Date: Mon, 10 Jan 2011 18:14:30 +0100 From: Miroslav Lachman <000.fbsd@quip.cz> To: =?ISO-8859-1?Q?Peter_Ankerst=E5l?= <peter@pean.org> Cc: freebsd-jail@freebsd.org Subject: Re: Multiple interfaces Message-ID: <4D2B3E76.4060307@quip.cz> In-Reply-To: <4D2B2A3F.2040202@pean.org> References: <4D2B179C.8000408@pean.org> <E0642C16-03E9-4CBC-BADA-4ABC78B6C218@lassitu.de> <4D2B2A3F.2040202@pean.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Peter Ankerstål wrote: > On 01/10/11 16:45, Stefan Bethke wrote: >> Am 10.01.2011 um 15:28 schrieb Peter Ankerstål: >> >>> I want access to a public and a private network from a jail. >>> >>> Can I configure a jail with multiple interfaces? >> Yes, see rc.conf(5): >> jail_<jname>_ip >> (str) Unset by default. Set to the (primary) IPv4 and/or >> IPv6 address(es) assigned to the jail. The argument can be a >> sole address or a comma separated list of addresses. Addi- >> tionally each address can be prefixed by the name of an >> interface followed by a pipe to overwrite >> jail_<jname>_interface or jail_interface and/or suffixed by a >> netmask, prefixlen or prefix. In case no netmask, prefixlen >> or prefix is given, `/32' will be used for IPv4 and `/128' >> will be used for an IPv6 address. If no address is given for >> the jail then the jail will be started with no networking >> support. >> >> Assuming that the private and the public networks are attached to em0 >> and em1, respectively, you'd set >> jail_myjail_ip="em0|172.17.43.3,em1|192.0.2.27" >> in rc.conf. >> >> >> Stefan >> > Oh, thanks! > > Sorry about that. But the "pipe" part is very hard to miss in the manual. You don't need to specify interface name (em0,em1) if you do not use auto adding / removing IP addresses on interfaces (if you do not have jail_<jname>_interface). I have IP adresses defined in rc.conf in the standard way as ifconfig_bge1="inet ... ifconfig_bge1_alias0="inet ... ifconfig_nfe0="inet 192.168.22.56 netmask 255.255.255.0" ifconfig_nfe0_alias0="inet 192.168.22.57 netmask 255.255.255.0" jail_alpha_ip="1.2.3.4" jail_alpha_ip_multi0="192.168.22.57" or just jail_alpha_ip="1.2.3.4,192.168.22.57" The jail will use these addresses as they are on a different interfaces. Miroslav Lachman
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4D2B3E76.4060307>