Date: Tue, 13 Dec 2016 16:03:26 -0600 (CST) From: "Valeri Galtsev" <galtsev@kicp.uchicago.edu> To: "Isaac (.ike) Levy" <ike@blackskyresearch.net> Cc: freebsd-jail@freebsd.org Subject: Re: multiple interfaces for jail.conf(1) and jail_set(2) Message-ID: <11488.128.135.52.6.1481666606.squirrel@cosmo.uchicago.edu> In-Reply-To: <0ED7F403-F14E-4A72-8E54-AF74AAE15061@blackskyresearch.net> References: <0ED7F403-F14E-4A72-8E54-AF74AAE15061@blackskyresearch.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, December 13, 2016 2:14 pm, Isaac (.ike) Levy wrote: > Hi All, > > Can I specify multiple IP interfaces and assign IP’s to them using > jail.conf? > I have jails with IPv4/IPv6 addresses on multiple physical interfaces, as > well as assigning a loopback. Last time I tried it which was about year and a half ago the answer was: no, this is not possible. Jail can only have one IP address (in addition to loopback addresses). Valeri > > I have not found answers in the respective man pages or digging online. > > I’m finally starting to poke around to start using the impressively > simple jail.conf subsystem to manage jails. I have been managing jails > with simple custom start scripts since 99’, and custom devfs rulesets > since ~2006, so jail.conf(1) and jail_set(2) are a big welcome change for > me- really awesome and clean :) > > -- > Additional detail to clarify my loopback use: > In general, I always assign each jail it’s own a loopback IP somewhere > in the RFC5735 specified range, 127.0.0.0/8 - (simply saving 127.0.0.1 for > the jailing host), and then I simply set localhost to point at it’s IP > in /etc/hosts for the jail. On the host, I simply add the IP alias to lo0 > like any other interface. > This is often overlooked in common jailing practice, but often eliminates > complexity and confusion for many userland daemons. For full Virtual > Server applications, loopback is simply dotting the i’s and crossing the > t’s. > > I can see how localhost would be challenging to automate for easy > jail.conf configuration, mostly, in picking a loopback IP for the jail and > not letting that get messy- etc… > > Thanks in advance for any info! > > Best, > .ike > > > _______________________________________________ > freebsd-jail@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-jail > To unsubscribe, send any mail to "freebsd-jail-unsubscribe@freebsd.org" ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?11488.128.135.52.6.1481666606.squirrel>