Date: Thu, 08 Jan 2009 17:59:21 +0100 From: Miroslav Lachman <000.fbsd@quip.cz> To: spil.oss@gmail.com Cc: freebsd-stable@freebsd.org Subject: Re: Problems with network in jail Message-ID: <496630E9.1050600@quip.cz> In-Reply-To: <5fbf03c20901080310g69da867v1fc8dadcdb4ca7ae@mail.gmail.com> References: <5fbf03c20901080207y4b0b18beod775a8ef2887f147@mail.gmail.com> <20090108105448.4cd6dcfe@dilbert.office.centralnic.com> <5fbf03c20901080310g69da867v1fc8dadcdb4ca7ae@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Spil Oss wrote: > Hi Peter, > > Thanks a lot! Will read up on that. (luckily I do speak > german/swiss-german). From discussions on ##FreeBSD IRC I learned that > it is not recommended to use lo0 for jails! > > On FreeBSD-6.3 I succesfully used lo0/127.0.0.2 for my mysql jail that > needed to be addressed only locally, but ONLY LOCALLY, no other > access. It may be possible to add a line similar to > 00100 divert 8668 ip from any to any in via xl0 > to my ipfw/NAT config, but being warned, I'm not going down that path. > > Since I moved my portbuild jail to bridge0/172.17.2.17 it works as > expected, without device mem! > And to boot I made errors when creating my aliases (ifconfig bridge0 > inet 172.17.2.17 netmask *172.17.2.255* in stead of 255.255.255.0) You can create lo1 if you want: ifconfig create lo1 ifconfig lo1 inet 172.17.2.17 netmask 255.255.255.0 in rc.conf cloned_interfaces="lo1" ifconfig_lo1="inet 172.17.2.17 netmask 255.255.255.0" And then use NAT / RDR in your favorite firewall (I am using PF) Miroslav Lachman
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?496630E9.1050600>