) Do you mean 2 ip-addresses per jail and another 2 for the host? >> 2: using netgraph to make a bridge.. bridge + epair are cloneable interfaces, they are created before pf starts. The netgraph stuff is problematic when using interfaces in pf.conf. From owner-freebsd-virtualization@FreeBSD.ORG Fri Dec 11 20:49:52 2009 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B29951065679 for ; Fri, 11 Dec 2009 20:49:52 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outU.internet-mail-service.net (outu.internet-mail-service.net [216.240.47.244]) by mx1.freebsd.org (Postfix) with ESMTP id 984C68FC0A for ; Fri, 11 Dec 2009 20:49:52 +0000 (UTC) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id 30A32C3FB; Fri, 11 Dec 2009 12:49:52 -0800 (PST) X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (h-67-100-89-137.snfccasy.static.covad.net [67.100.89.137]) by idiom.com (Postfix) with ESMTP id A2AEF2D6011; Fri, 11 Dec 2009 12:49:51 -0800 (PST) Message-ID: <4B22B07C.9030604@elischer.org> Date: Fri, 11 Dec 2009 12:50:04 -0800 From: Julian Elischer User-Agent: Thunderbird 2.0.0.23 (Macintosh/20090812) MIME-Version: 1.0 To: Reinhard Haller References: <4B1FE20D.9000009@interactive-net.de> <4B220346.1090204@interactive-net.de> In-Reply-To: <4B220346.1090204@interactive-net.de> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: "Bjoern A. Zeeb" , FreeBSD virtualization mailing list Subject: Re: create a vnet jail in rc.conf X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Dec 2009 20:49:52 -0000 Reinhard Haller wrote: > Julian Elischer schrieb: >> Julian Elischer wrote: >>> Reinhard Haller wrote: >>>> I tried it with the following, but suffered intermittent routing >>>> problems (route6d died and cannot be restarted): >>>> >>>> jail -c vnet name=d1 host.hostname=dns1.intern.de path=/jails/dns1 >>>> persist >>>> jail -c vnet name=d2 host.hostname=dns2.intern.de path=/jails/dns2 >>>> persist >>>> ifconfig bridge0 create >>>> ifconfig epair create >>>> ifconfig epair create >>>> ifconfig bridge0 addm epair0a addm epair1a up >>>> ifconfig epair0a inet6 fd08:e8a3:4825:10::1 >>>> ifconfig epair0b vnet 1 >>>> ifconfig epair1b vnet 2 >>>> jexec 1 csh >>>> ifconfig epair0b inet6 fd08:e8a3:4825:10::10 >>>> route -n add -inet6 default fd08:e8a3:4825:10::1 >>>> exit >>>> jexec 2 csh >>>> ifconfig epair1b inet6 fd08:e8a3:4825:10::11 >>>> route -n add -inet6 default fd08:e8a3:4825:10::1 >>>> exit >>>> >>>> Is this the way to get a stable vnet system? >>> using epair and bridge is probably suboptimal. >>> >>> try using: >>> 1: three epair sets to make a mesh (usable with smal nunbers fo jails) > > Do you mean 2 ip-addresses per jail and another 2 for the host? yeah route rather than bridge. > >>> 2: using netgraph to make a bridge.. > > bridge + epair are cloneable interfaces, they are created before pf > starts. The netgraph stuff is problematic when using interfaces in pf.conf. > From owner-freebsd-virtualization@FreeBSD.ORG Fri Dec 11 20:51:26 2009 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 515211065672 for ; Fri, 11 Dec 2009 20:51:26 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outB.internet-mail-service.net (outb.internet-mail-service.net [216.240.47.225]) by mx1.freebsd.org (Postfix) with ESMTP id 351508FC0A for ; Fri, 11 Dec 2009 20:51:26 +0000 (UTC) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id EFD1FC3FB; Fri, 11 Dec 2009 12:51:25 -0800 (PST) X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (h-67-100-89-137.snfccasy.static.covad.net [67.100.89.137]) by idiom.com (Postfix) with ESMTP id 7BF462D6013; Fri, 11 Dec 2009 12:51:25 -0800 (PST) Message-ID: <4B22B0DA.3000905@elischer.org> Date: Fri, 11 Dec 2009 12:51:38 -0800 From: Julian Elischer User-Agent: Thunderbird 2.0.0.23 (Macintosh/20090812) MIME-Version: 1.0 To: Reinhard Haller References: <4B1FE20D.9000009@interactive-net.de> <4B220346.1090204@interactive-net.de> In-Reply-To: <4B220346.1090204@interactive-net.de> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: "Bjoern A. Zeeb" , FreeBSD virtualization mailing list Subject: Re: create a vnet jail in rc.conf X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Dec 2009 20:51:26 -0000 Reinhard Haller wrote: > Julian Elischer schrieb: >> Julian Elischer wrote: >>> Reinhard Haller wrote: >>>> I tried it with the following, but suffered intermittent routing >>>> problems (route6d died and cannot be restarted): >>>> >>>> jail -c vnet name=d1 host.hostname=dns1.intern.de path=/jails/dns1 >>>> persist >>>> jail -c vnet name=d2 host.hostname=dns2.intern.de path=/jails/dns2 >>>> persist >>>> ifconfig bridge0 create >>>> ifconfig epair create >>>> ifconfig epair create >>>> ifconfig bridge0 addm epair0a addm epair1a up >>>> ifconfig epair0a inet6 fd08:e8a3:4825:10::1 >>>> ifconfig epair0b vnet 1 >>>> ifconfig epair1b vnet 2 >>>> jexec 1 csh >>>> ifconfig epair0b inet6 fd08:e8a3:4825:10::10 >>>> route -n add -inet6 default fd08:e8a3:4825:10::1 >>>> exit >>>> jexec 2 csh >>>> ifconfig epair1b inet6 fd08:e8a3:4825:10::11 >>>> route -n add -inet6 default fd08:e8a3:4825:10::1 >>>> exit >>>> >>>> Is this the way to get a stable vnet system? >>> using epair and bridge is probably suboptimal. >>> >>> try using: >>> 1: three epair sets to make a mesh (usable with smal nunbers fo jails) > > Do you mean 2 ip-addresses per jail and another 2 for the host? > >>> 2: using netgraph to make a bridge.. > > bridge + epair are cloneable interfaces, they are created before pf > starts. The netgraph stuff is problematic when using interfaces in pf.conf. though in 8.1 and 9 each jail has its own pf. > > > _______________________________________________ > freebsd-virtualization@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization > To unsubscribe, send any mail to "freebsd-virtualization-unsubscribe@freebsd.org"