From owner-freebsd-jail@freebsd.org  Sun May 29 15:18:28 2016
Return-Path: <owner-freebsd-jail@freebsd.org>
Delivered-To: freebsd-jail@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 969A1B53925
 for <freebsd-jail@mailman.ysv.freebsd.org>;
 Sun, 29 May 2016 15:18:28 +0000 (UTC)
 (envelope-from juanperiz@yahoo.com.ar)
Received: from nm50-vm1.bullet.mail.gq1.yahoo.com
 (nm50-vm1.bullet.mail.gq1.yahoo.com [67.195.87.241])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 713C31D8F
 for <freebsd-jail@freebsd.org>; Sun, 29 May 2016 15:18:27 +0000 (UTC)
 (envelope-from juanperiz@yahoo.com.ar)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com.ar; s=s2048;
 t=1464535101; bh=ana10InN59pWiUlA8ZYy48PLl3kWmlMOHdgLbmfWFVw=;
 h=Date:From:Reply-To:To:Subject:References:From:Subject;
 b=KG8Ng/ZG+8R3owVyAmkF0NwwY9+AzHdP5p18gGpwBOq9AIRNYEwrTj9NQ0qvom5A3+rG/88wBFtOid3+SPeXXMII4b/tJadvptrVtP77RBRvW2XxQdwXjKiSGQf4MEpaVLPHMb8qPdZjudGTgyfGPRPW2HXimPqpiqPqpcjqz9oC8Pq0QmjKr7t/+F0YdWUHeW5ayGBkTMqCVQz+PW5O6OBD9vl8LBsCDNbd0ZvC07iv727oQoOzhzlKGGw/DkVFf28LJ/TRBTdqpo2wfdPtCUxInKtM3ccmmhzs4hoamP2jdShEv4RvAJQciYp6XZ4Yi5nFJ/DjKbE3si2vBBUeHw==
Received: from [127.0.0.1] by nm50.bullet.mail.gq1.yahoo.com with NNFMP;
 29 May 2016 15:18:21 -0000
Received: from [98.137.12.191] by nm50.bullet.mail.gq1.yahoo.com with NNFMP;
 29 May 2016 15:15:34 -0000
Received: from [98.137.12.214] by tm12.bullet.mail.gq1.yahoo.com with NNFMP;
 29 May 2016 15:15:34 -0000
Received: from [127.0.0.1] by omp1022.mail.gq1.yahoo.com with NNFMP;
 29 May 2016 15:15:34 -0000
X-Yahoo-Newman-Property: ymail-4
X-Yahoo-Newman-Id: 697821.47183.bm@omp1022.mail.gq1.yahoo.com
X-YMail-OSG: 0CG6cj0VM1n8ai7F8PqzTWJd3Zy_b4KLJy3qmCo6yDnIoik_P.o7ENfqyN4oUOi
 i79eZdR9y.3qhfDqtzoQGXjuglla7Dw_MOJy6mY8yHYk.Ug.JNIl13dweeJNTew_fR6y42u4.4wa
 mnk9rY7Io4jqMX8praNFxg2gytwX97dssZfYBCSxRgYV81hlPzwlkEHqGJ7lsqatBBmMfeJ9z2zY
 TtVAW4LeyDyf.b0zIEZjNs0f.5uNlMtKyt8W8QXHVWp3pHb9SXYntLwCg8nj6.IH.J5I54GLPo1t
 xDbN3LmFS0SywJftTZYgHb_HiDp8.dc9_.KF73ILPgBJ0axsdOISpBO.XSHZpqXadoWCmNlddCON
 uJzz1DKsBcp3ZcG9RPUmb3e8XSxck8ajKsB5B_XiNtfE2KYhnCws0GZG5jEG6h5ktayHoAh78pXM
 WNFOw.JPlR3eKluK080bFO2.XxD6ai9VF_xuZLu1rfWXRY8sjlSYnR12o4wWpRVsv7i08Q2_DuJF
 j6Qfvg2tjVPAb3qW4yVzkoOk-
Received: from jws10714.mail.gq1.yahoo.com by sendmailws140.mail.gq1.yahoo.com;
 Sun, 29 May 2016 15:15:34 +0000; 1464534934.216
Date: Sun, 29 May 2016 15:15:33 +0000 (UTC)
From: =?UTF-8?Q?Sebasti=C3=A1n_Maruca?= <juanperiz@yahoo.com.ar>
Reply-To: =?UTF-8?Q?Sebasti=C3=A1n_Maruca?= <seba@econ.uba.ar>
To: <freebsd-jail@freebsd.org>
Message-ID: <366569840.1294540.1464534933908.JavaMail.yahoo@mail.yahoo.com>
Subject: deploy multiple vnets with VIMAGE/VNET + Production Ready?
MIME-Version: 1.0
References: <366569840.1294540.1464534933908.JavaMail.yahoo.ref@mail.yahoo.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Content-Filtered-By: Mailman/MimeDel 2.1.22
X-BeenThere: freebsd-jail@freebsd.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussion about FreeBSD jail\(8\)" <freebsd-jail.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-jail>,
 <mailto:freebsd-jail-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-jail/>
List-Post: <mailto:freebsd-jail@freebsd.org>
List-Help: <mailto:freebsd-jail-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-jail>,
 <mailto:freebsd-jail-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 29 May 2016 15:18:28 -0000

Hi to everyone!
I want to deploy several "jailed" firewalls, where each one of them would c=
ontain at least three multiple virtual interfaces (associated with virtual =
internal nets) like "WAN", "LAN" and "DMZ" for example...
First *innocent* question (I beg you pardon for my ignorance dealing with j=
ails!) Can vnet/vimage help me deploy such a complex jailed environment???
Secod *innocent* question, so far so good, reading at =C2=A0jail manpage (c=
irca=C2=A0July 6, 2015/FreeBSD 10.3) it seems VNET/VIMAGE is fully integrat=
ed to the FreeBSD kernel, is VNET/VIMAGE ready for production level???
As a side note, at the host level would a be some kind of API/service that =
would deal with pfctl in order to rule flows between all of them...
Best regards,Seba