From owner-freebsd-questions@FreeBSD.ORG Thu Jan 4 14:26:36 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 29BC916A403 for ; Thu, 4 Jan 2007 14:26:36 +0000 (UTC) (envelope-from andras@gelanyi.hu) Received: from mail.info2k1.hu (info2k1.hu [193.202.88.78]) by mx1.freebsd.org (Postfix) with ESMTP id DC18D13C45D for ; Thu, 4 Jan 2007 14:26:31 +0000 (UTC) (envelope-from andras@gelanyi.hu) Received: from www.jail.info2k1.hu ([10.0.0.2] helo=localhost) by mail.info2k1.hu with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1H2TXg-000995-Uz; Thu, 04 Jan 2007 15:26:11 +0100 MIME-Version: 1.0 Date: Thu, 4 Jan 2007 15:26:04 +0100 From: Andras GELANYI To: Nikos Vassiliadis In-Reply-To: <200701041354.22967.nvass@teledomenet.gr> References: <200701041354.22967.nvass@teledomenet.gr> X-Priority: 5 (Lowest) Message-ID: X-Sender: andras@gelanyi.hu User-Agent: RoundCube Webmail/0.1b Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 8bit Cc: freebsd-questions@freebsd.org Subject: Re: vpn client (pptp) inside a jail X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Jan 2007 14:26:36 -0000 On Thu, 4 Jan 2007 13:54:22 +0200, Nikos Vassiliadis wrote: >> Anyway. Could someone tell me whether it is possible or not? >> Does anyone know a solution for assigning a jail to a trusted network >> through a tunnel without any influence on the base system's networking? > > I can use my pptp address from within a jail, of course the tunnel is > already > up and visible to the base system. You can also get the "secondary IP > address > effect" for your jail using a loopback interface. For example: > ng0 1.2.3.4 <-> 5.6.7.8 > lo1 9.10.11.12 > 9.10.11.12 would also be your jail address, totally unrelated to the > tunnel. > > I am not sure what you are looking for. Perhaps > you should explain a bit further. Nikos > i do not really have a complete plan at the moment but an idea to use a jail on my remote system as a sandbox. i mean i would like to set up a jail and use it (sometimes) as client / virtual machine in a remote network through some kind of tunneling without any modification to the base system and sometimes as a regular host to test and compile some completelydifferent stuff. i suspect that it is impossible but it might look like as configuring a pseudo device (eg gre) and use only pure ip traffic through the base system's nat until the jail's endpoint. to be honest i am pretty new to freebsd jails so i might be wromg. so please correct me if you know more. :) of course the best solution would be to use true virtualization. anyway do you know anything about the xen dom0 status on freebsd x86 smp? :) andras