Date: Mon, 06 Apr 2015 16:25:13 +0100 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: freebsd-questions@freebsd.org Subject: Re: how to do interval jail ips Message-ID: <5522A559.8050407@infracaninophile.co.uk> In-Reply-To: <55229DE1.5050700@artem.ru> References: <552297B5.1030203@artem.ru> <55229C4E.5050504@gmail.com> <55229DE1.5050700@artem.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --eQKprpiKVlLkIDrGTHfVG40lC1JHeQaPc Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 06/04/2015 15:53, Artem Kuchin wrote: > 06.04.2015 17:46, Ernie Luzar =D0=BF=D0=B8=D1=88=D0=B5=D1=82: >> Artem Kuchin wrote: >>> Hello! >>> >>> I have several jails and some of the use real ips, some are just >>> internal for the server like 10.0.0.x >>> However, i assigned all ips to the external em0 interface. >>> This causes problems, because of server in the same lan have 10.0.0.x= >>> address of their interfaces too. >>> So, there is a conflict. >>> This is just a colocation, so, i cannot control the ip assignment. >>> >>> What is the correct way to assign ip address which are seen only >>> withing a host? >>> (some kind of virtual NIC) >>> >>> Artem >>> >> >> xl0,10.0.10.2 for lan on device xl0 >> >> em0,x.x.x.x for rl0 device facing pubic internet >> >> use the correct device names for you network configuration >> >=20 > i don't get it. I do not have xl0 device > I only have em0 > Or i can specify whatever device i like even if it is not installed in > the server? You can create jail IPs bound to the loopback interface lo0 exactly as you would for a standard NIC. Be aware though that if you assign your internal IPs from, say, 10.11.0.0/24 that will mean you would have trouble reaching anything on that particular subnet via your network interface. However as this will be entirely internal to your machine, you could choose whatever IPs you liked -- but preferably use ones from the RFC1918[*] defined ranges. Cheers, Matthew [*] Technically RFC6761 nowadays, but that covers a lot more than just the reserved private address ranges. --=20 Dr Matthew J Seaman MA, D.Phil. PGP: http://www.infracaninophile.co.uk/pgpkey JID: matthew@infracaninophile.co.uk --eQKprpiKVlLkIDrGTHfVG40lC1JHeQaPc Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.20 (Darwin) iQJ8BAEBCgBmBQJVIqViXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2NTNBNjhCOTEzQTRFNkNGM0UxRTEzMjZC QjIzQUY1MThFMUE0MDEzAAoJELsjr1GOGkAT08YP/2Cn3UiYyLUo7MVmey4GEXB2 M+1g4UbUCnhlbJv0AZvLtoHblmosejYFiSNzDCNoP88vGAREoQIxVOA67JEplvB3 DYvEpo3mScTlXOnLf9ueNHGgsxi1q6nl2w5KObcGo0OF5Defjpak2BQZd3gmkYls G4FmQwMieSiRhDQCWAquYOJCt8qPZcoOg+dOUwncb/W+4bUVlCIOhl/+WnecRD2h U5e0h54byyEjnJriIApxGjzxdv3RFCwqjwEX2yksWc+eJnJa0+Pc+H+0cI+f2lA0 w3hIHC2bMauRkgSeK37lnTz2ZAkou/OJyTiqGrObP+x9X/76jTkHRihLmsfK68ll P0mQGXQm0H4kOCt6P7KFvuuybPOUdrNFWn79gDSb6ti2ohRDPMNH7elTfDg0a0qK ZS2P9aCzvUkWn2AQGeZOtgJPN3hBsHB76VMvY+5iugqgG/C+aKRFCzIZFvPaLF0O pUxgCdCQKNufWEzieEE+eroSVPR6Bw+p4P2alA+B1DLNyvmdA8gptGi6leQiHPTz pQ0bF3vOxG6nHcAicbUHZyJIg/BQDzS3xEmB1AtG6gltWF2TvA4of0liPUUGYm2q 00PQvyRGJwSJoofQW6pDR8y1ldGUR7uiG1UVLLEIABtgEVFuDounvFG7Bn8gKtbr DasFd/60QgA4gU6BwRYB =8NOS -----END PGP SIGNATURE----- --eQKprpiKVlLkIDrGTHfVG40lC1JHeQaPc--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5522A559.8050407>