Date: Tue, 1 Dec 2015 15:48:25 +1000 From: Nathan Aherne <nathan@vuid.com> To: Julian Elischer <julian@freebsd.org> Cc: freebsd-net@freebsd.org Subject: Re: vimage and jail networking Message-ID: <5101F264-B28E-42D0-8C21-623D6C01DFB6@vuid.com> In-Reply-To: <565D17D2.1090007@freebsd.org> References: <8538858C-BE02-489A-BC1B-2315AC18AD3F@vuid.com> <565D17D2.1090007@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Thank you for helping me to understand vimage better Julian! I have read = all three links you posted a number of times. I use iocage for jail management and it uses epair. =46rom your comments = it seems you recommend netgraph? This is the link to the iocage image instructions - = https://iocage.readthedocs.org/en/latest/networking.html#configuring-a-vne= t-jail = <https://iocage.readthedocs.org/en/latest/networking.html#configuring-a-vn= et-jail>. It seems that iocage does a number of things automatically or = at least I am still confused on how to use iocage and vimage to have = multiple jails share a single public (external) IP. I will continue to = read the links you sent me in the hopes that the ahah moment comes to = me. Regards, Nathan > On 1 Dec 2015, at 1:45 pm, Julian Elischer <julian@freebsd.org> wrote: >=20 > On 1/12/2015 8:32 AM, Nathan Aherne wrote: >> Hi Everyone! >>=20 >> I am having trouble getting my head around vimage and jail = networking. I would like for my jails to have private IPs (10.0.0.0/24) = and only use a single public IP. >>=20 >> I am having a hard time finding tutorials or information on how to = structure my network. My first thoughts were to clone the loopback = interface (have the jails on it) but then I get lost with how to = configure the bridging. I found this tutorial on the subject - = http://wiki.polymorf.fr/index.php/Howto:FreeBSD_jail_vnet = <http://wiki.polymorf.fr/index.php/Howto:FreeBSD_jail_vnet>; but I am = unsure how the bridging works as the bridge interface does not seem to = be bridged to anything. >>=20 >> I would really appreciate it if someone could point me in the correct = direction. >=20 > It seems to me you are thinking of it in the wrong way. > think of the vimage jails as completely separate machines. > they are connected by virtual point-to-point networks (if you use = epair) or by a virtual ethernet (if you use netgraph). >=20 > how would you do it if you had one nat router and a bunch of real = machines on the 10 network behind it? >=20 > check out, amongst other things: = http://devinteske.com/wp/vimage-jails-on-freebsd-8/ > also please first look on your own machine in = /usr/share/examples/netgraph and especially look at the > virtual.chain and virtual.lan examples > I think they do exactly what you want. >=20 >=20 >>=20 >> Regards, >>=20 >> Nathan >> _______________________________________________ >> freebsd-net@freebsd.org mailing list >> https://lists.freebsd.org/mailman/listinfo/freebsd-net >> To unsubscribe, send any mail to = "freebsd-net-unsubscribe@freebsd.org" >>=20 >=20
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5101F264-B28E-42D0-8C21-623D6C01DFB6>