Date: Fri, 03 Jan 2014 00:00:09 -0800 From: "Rudy (bulk)" <crapsh@monkeybrains.net> To: freebsd-jail@freebsd.org Subject: Allowing routing table visibility in jails to make multiple IPs work properly Message-ID: <52C66E09.80307@monkeybrains.net> In-Reply-To: <201311301000.rAUA00eG045983@freefall.freebsd.org> References: <201311301000.rAUA00eG045983@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
I'm having issues when putting multiple IPs on a jail... one external, one internal (on a different vlan). The source IP from the jail is always the first IP, so a solution is to use ipfw_nat to nat when using the internal vlan to the 'second ip'. Ugly hack. and it doesn't work when there is an MTU difference between the vlans: http://www.freebsd.org/cgi/query-pr.cgi?pr=184389 Re: kern/184389: libalias fails to adjust MTU from jails The other solution is to let the jail 'see' the routing table: devfs -m /data/example.monkeybrains.net/dev rule apply path kmem unhide devfs -m /data/example.monkeybrains.net/dev rule apply path mem unhide Is there anyway (or plans for) a method to reveal the routing table but not all of mem and kmem to the jail? Rudy
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?52C66E09.80307>