From owner-freebsd-jail@FreeBSD.ORG Wed Feb 6 00:11:12 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8A64A16A418 for ; Wed, 6 Feb 2008 00:11:12 +0000 (UTC) (envelope-from glen.j.barber@gmail.com) Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.183]) by mx1.freebsd.org (Postfix) with ESMTP id 4928113C455 for ; Wed, 6 Feb 2008 00:11:12 +0000 (UTC) (envelope-from glen.j.barber@gmail.com) Received: by py-out-1112.google.com with SMTP id u52so3994805pyb.10 for ; Tue, 05 Feb 2008 16:11:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; bh=uQ1KJXGoN1tnPnIOrpbk/J3sayTdX4Y962XtEQmvuhg=; b=pR9Dvx5t3TXY32dmnfwhtxoHK16xLWBkuy4E1BujiNqx/nWVe8dpCNCZLfSMHSR9fvt91Qr5wwwbJaqbx7a31Mzr+u1Fp6hywhlm4BTXxR25iFlKqJGqXYYo54ClutVj4Uomx5dmttFrRsb6A+SnY+7JvUL4fDT4aAxle6QXxnw= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=deT34RSSb6a4hl38r5poCAGWdNwua+EKnV/G1d+sAhRrrWY6oLJr+4tLv+z0ADhnZwdNjthY9Z2m1zav48rwtMiWEG/LTwERZOhUKnIiSnBxZmH8stkDemZlB9PYyT56IszU6rJmU3LGe2sInUUgJtzBlkfOPBCWYnxqbzBYLaQ= Received: by 10.64.243.10 with SMTP id q10mr17086869qbh.15.1202256671061; Tue, 05 Feb 2008 16:11:11 -0800 (PST) Received: by 10.65.230.6 with HTTP; Tue, 5 Feb 2008 16:11:11 -0800 (PST) Message-ID: <4ad871310802051611md09347bm3a6b35d44b84e2bd@mail.gmail.com> Date: Tue, 5 Feb 2008 19:11:11 -0500 From: "Glen Barber" To: Albert.Shih@obspm.fr In-Reply-To: <20080205162327.GF94606@pcjas.obspm.fr> MIME-Version: 1.0 References: <20080205162327.GF94606@pcjas.obspm.fr> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-jail@freebsd.org, freebsd-questions@freebsd.org Subject: Re: How to use two interface with jail X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Feb 2008 00:11:12 -0000 On Feb 5, 2008 11:23 AM, Albert Shih wrote: > Hi all > > I've a server to run FreeBSD 7.0 with jail. > > On the server the are two physical interfaces. > > This two interfaces are on two different ip subnet. > > All jail are on the second interface > > How can I make > > all traffic from the server/for the server pass through the first > interface > > all traffic from the jail /for the jail pass through the second > interface. > > In fact : How can make two =ABdefault router=BB on for the server, anothe= r for > all jail. > > Regards > What I did on a test server was use 1 interface for tx/rx data, and a 'dummy' device, a physical, unattached card, and assigned it an IP in /etc/rc.conf. ## LAN ifconfig_ndis0=3D"DHCP" ## Jail LAN ifconfig_bfe0=3D"inet 10.0.0.2 netmask 255.255.255.255" ifconfig_bfe0_alias0=3D"inet 10.0.0.3 netmask 255.255.255.255" I then used pf to route data. I wrote a small tutorial on this, perhaps the concept will help you: http://www.dev-urandom.com/freebsd/jail_conf HTH --=20 Glen Barber