Date: Tue, 29 May 2012 09:20:28 -0700 From: Julian Elischer <julian@freebsd.org> To: darrenr@freebsd.org Cc: freebsd-net@freebsd.org, Nikos Vassiliadis <nvass@gmx.com> Subject: Re: Point-to-point connection between jails? Message-ID: <4FC4F74C.4080104@freebsd.org> In-Reply-To: <4FC4802E.4070105@freebsd.org> References: <4FC36377.1080306@freebsd.org> <4FC3818A.8080801@gmx.com> <4FC3882C.5030105@freebsd.org> <4FC410A9.4000502@freebsd.org> <4FC4802E.4070105@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 5/29/12 12:52 AM, Darren Reed wrote: > On 29/05/2012 9:56 AM, Julian Elischer wrote: >> On 5/28/12 7:14 AM, Darren Reed wrote: >>> On 28/05/2012 11:45 PM, Nikos Vassiliadis wrote: >>>> On 5/28/2012 1:37 PM, Darren Reed wrote: >>>>> I've looked through the list of network interfaces that are >>>>> supported with FreeBSD and none seem to meet my needs. What >>>>> I want is a network interface that I can configure up in >>>>> jail A with address 10.1.1.1 and for which I can configure >>>>> a mate in jail B with the address 10.2.2.2 and use the >>>>> network interface as the means by which two jails can >>>>> directly communicate with each other without the need to >>>>> send any packets out of the machine. Or another way to do >>>>> this would be to have a virtual network (something like the >>>>> "internal network" that VirtualBox has or the host only >>>>> network supported by VMWware Workstation) defined somewhere >>>>> and for there to be a specific driver that could be >>>>> configured and attached to a jail and that virtual network >>>>> so that you could have N:M communication between jails. >>>>> >>>>> Is what I'm looking for already present and google is failing >>>>> me or is the above functionality the basis for future work, >>>>> be it planned or otherwise? >>>> It seems like a loopback interface does this. >>>> >>>> root@raidmadi:/home/nik # jls >>>> JID IP Address Hostname Path >>>> 3 10.2.3.4 / >>>> 4 10.7.3.4 / >>>> root@raidmadi:/home/nik # ifconfig lo1 >>>> lo1: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 >>>> options=3<RXCSUM,TXCSUM> >>>> inet 10.2.3.4 netmask 0xff000000 >>>> inet 10.7.3.4 netmask 0xff000000 >>>> root@raidmadi:/home/nik # >>>> >>>> Maybe you want 'real' isolation? like with epair and VIMAGE? >>> Yes, I was after real isolation but this might work. >> what you want is epair which is a pseudo driver pair, >> specifically designed to connect two vimage jails to each other. > Yes, that's it. A good example of using epairs can be found here: > http://zewaren.net/site/?q=node/71 though you don't need the bridge part if you don't want your jail bridged through to the internet. You can also achieve the same thing using netgraph. > Something like this should be documented better on freebsd.org. > > Darren > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4FC4F74C.4080104>