Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 13 Apr 2012 14:53:49 -0600
From:      "Chad Leigh Shire.Net LLC" <>
To:        FreeBSD Mailing List <>
Subject:   Re: Changes in Jails from FreeBSD 6 to FreeBSD 9 -- particularly, networking and routing
Message-ID:  <>
In-Reply-To: <op.wcpyqodb34t2sn@tech304>
References:  <> <op.wcpyqodb34t2sn@tech304>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help

On Apr 13, 2012, at 1:50 PM, Mark Felder wrote:

> Do I understand this right?
> Working in FreeBSD 6.x:
> interface em0:  <-- public IP, host only
>   <-- private IP, host only
>   <-- Jail #1
>   <-- Jail #2
> With this configuration you had no problems accessing the internet =
from the jails.


(not that it did not matter I don't think is the private IP, host only =
exists and ALL IP exist on the host in addition to whatever Jail they =
are assigned to)

> Is this correct? This seems bizarre; this should only be possible if =
you're doing NAT somewhere in there and that is not possible with Jails =
v1 (which share a network stack) and is only possible in Jails v2 =

No NAT needed since they share the network stack under Jails v1 they =
share the routing tables.  It works.  Try it.

The question is, is it possible to do something similar with FreeBSD 9 =
jails (v2 I guess) without the overhead of running NAT?   The jail with =
the private IP *can* access the HOST's public services but not anyone =


Want to link to this message? Use this URL: <>