Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 25 Mar 2019 17:52:29 +0000
From:      Marcin Cieslak <saper@saper.info>
To:        Mathias Picker <Mathias.Picker@virtual-earth.de>
Cc:        "freebsd-virtualization@freebsd.org" <freebsd-virtualization@freebsd.org>
Subject:   Re: vm-bhyve, routing a subnet behind the main ip, is this a good / "correct" solution?
Message-ID:  <nycvar.OFS.7.76.4444.1903251746150.84924@z.fncre.vasb>
In-Reply-To: <86sgvbdtl5.fsf@virtual-earth.de>
References:  <86sgvbdtl5.fsf@virtual-earth.de>
next in thread | previous in thread | raw e-mail | index | archive | help 
--1563967779-1329009497-1553536349=:84924
Content-Type: text/plain; charset=US-ASCII

On Mon, 25 Mar 2019, Mathias Picker wrote:

> Hi all,
> 
> this is the first time I tried to use bhyve.
> 
> This is 12.0-RELEASEp3 and vm-bhyve 1.2.3.
> 
> My hosting provider hetzner.de is giving out subnets which are routed through
> the main ip of the server,
> so if my main IP is xxx.xxx.xxx.63 the subnet yyy.yyy.yyy.224/28 is routed as
> if it was "behind" the main ip xxx.xxx.xxx.xxx.

This is a typical routing situation. You cannot get from yyy.yyy.yyy to the
Internet via bridging alone. You have to have a normal routing done on
the xxx.xxx.xxx.63 machine.

> I first didn't know that and tried the solution mentioned in the vm-bhyve
> wiki, usiing a bridge and adding the network card (em0) to it, which didn't
> work.

Hetzner will not allow you to show additional MAC adresses behind your main
IP (xxx.xxx.xxx.63), that's the reason why some descriptions "on the Internet"
may not work for you.

I don't have luxury of the IPv4 subnet behind my single IPv4, so I had
to create two bridge interfaces (bridge0 and bridge1) - one is for
a routed IPv6 subnet, the other one is for RFC1918 IPv4 addresses.
bridge1 is being subject to NAT. bridge0 is subject to IPv6 routing.

(I use Xen but that does not matter for the networking discussion).

Marcin
--1563967779-1329009497-1553536349=:84924
Content-Type: application/pkcs7-signature; name=smime.p7s
Content-Transfer-Encoding: BASE64
Content-Description: S/MIME Cryptographic Signature
Content-Disposition: attachment; filename=smime.p7s

MIIOSwYJKoZIhvcNAQcCoIIOPDCCDjgCAQExDzANBglghkgBZQMEAgEFADAL
BgkqhkiG9w0BBwGgggqQMIIElzCCA3+gAwIBAgIOSBtqCKJEiNNcmz3JSA0w
DQYJKoZIhvcNAQELBQAwTDEgMB4GA1UECxMXR2xvYmFsU2lnbiBSb290IENB
IC0gUjMxEzARBgNVBAoTCkdsb2JhbFNpZ24xEzARBgNVBAMTCkdsb2JhbFNp
Z24wHhcNMTYwNjE1MDAwMDAwWhcNMjQwNjE1MDAwMDAwWjBdMQswCQYDVQQG
EwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEzMDEGA1UEAxMqR2xv
YmFsU2lnbiBQZXJzb25hbFNpZ24gMSBDQSAtIFNIQTI1NiAtIEczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrCba00KOKyGuwh9h+/MAcZm
ZUF9OxGKA56AADHaDE08rB0WEbgm6J4XvJP3OGQ7cgHdVJu6XMZkRd6EcfjD
yRrIwE6oAVWJe57co3gKk/XxvuubSZuUahrcOiv3D2qaHwva4zumubxQQI4f
unEzRIJHPiNjaq0cCcZsMcp5pxsEz8aG0sr8Oh80sxKNnzPmuUETLESktfMC
pQKHUGmWXLsG6sgCZOezUjDjKpPKW7l4PUt0TEBEyqLhifv9/YPn5C4o10PP
daDazZPeKNif2PVQ5u0HRnkFrHh4wmmrMtY22Mse3eR01gD6rEEGWf+gdzuy
EQE+ZVlNhCP4gXjdBQIDAQABo4IBZDCCAWAwDgYDVR0PAQH/BAQDAgEGMCcG
A1UdJQQgMB4GCCsGAQUFBwMCBggrBgEFBQcDBAYIKwYBBQUHAwkwEgYDVR0T
AQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUlifCwqX3HPgCenpkr2NvMtKYwrEw
HwYDVR0jBBgwFoAUj/BLf6guRSSuTVD6Y5qL3uLdG7wwPgYIKwYBBQUHAQEE
MjAwMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20v
cm9vdHIzMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuZ2xvYmFsc2ln
bi5jb20vcm9vdC1yMy5jcmwwWQYDVR0gBFIwUDALBgkrBgEEAaAyASgwQQYJ
KwYBBAGgMgFfMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNp
Z24uY29tL3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IBAQCxh3ekjKKy
RrUdfI6D1U7qUggdFLksiU+KiIqJzJG6GXcQ2KiBy2tF3+KYb0IixXMpIVli
VXlcD5Vh4tiMxJ4WONMFt3f7/53gSXLf24WMwErubc+mGMzgUGE5HKC98PcK
UV/5pPggQdzPxCBNeiXnLU1tCGYhPatFTDhUBGaVhBeuUCbgR9gpXJ9guqrD
OVwouKvovdIeI5KEAcoAAiSL6naeLk/GbKUaBFa2RxXC17e+YyBWtWlWDEM3
1V8pUIx76lkO8IJYREhLcg/LnyoYy5wcrzI6pbX2vw1x/jR3GHSC1AEdoqbE
xui2XLLlSa6y9yQNgdkPz7GTLmpwIT+dMIIF8TCCBNmgAwIBAgIMGk4Oe/1h
2+wMOby/MA0GCSqGSIb3DQEBCwUAMF0xCzAJBgNVBAYTAkJFMRkwFwYDVQQK
ExBHbG9iYWxTaWduIG52LXNhMTMwMQYDVQQDEypHbG9iYWxTaWduIFBlcnNv
bmFsU2lnbiAxIENBIC0gU0hBMjU2IC0gRzMwHhcNMTcwNTI1MDg0NDE2WhcN
MjAwNTI1MDg0NDE2WjA8MRkwFwYDVQQDDBBzYXBlckBzYXBlci5pbmZvMR8w
HQYJKoZIhvcNAQkBFhBzYXBlckBzYXBlci5pbmZvMIICIjANBgkqhkiG9w0B
AQEFAAOCAg8AMIICCgKCAgEA2sO3aQNus/oe4ZBZ4fu1Y1mzxnUYAkb4k/dw
gMFc2Kd0eRoOY0AHj4rTEi/vVzzizxjLbEwXzQ9cBEAu/PqS8WsOmhZXtlfi
szPDmP7ZpOwmNTWKSd9O7jHu9uTCGfEOsocQNYH2ULD1gVFkgKb8jHf+3u9d
uCzh6qMomTtwLrCGEP70Lq385xUzRaD6qbOeIB99tpzgvMR6Z0GPTt4z8tLM
kfdtohq5llwZ5vYnj/hJohVS9iLMQMHW4nuLj/mLZNaYE1CWJBT1rBwn5YPJ
uR6811O9eAP7aX4iG8k1jkiBh+QNgGRBIK4GIdqy7IVRhA7v2OlpLYHMk4zP
9Fs3M+56QromVKBnxfzLhuYMUK6ugj9jwskNVitqlEFUeyfgvmR1jnPRp1Nd
XGJllTNwGicR8wkaRj14RxfrvTZfwXs8OBODKFupqun/tNzdpOgyHMGQACss
9yv2SnLGCJvJK3rGIdRZEiUhLZH/Ct4L92dBhev+SjUqWKbHb4yIlGMgLdoh
nwqatuWw7iyOeInjcinX7ghiIKDWhulUN493Fzl6kaUBtIIcrb7jzZ2pHAQT
WUmuVnCTHk6NtoWB09lvuK77fw4GfxLWDFWkBQiJYPVBrmxlrkCKzrWdTMfS
W9BiEC10jT1sSimUBIjDz22RkfsApeBJoAIWjiOZogILu9MCAwEAAaOCAdAw
ggHMMA4GA1UdDwEB/wQEAwIFoDCBngYIKwYBBQUHAQEEgZEwgY4wTQYIKwYB
BQUHMAKGQWh0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2dz
cGVyc29uYWxzaWduMXNoYTJnM29jc3AuY3J0MD0GCCsGAQUFBzABhjFodHRw
Oi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vZ3NwZXJzb25hbHNpZ24xc2hhMmcz
MEwGA1UdIARFMEMwQQYJKwYBBAGgMgEoMDQwMgYIKwYBBQUHAgEWJmh0dHBz
Oi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAkGA1UdEwQCMAAw
RAYDVR0fBD0wOzA5oDegNYYzaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9n
c3BlcnNvbmFsc2lnbjFzaGEyZzMuY3JsMBsGA1UdEQQUMBKBEHNhcGVyQHNh
cGVyLmluZm8wHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMB0GA1Ud
DgQWBBReBINaGUKUo7HCrIjsKLKERu6ooTAfBgNVHSMEGDAWgBSWJ8LCpfcc
+AJ6emSvY28y0pjCsTANBgkqhkiG9w0BAQsFAAOCAQEAC0VK968ySq/6B+Kd
ecjVThQOKtVXuG17Krfk0xz7OPYR/V+qZtBFm2Uc6tkUEmAmq3Tyf+SE3TTX
Q58eJFq0uCTUhIY714ioJs1uVWBz8rPyJ3swkOfDaUXUxkQsBsf73VfKjUk4
kB5MTrApLYUe35NmEY3FqyyX13elhW1tp864vOKM2Git61cYoRn/bwd/z2JM
Zkxwkd5JgvmM+p4Da+WO4CUsGzdrZEH8X/8NQIzWtUDIh7VEQZFX5fot/KvH
Am8AajtpmNqTfMyg6LfcfJUXSFqXn/KEWu4Td62vX6Pd70dYKUZxnLwYvGqG
A4Ktrp9zyrUzxLbmdaPln7CstjGCA38wggN7AgEBMG0wXTELMAkGA1UEBhMC
QkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExMzAxBgNVBAMTKkdsb2Jh
bFNpZ24gUGVyc29uYWxTaWduIDEgQ0EgLSBTSEEyNTYgLSBHMwIMGk4Oe/1h
2+wMOby/MA0GCWCGSAFlAwQCAQUAoIHkMBgGCSqGSIb3DQEJAzELBgkqhkiG
9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTE5MDMyNTE3NTIyOVowLwYJKoZIhvcN
AQkEMSIEICBHahhRaGDEXs1rzo2BgedP+efWa44ewOBA6QoaMQaJMHkGCSqG
SIb3DQEJDzFsMGowCwYJYIZIAWUDBAEqMAsGCWCGSAFlAwQBFjALBglghkgB
ZQMEAQIwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMC
AgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMA0GCSqGSIb3DQEBAQUABIIC
AH9qJp0J0oUyP77XIgEz0FbNNtxZehWGuUSyhfzSFTd6KqfOFLlL4n4NlsNT
ilxyJR1EWUJuVU2ucjkl8EGc9TUqNDpG6AuGqFGWC++FK9D4tv1kgc9koD0X
10r6o1zyE6AhhtCk/y3mjs5gloyoLTntbT+JpejyoZp5wIKLz5uceDOOXla4
2nSRiR9owHBMCUqcnvTgxLH/ZSfRc3C5TYITf3HCKOfSxzJ73VLlUQD5ISh7
BKdgncWIw4zwOuZ2V+hdKwt6cd0WmxWS9uz4LRTR1vr8jilyTn7TKTo8Gbet
KXaUqdTqIYsaJoIf+Gb55Lk+xsMWmCRMTsr3nnrwMQfWIAsIW7eBNZD2Mb/b
U3fA7m5TJwmI53/xR2UgB0ExDDswcs8/jN24JUX1qLyt1FgxEAMEZv3/JYpF
ATzZPkTeNAB1XnYH+iZhSRvEni6GswGOCtSkefzjXu7Lt4lCeSodfLASRM4p
PgJGcQ5yzxdX37Nb4fdRhM487EkBnYn5jqmeV68PYkcoY8UOElEl2Qk82rrw
cJZ021z+wDuWHCrklT6HDpX5if48MevLnhbyfNQ+iijYatZZ1kK5T5KZYHea
3HFdrc0lXbvfL/pNsmQMaff+aYIVkoAWiZjdMVe6VtAFxiaThf+eSjHpcO3s
Dl/0Tc44+KKbjeGh7X8pFK93

--1563967779-1329009497-1553536349=:84924--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?nycvar.OFS.7.76.4444.1903251746150.84924>