Date: Sat, 4 Jan 2014 01:10:14 +1100 (EST) From: Ian Smith <smithi@nimnet.asn.au> To: Alejandro Imass <aimass@yabarana.com> Cc: freebsd-jail@freebsd.org Subject: Re: Allowing routing table visibility in jails to make multiple IPs work properly Message-ID: <20140104005845.V35277@sola.nimnet.asn.au> In-Reply-To: <CAHieY7R_M95UxVX=sY%2B32hF1JUiC4tw2eRko7tNswChN8cw%2BZw@mail.gmail.com> References: <201311301000.rAUA00eG045983@freefall.freebsd.org> <52C66E09.80307@monkeybrains.net> <CAHieY7R_M95UxVX=sY%2B32hF1JUiC4tw2eRko7tNswChN8cw%2BZw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 3 Jan 2014 08:05:55 -0500, Alejandro Imass wrote: > On Fri, Jan 3, 2014 at 3:00 AM, Rudy (bulk) <crapsh@monkeybrains.net> wrote: > > > > I'm having issues when putting multiple IPs on a jail... one external, one > > internal (on a different vlan). The source IP from the jail is always the > > first IP, so a solution is to use ipfw_nat to nat when using the internal > > vlan to the 'second ip'. Ugly hack. and it doesn't work when there is an > > MTU difference between the vlans: > > > > Greetings Rudy, > > I had the same exact problem and found that the problem is natd. > Actually it is mentioned in natd's documentation. Alejandro, hi, can you point out where in natd(8) it indicates .. what exactly? > If you want to get rid of this problem you need to get rid of natd and > nat your jail traffic with some other means. Kernel nat should be a > solution but I've never gotten around to test if it actually solves > the problem. Please share if you find a way to fix this. I may have missed it, but I've yet to see anyone report any functional differences between natd and ipfw_nat, ie of something working in one but not the other. Both use the underlying libalias(3) after all. cheers, Ian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20140104005845.V35277>