Date: Tue, 29 May 2012 17:52:14 +1000 From: Darren Reed <darrenr@freebsd.org> To: Julian Elischer <julian@freebsd.org> Cc: freebsd-net@freebsd.org, Nikos Vassiliadis <nvass@gmx.com> Subject: Re: Point-to-point connection between jails? Message-ID: <4FC4802E.4070105@freebsd.org> In-Reply-To: <4FC410A9.4000502@freebsd.org> References: <4FC36377.1080306@freebsd.org> <4FC3818A.8080801@gmx.com> <4FC3882C.5030105@freebsd.org> <4FC410A9.4000502@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 29/05/2012 9:56 AM, Julian Elischer wrote: > On 5/28/12 7:14 AM, Darren Reed wrote: >> On 28/05/2012 11:45 PM, Nikos Vassiliadis wrote: >>> On 5/28/2012 1:37 PM, Darren Reed wrote: >>>> I've looked through the list of network interfaces that are >>>> supported with FreeBSD and none seem to meet my needs. What >>>> I want is a network interface that I can configure up in >>>> jail A with address 10.1.1.1 and for which I can configure >>>> a mate in jail B with the address 10.2.2.2 and use the >>>> network interface as the means by which two jails can >>>> directly communicate with each other without the need to >>>> send any packets out of the machine. Or another way to do >>>> this would be to have a virtual network (something like the >>>> "internal network" that VirtualBox has or the host only >>>> network supported by VMWware Workstation) defined somewhere >>>> and for there to be a specific driver that could be >>>> configured and attached to a jail and that virtual network >>>> so that you could have N:M communication between jails. >>>> >>>> Is what I'm looking for already present and google is failing >>>> me or is the above functionality the basis for future work, >>>> be it planned or otherwise? >>> It seems like a loopback interface does this. >>> >>> root@raidmadi:/home/nik # jls >>> JID IP Address Hostname Path >>> 3 10.2.3.4 / >>> 4 10.7.3.4 / >>> root@raidmadi:/home/nik # ifconfig lo1 >>> lo1: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 >>> options=3<RXCSUM,TXCSUM> >>> inet 10.2.3.4 netmask 0xff000000 >>> inet 10.7.3.4 netmask 0xff000000 >>> root@raidmadi:/home/nik # >>> >>> Maybe you want 'real' isolation? like with epair and VIMAGE? >> Yes, I was after real isolation but this might work. > > what you want is epair which is a pseudo driver pair, > specifically designed to connect two vimage jails to each other. Yes, that's it. A good example of using epairs can be found here: http://zewaren.net/site/?q=node/71 Something like this should be documented better on freebsd.org. Darren
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4FC4802E.4070105>