From owner-freebsd-net@freebsd.org  Tue Dec  1 05:48:31 2015
Return-Path: <owner-freebsd-net@freebsd.org>
Delivered-To: freebsd-net@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6A93CA3EE51
 for <freebsd-net@mailman.ysv.freebsd.org>;
 Tue,  1 Dec 2015 05:48:31 +0000 (UTC) (envelope-from nathan@vuid.com)
Received: from mail.7sq.com.au (mail.7sq.com.au [119.148.74.199])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 168451456;
 Tue,  1 Dec 2015 05:48:30 +0000 (UTC) (envelope-from nathan@vuid.com)
Received: from localhost (localhost [127.0.0.1])
 by mail.7sq.com.au (Postfix) with ESMTP id C05032C3241;
 Tue,  1 Dec 2015 15:43:53 +1000 (AEST)
Received: from mail.7sq.com.au ([127.0.0.1])
 by localhost (mail.7sq.com.au [127.0.0.1]) (amavisd-new, port 10032)
 with ESMTP id YGmm1JZ6vwAY; Tue,  1 Dec 2015 15:43:53 +1000 (AEST)
Received: from localhost (localhost [127.0.0.1])
 by mail.7sq.com.au (Postfix) with ESMTP id 817F12C3319;
 Tue,  1 Dec 2015 15:43:53 +1000 (AEST)
X-Virus-Scanned: amavisd-new at mail.7sq.com.au
Received: from mail.7sq.com.au ([127.0.0.1])
 by localhost (mail.7sq.com.au [127.0.0.1]) (amavisd-new, port 10026)
 with ESMTP id xt5hV78Tt43u; Tue,  1 Dec 2015 15:43:53 +1000 (AEST)
Received: from [192.168.156.153] (reddog2.lnk.telstra.net [110.142.196.96])
 by mail.7sq.com.au (Postfix) with ESMTPSA id A700B2C3241;
 Tue,  1 Dec 2015 15:43:52 +1000 (AEST)
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2104\))
Subject: Re: vimage and jail networking
From: Nathan Aherne <nathan@vuid.com>
In-Reply-To: <565D17D2.1090007@freebsd.org>
Date: Tue, 1 Dec 2015 15:48:25 +1000
Cc: freebsd-net@freebsd.org
Message-Id: <5101F264-B28E-42D0-8C21-623D6C01DFB6@vuid.com>
References: <8538858C-BE02-489A-BC1B-2315AC18AD3F@vuid.com>
 <565D17D2.1090007@freebsd.org>
To: Julian Elischer <julian@freebsd.org>
X-Mailer: Apple Mail (2.2104)
Content-Type: text/plain;
	charset=windows-1252
Content-Transfer-Encoding: quoted-printable
X-Content-Filtered-By: Mailman/MimeDel 2.1.20
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Dec 2015 05:48:31 -0000

Thank you for helping me to understand vimage better Julian! I have read =
all three links you posted a number of times.

I use iocage for jail management and it uses epair. =46rom your comments =
it seems you recommend netgraph?

This is the link to the iocage image instructions - =
https://iocage.readthedocs.org/en/latest/networking.html#configuring-a-vne=
t-jail =
<https://iocage.readthedocs.org/en/latest/networking.html#configuring-a-vn=
et-jail>. It seems that iocage does a number of things automatically or =
at least I am still confused on how to use iocage and vimage to have =
multiple jails share a single public (external) IP. I will continue to =
read the links you sent me in the hopes that the ahah moment comes to =
me.

Regards,

Nathan

> On 1 Dec 2015, at 1:45 pm, Julian Elischer <julian@freebsd.org> wrote:
>=20
> On 1/12/2015 8:32 AM, Nathan Aherne wrote:
>> Hi Everyone!
>>=20
>> I am having trouble getting my head around vimage and jail =
networking. I would like for my jails to have private IPs (10.0.0.0/24) =
and only use a single public IP.
>>=20
>> I am having a hard time finding tutorials or information on how to =
structure my network. My first thoughts were to clone the loopback =
interface (have the jails on it) but then I get lost with how to =
configure the bridging. I found this tutorial on the subject - =
http://wiki.polymorf.fr/index.php/Howto:FreeBSD_jail_vnet =
<http://wiki.polymorf.fr/index.php/Howto:FreeBSD_jail_vnet> but I am =
unsure how the bridging works as the bridge interface does not seem to =
be bridged to anything.
>>=20
>> I would really appreciate it if someone could point me in the correct =
direction.
>=20
> It seems to me you are thinking of it in the wrong way.
> think of the vimage jails as completely separate machines.
> they are connected by virtual point-to-point networks (if you use =
epair) or by a virtual ethernet (if you use netgraph).
>=20
> how would you do it if you had  one nat router and a bunch of real =
machines on the 10 network behind it?
>=20
> check out, amongst  other things: =
http://devinteske.com/wp/vimage-jails-on-freebsd-8/
> also please first look on your own machine in =
/usr/share/examples/netgraph and especially look at the
> virtual.chain and virtual.lan examples
> I think they do exactly what you want.
>=20
>=20
>>=20
>> Regards,
>>=20
>> Nathan
>> _______________________________________________
>> freebsd-net@freebsd.org mailing list
>> https://lists.freebsd.org/mailman/listinfo/freebsd-net
>> To unsubscribe, send any mail to =
"freebsd-net-unsubscribe@freebsd.org"
>>=20
>=20