Date: Sun, 25 May 2008 22:41:32 +0200 From: Geoffroy DESVERNAY <dgeo@ec-marseille.fr> To: Steven Hartland <killing@multiplay.co.uk>, freebsd-jail@freebsd.org Subject: Re: Jail resource limits Message-ID: <4839CEFC.1050605@ec-marseille.fr> In-Reply-To: <8068148B75CB4B3E953144A0DF47E496@multiplay.co.uk> References: <822C1BB6-3591-4CE1-AFEA-8B07B9F5ED8D@pean.org><483556DB.9070602@quip.cz><08244555-5BD2-4F67-B311-CCC5E316A068@pean.org> <20080522165219.D47338@maildrop.int.zabbadoz.net> <8068148B75CB4B3E953144A0DF47E496@multiplay.co.uk>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] Steven Hartland a écrit : > This is something we're really looking forward to tbh a great > feature :) One of the reasons for this is hosting jails, with > the addition of multi IP support we will be able to enable > jails to connect to "backdoor" secure services such as a > mysql server. > We are already doing this (sql on a separated(physical) LAN, but jail don't need a second interface for that: the real host's routing table is used for outgoing packets. Note we still need a static route on the SQL server for the packets to come back the same way I still don't know if this behaviour is the better one (one may think that jail's packets should not go through different interface ?), but it works quite well ;) That said, we are interested in testing IPv6 and limitation stuff on i386/amd64 machines... But not able to code (I may discover a missing ';' bug, not not much more ;) -- Geoffroy Desvernay Ecole Centrale de Marseille [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIOc78GbFYzwF8gKoRAhzTAKCZvRfDyDzoqdfi0dEWns43UdP72ACfbvfb tq/DO0w9WHtrh//BNwRxSyQ= =zu1Q -----END PGP SIGNATURE-----home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4839CEFC.1050605>