From owner-freebsd-jail@freebsd.org Thu Oct 22 11:18:20 2020 Return-Path: Delivered-To: freebsd-jail@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 5AD634450E3 for ; Thu, 22 Oct 2020 11:18:20 +0000 (UTC) (envelope-from SRS0=ENPg=D5=perdition.city=julien@bebif.be) Received: from orval.bbpf.belspo.be (orval.bbpf.belspo.be [193.191.208.90]) by mx1.freebsd.org (Postfix) with ESMTP id 4CH4bv1zz1z3VQg for ; Thu, 22 Oct 2020 11:18:18 +0000 (UTC) (envelope-from SRS0=ENPg=D5=perdition.city=julien@bebif.be) Received: from x1 (77.109.96.18.adsl.dyn.edpnet.net [77.109.96.18]) by orval.bbpf.belspo.be (Postfix) with ESMTPSA id D41DB1D4FC1F for ; Thu, 22 Oct 2020 13:18:11 +0200 (CEST) Date: Thu, 22 Oct 2020 13:18:08 +0200 From: Julien Cigar To: freebsd-jail@freebsd.org Subject: VNET jails + VLAN over LAGG Message-ID: <20201022111808.jokw2nfxvmvrw5d6@x1> Mail-Followup-To: freebsd-jail@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline X-Rspamd-Queue-Id: 4CH4bv1zz1z3VQg X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of SRS0=ENPg=D5=perdition.city=julien@bebif.be designates 193.191.208.90 as permitted sender) smtp.mailfrom=SRS0=ENPg=D5=perdition.city=julien@bebif.be X-Spamd-Result: default: False [-0.16 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.69)[-0.690]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-jail@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-0.43)[-0.435]; MID_RHS_NOT_FQDN(0.50)[]; NEURAL_SPAM_SHORT(0.36)[0.363]; DMARC_NA(0.00)[perdition.city]; FORGED_SENDER(0.30)[julien@perdition.city,SRS0=ENPg=D5=perdition.city=julien@bebif.be]; RCVD_NO_TLS_LAST(0.10)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:2611, ipnet:193.191.192.0/19, country:BE]; FROM_NEQ_ENVFROM(0.00)[julien@perdition.city,SRS0=ENPg=D5=perdition.city=julien@bebif.be]; MAILMAN_DEST(0.00)[freebsd-jail]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Oct 2020 11:18:20 -0000 Hello, I've a lagg0 interface with three ports: igb0,igb1,igb2 (with LACP). On top of that I've several VLAN interfaces: vlan10, vlan11, vlan12 with vlandev lagg0. All those vlans have ip addresses and one of them shares also a vhid (through CARP). Translated in ifconfig/rc.conf it gives (1) Currently I've several jails, all non-VNET, and I'd like to add a bunch of VNET jails through epair and bridge. I'm wondering how should it be done regarding the VLAN/LAGG interface(s).. (given that non-VNET jails should continue to work too)? Some things I wonder: - If I'm adding a vlan interface to a bridge, I guess the IP addresses should be moved to the bridge, right? How will behave the non-VNET jails..? How will behave the vhid on the HOST? Should I add a tap interface in the HOST on top of the bridge too? - From what I can read the best is to create one bridge per vlan, adding the corresponding HOST vlan and the epairxa, is this correct? Thanks, Julien (1) https://gist.githubusercontent.com/silenius/6066696fe78c95177548319f125d9c44/raw/0319e4d1cad33201ea66e2258a74f8349116fbc9/gistfile1.txt -- Julien Cigar Belgian Biodiversity Platform (http://www.biodiversity.be) PGP fingerprint: EEF9 F697 4B68 D275 7B11 6A25 B2BB 3710 A204 23C0 No trees were killed in the creation of this message. However, many electrons were terribly inconvenienced.