From owner-freebsd-questions@FreeBSD.ORG Wed Nov 28 14:06:05 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BF30316A41A for ; Wed, 28 Nov 2007 14:06:05 +0000 (UTC) (envelope-from felix.langelier@notarius.com) Received: from emma.notarius.com (emma.notarius.com [207.253.43.122]) by mx1.freebsd.org (Postfix) with ESMTP id 764CC13C478 for ; Wed, 28 Nov 2007 14:06:05 +0000 (UTC) (envelope-from felix.langelier@notarius.com) Received: from emilie.notarius.lan ([172.25.1.59]) by emma.notarius.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 28 Nov 2007 08:54:03 -0500 X-MIMEOLE: Produced By Microsoft Exchange V6.5 x-cr-puzzleid: {36490285-3625-4789-88AF-B8974404812E} MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable x-cr-hashedpuzzle: A2+5 BMBy B28I CE6k CZw5 Cji6 Dyg+ D0VX EbMZ Ef3N Emby E88i HJo4 Hfrm JED7 KSYM; 1; ZgByAGUAZQBiAHMAZAAtAHEAdQBlAHMAdABpAG8AbgBzAEAAZgByAGUAZQBiAHMAZAAuAG8AcgBnAA==; Sosha1_v1; 7; {36490285-3625-4789-88AF-B8974404812E}; ZgBlAGwAaQB4AC4AbABhAG4AZwBlAGwAaQBlAHIAQABuAG8AdABhAHIAaQB1AHMALgBjAG8AbQA=; Wed, 28 Nov 2007 13:46:13 GMT; TgBlAHQAdwBvAHIAawAgAEMAbwBuAGYAaQBnAHUAcgBhAHQAaQBvAG4AIAB3AGkAdABoACAASgBhAGkAbABzAC4A Content-class: urn:content-classes:message Date: Wed, 28 Nov 2007 08:54:03 -0500 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Network Configuration with Jails. Thread-index: AcgxVTsC9Nncf+oFTEmzcldc+nTXMA== From: =?iso-8859-1?Q?F=E9lix_Langelier?= To: X-OriginalArrivalTime: 28 Nov 2007 13:54:03.0550 (UTC) FILETIME=[22B2FBE0:01C831C6] Subject: Network Configuration with Jails. X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Nov 2007 14:06:05 -0000 Hello, I run a FreeBSD Jailer and I want to have multiple jails in 2 seperate = networks. The server has 2 network interfaces and each of them are = connected in a different network. Say vlan1 and vlan2. My problem is that all the network traffic is going through the first = interface (vlan1). What I need is that a jail in vlan1 can't communicate = with a jail in vlan2 (and vice-versa). Is it possible to split the network traffic in the right interfaces and = use a diffrent default gateway for each of them ? Here is my /etc/rc.d configuration. defaultrouter=3D"192.168.1.1" static_routes=3D"vlan1 vlan2" route_vlan1=3D"-net 192.168.1.0/24 192.168.1.1" route_vlan2=3D"-net 192.168.2.0/24 192.168.2.1" # vlan1 interface config. ifconfig_bge0=3D"inet 192.168.1.10 netmask 255.255.255.0" ifconfig_bge0_alias0=3D"192.168.1.11 netmask 255.255.255.255" # vlan2 interface config. ifconfig_bge1=3D"inet 192.168.2.10 netmask 255.255.255.0" ifconfig_bge1_alias0=3D"inet 192.168.2.11 netmask 255.255.255.255" =20 I tried to remove the default gateway but then the server was = unreachable. I am thinking of using pf to resolve my issue.=20 Any suggestions or ideas ? Thanks in advance for your help. -- Felix Langelier Unix Sysadmin felix.langelier@notarius.com