From nobody Sun Jun 6 13:35:29 2021 X-Original-To: freebsd-jail@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id C07E994E2A4 for ; Sun, 6 Jun 2021 13:35:38 +0000 (UTC) (envelope-from freebsd-jail@dino.sk) Received: from mailhost.netlabit.sk (mailhost.netlabit.sk [84.245.65.72]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4FycvY59wcz4nC0 for ; Sun, 6 Jun 2021 13:35:37 +0000 (UTC) (envelope-from freebsd-jail@dino.sk) Received: from zeta.dino.sk (fw3.dino.sk [84.245.95.254]) (AUTH: LOGIN milan) by mailhost.netlabit.sk with ESMTPA; Sun, 06 Jun 2021 15:35:29 +0200 id 00F3A9DB.60BCCF21.00014884 Date: Sun, 6 Jun 2021 15:35:29 +0200 From: Milan Obuch To: freebsd-jail@freebsd.org Subject: jail.conf question (vnet.interface) Message-ID: <20210606153529.526c1675@zeta.dino.sk> X-Mailer: Claws Mail 3.17.8git86 (GTK+ 2.24.33; i386-portbld-freebsd11.4) List-Id: Discussion about FreeBSD jail(8) List-Archive: https://lists.freebsd.org/archives/freebsd-jail List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-jail@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4FycvY59wcz4nC0 X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of freebsd-jail@dino.sk designates 84.245.65.72 as permitted sender) smtp.mailfrom=freebsd-jail@dino.sk X-Spamd-Result: default: False [-3.30 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[84.245.65.72:from]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; DMARC_NA(0.00)[dino.sk]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[84.245.65.72:from:127.0.2.255]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-0.996]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; R_DKIM_NA(0.00)[]; ASN(0.00)[asn:5578, ipnet:84.245.64.0/18, country:SK]; MIME_TRACE(0.00)[0:+]; MAILMAN_DEST(0.00)[freebsd-jail]; RCVD_COUNT_TWO(0.00)[2] X-ThisMailContainsUnwantedMimeParts: N Hi, for vnet jails, one needs to move some interface into created virtual stack. In jail.conf, this could be achieved using jail0 {vnet; vnet.interface = re2; } and initialize moved interface using standard /etc/rc.conf configuration file in jail jail0. Adding small paragraph about this in jail.conf man page would be useful. I know it is in jail man page in some form, but it deserves mentioning this in example section in jail.conf man page. At least, this makes it easier to find for first comers :) (Well, that's not me, I am using vnet jails aka VIMAGE from the start as an experimental feature in FreeBSD 4 or 5, almost 20 years ago.) I need more interfaces moved this way. It is no problem issue manually ifconfig re3 vnet jail0 but trying to write jail0 {vnet; vnet.interface = re2; vnet.interface = re3; } in jail.conf means only re3 is moved and can be configured with standard rc.conf config file. First instance (re2) is kind of overwritten and forgotten. Is it possible to move more interfaces this way at all? I'd like to avoid any hacks if possible, and any workaround for this is ugly... Regards, Milan