From owner-freebsd-virtualization@freebsd.org Wed Aug 12 11:33:11 2020 Return-Path: Delivered-To: freebsd-virtualization@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7B79937CF61 for ; Wed, 12 Aug 2020 11:33:11 +0000 (UTC) (envelope-from hausen@punkt.de) Received: from mail.punkt.de (mail.punkt.de [IPv6:2a00:b580:8000:11:1c6b:7032:35e9:5616]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BRSHp4F4zz3XQN for ; Wed, 12 Aug 2020 11:33:10 +0000 (UTC) (envelope-from hausen@punkt.de) Received: from [217.29.46.71] (kagate.punkt.de [217.29.33.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.punkt.de (Postfix) with ESMTPSA id 825EE26E98; Wed, 12 Aug 2020 13:33:02 +0200 (CEST) From: "Patrick M. Hausen" Message-Id: <036260EA-C5A3-411E-8FF0-271BE267E14B@punkt.de> Content-Type: multipart/signed; boundary="Apple-Mail=_32A4EF5F-E375-430E-B481-47119DC73DC1"; protocol="application/pgp-signature"; micalg=pgp-sha256 Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.15\)) Subject: Re: FreeBSD a server and bhyve Date: Wed, 12 Aug 2020 13:32:54 +0200 In-Reply-To: <0acc82ba-4779-f006-7ece-a003d0d0759c@nomadlogic.org> Cc: Odhiambo Washington , freebsd-virtualization@freebsd.org To: Pete Wright References: <1c1e71ea-9f4f-b4a6-c6bb-f7cd201c0182@gmx.at> <0acc82ba-4779-f006-7ece-a003d0d0759c@nomadlogic.org> X-Mailer: Apple Mail (2.3445.104.15) X-Rspamd-Queue-Id: 4BRSHp4F4zz3XQN X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of hausen@punkt.de designates 2a00:b580:8000:11:1c6b:7032:35e9:5616 as permitted sender) smtp.mailfrom=hausen@punkt.de X-Spamd-Result: default: False [-4.76 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; MV_CASE(0.50)[]; FROM_HAS_DN(0.00)[]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; HAS_ATTACHMENT(0.00)[]; DMARC_NA(0.00)[punkt.de]; R_SPF_ALLOW(-0.20)[+ip6:2a00:b580::/32]; NEURAL_HAM_LONG(-1.01)[-1.009]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-0.77)[-0.775]; NEURAL_HAM_MEDIUM(-1.07)[-1.071]; SIGNED_PGP(-2.00)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; ASN(0.00)[asn:16188, ipnet:2a00:b580::/32, country:DE]; FREEMAIL_CC(0.00)[gmail.com,freebsd.org]; RCVD_TLS_ALL(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Aug 2020 11:33:11 -0000 --Apple-Mail=_32A4EF5F-E375-430E-B481-47119DC73DC1 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Hi all, > Am 11.08.2020 um 22:15 schrieb Pete Wright : > this should be pretty straight forward - the first step would be to = setup the additional public IP's as virtual addresses on your NIC = similar to this: > https://www.freebsd.org/doc/handbook/configtuning-virtual-hosts.html >=20 > then setting up your firewall (pf or ipfw) to forward requests coming = in on one of those public IP's to the specific bhyve VM which is = listening on a private IP. this would be identical to hosting multiple = services on a single IP. >=20 > here's an example pf config that does the forwarding of SMTP on port = 25 to a VM using a private IP to give you an idea of what the syntax = would look like: > rdr pass on $ext_if inet proto tcp from any to 1.2.3.4 port =3D 25 -> = 10.1.0.10 port 25 Why so complicated? Why not just bridge the bhyve VM to the physical NIC and assign that additional IP address in the guest OS? At least that is what I do all the time ;-) Kind regards, Patrick -- punkt.de GmbH Patrick M. Hausen .infrastructure Kaiserallee 13a 76133 Karlsruhe Tel. +49 721 9109500 https://infrastructure.punkt.de info@punkt.de AG Mannheim 108285 Gesch=C3=A4ftsf=C3=BChrer: J=C3=BCrgen Egeling, Daniel Lienert, Fabian = Stein --Apple-Mail=_32A4EF5F-E375-430E-B481-47119DC73DC1 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEgzqrjO/mj9CSsTg2kG8u4u3aiVwFAl8z02YACgkQkG8u4u3a iVyBqAf/VXSA6FXPi77jnoqZSn24ayiDb9aF2DTaPsbEDVkLbMrqr/ojOuW/sz9u R2VNGJJR95zoLhypuC7aq9Csd3c6B7Z45nbK+pSvcwqyjgNPeNz04PcyTYUjknRx Fe+GA/5akm52wW5pz+/tg5J7AnlDmfUqoPNkOKgCh9dX5npe6oXUI2PiH3xy/CSB pO487vQFyxqfqPSv645LqKPIMj1WmeAcqjiYA6WS0AJJJmMSJ3/r5AduLcAKQUK1 0nDQIHlyJh6H3XuhYVfg6WboNiVrXXxcV0tTvcWfWxlt0JSFJfiQDTEmY03R0oTQ /bUSdCobQrSn75nwbEFEELu7XbTRAA== =FnJ7 -----END PGP SIGNATURE----- --Apple-Mail=_32A4EF5F-E375-430E-B481-47119DC73DC1--