From owner-freebsd-jail@FreeBSD.ORG Sun May 25 21:00:00 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6ED21106566C for ; Sun, 25 May 2008 21:00:00 +0000 (UTC) (envelope-from dgeo@ec-marseille.fr) Received: from tac.ec-marseille.fr (tac.ec-marseille.fr [147.94.19.13]) by mx1.freebsd.org (Postfix) with ESMTP id 161F78FC24 for ; Sun, 25 May 2008 20:59:59 +0000 (UTC) (envelope-from dgeo@ec-marseille.fr) Received: from localhost (amavis2.serv.int [10.3.0.46]) by tac.ec-marseille.fr (IronQ 1024 STF) with ESMTP id 4111E1D1CF5; Sun, 25 May 2008 22:41:53 +0200 (CEST) X-Virus-Scanned: amavisd-new at ec-marseille.fr Received: from tac.ec-marseille.fr ([10.3.0.11]) by localhost (amavis2.egim-mrs.fr [10.3.0.46]) (amavisd-new, port 10024) with LMTP id 2QupRJyUyjX1; Sun, 25 May 2008 22:41:53 +0200 (CEST) Received: from [10.0.3.10] (schizoII.ec-marseille.fr [147.94.19.24]) (Authenticated sender: dgeo) by tac.ec-marseille.fr (IronQ 1024 STF) with ESMTPSA id 642831D1C7C; Sun, 25 May 2008 22:41:46 +0200 (CEST) Message-ID: <4839CEFC.1050605@ec-marseille.fr> Date: Sun, 25 May 2008 22:41:32 +0200 From: Geoffroy DESVERNAY User-Agent: Thunderbird 2.0.0.14 (X11/20080505) MIME-Version: 1.0 To: Steven Hartland , freebsd-jail@freebsd.org References: <822C1BB6-3591-4CE1-AFEA-8B07B9F5ED8D@pean.org><483556DB.9070602@quip.cz><08244555-5BD2-4F67-B311-CCC5E316A068@pean.org> <20080522165219.D47338@maildrop.int.zabbadoz.net> <8068148B75CB4B3E953144A0DF47E496@multiplay.co.uk> In-Reply-To: <8068148B75CB4B3E953144A0DF47E496@multiplay.co.uk> X-Enigmail-Version: 0.95.0 OpenPGP: id=017C80AA Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig280BA4CFB11DF0A721CEA420" Cc: Subject: Re: Jail resource limits X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 May 2008 21:00:00 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig280BA4CFB11DF0A721CEA420 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Steven Hartland a =E9crit : > This is something we're really looking forward to tbh a great > feature :) One of the reasons for this is hosting jails, with > the addition of multi IP support we will be able to enable > jails to connect to "backdoor" secure services such as a > mysql server. >=20 We are already doing this (sql on a separated(physical) LAN, but jail don't need a second interface for that: the real host's routing table is used for outgoing packets. Note we still need a static route on the SQL server for the packets to come back the same way I still don't know if this behaviour is the better one (one may think that jail's packets should not go through different interface ?), but it works quite well ;) That said, we are interested in testing IPv6 and limitation stuff on i386/amd64 machines... But not able to code (I may discover a missing ';' bug, not not much more ;) --=20 Geoffroy Desvernay Ecole Centrale de Marseille --------------enig280BA4CFB11DF0A721CEA420 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIOc78GbFYzwF8gKoRAhzTAKCZvRfDyDzoqdfi0dEWns43UdP72ACfbvfb tq/DO0w9WHtrh//BNwRxSyQ= =zu1Q -----END PGP SIGNATURE----- --------------enig280BA4CFB11DF0A721CEA420--