Date: Fri, 23 Mar 2018 20:17:27 +0100 From: joerg_surmann <joerg_surmann@elektropost.org> To: Marek Zarychta <zarychtam@plan-b.pwste.edu.pl> Cc: freebsd-stable@freebsd.org, freebsd-current@freebsd.org Subject: Re: Two NIC's inside a Jail Message-ID: <d2b11066-0313-81b9-933c-67721054488c@elektropost.org> In-Reply-To: <20180323172504.GA55971@plan-b.pwste.edu.pl> References: <785ce70f-3f2d-3422-0e95-146b05f7f768@elektropost.org> <20180323172504.GA55971@plan-b.pwste.edu.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --QabuUyHbzzRJWlhPrBEMbgUkV38HLlAPv Content-Type: multipart/mixed; boundary="XLdbuKE7TcH5190G2OxcWomUP464lUdtA"; protected-headers="v1" From: joerg_surmann <joerg_surmann@elektropost.org> To: Marek Zarychta <zarychtam@plan-b.pwste.edu.pl> Cc: freebsd-stable@freebsd.org, freebsd-current@freebsd.org Message-ID: <d2b11066-0313-81b9-933c-67721054488c@elektropost.org> Subject: Re: Two NIC's inside a Jail References: <785ce70f-3f2d-3422-0e95-146b05f7f768@elektropost.org> <20180323172504.GA55971@plan-b.pwste.edu.pl> In-Reply-To: <20180323172504.GA55971@plan-b.pwste.edu.pl> --XLdbuKE7TcH5190G2OxcWomUP464lUdtA Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Content-Language: de-DE Hi, thanks for yor help. I can't find a solution. But i have find a starnge ip config. in rc.conf on Host(not jail) ifconfig_vmx0_alias1=3D"inet 192.168.100.2=C2=A0 netmask 255.255.255.0" ifconfig_em0=3D"inet 213.70.80.92 netmask 255.255.255.0" ifconfig on host say: inet 213.70.80.92 netmask 0xffffffff broadcast 213.70.80.92 inet 192.168.100.2=C2=A0 netmask 0xffffffff broadcast 192.168.100.2 ifconfig say to both ip's /32. Maby that's the reason for unavailable the apache. ifconfig iside the jail say the same. I'm a little bit confused. Am 23.03.2018 um 18:25 schrieb Marek Zarychta: > On Fri, Mar 23, 2018 at 04:01:30PM +0100, Joerg Surmann wrote: >> Hi all, >> >> I have a Problem to understund how to manage 2 Networks inside a Jail.= >> >> i have create a jail (using ezjail) with a alias IP. in rc.conf (on >> Host): >> >> ifconfig_vmx0=3D"inet 192.168.100.1 netmask 255.255.255.0" >> ifconfig_vmx0_alias0=3D"inet 192.168.100.2 netmask 255.255.255.0"=C2=A0= <- >> this is the jail ip >> >> Inside the jail running apachhe24. >> >> Now i add a new NIC to the System. in rc.conf (on Host): >> ifconfig_em0=3D"inet 213.70.80.92 netmask 255.255.255.0" >> >> in /usr/local/etc/ezjail/myjail.conf: i add the new ip export >> jail_myjail_ip=3D"192.168.100.2,213.70.80.92" >> >> Restart the jail and ifconfig looks fine. vmx0 -> inet 192.168.100.2 >> em0=C2=A0 -> inet 213.70.80.92 >> >> Apache Listen on all NIC's (<VirtualHost *:80>) But i can see my >> Website only via 192.168.100.2 from intern Network. >> >> The Host is behind a Firewall. The IP=C2=A0 213.70.80.92 is enabled f= or >> incomming Traffic. >> >> When i give the Hostname in a Browser i become "connection Timeout". >> >> What is to do that the Host is accessable from Inet? >> > Hi Joerg,=20 > > I guess your host has default gw reachable via vmx0 and second interfac= e > em0 is connected and was reachable at least from firewall protecting > address 213.70.80.92? If it is true then you should add:=20 > > to /usr/local/etc/ezjail/myjail.conf=20 > export jail_myjail_ip=3D"lo1|127.0.1.1,vmx0|192.168.100.2,em0|213.70.80= =2E92" > export jail_myjail_fib=3D"1" > > to /etc/rc.conf > static_routes=3D"net_jails" > route_net_jails=3D"default 213.70.80.x -fib 1" > > to /boot/loader.conf > net.fibs=3D"2" > > Eventually take a look at setfib(1) and also consider migrating em > adapter to second vmx which shuld be faster and more flexible. > > IMHO this questions should be asked rather on freebsd-net list than > here. --XLdbuKE7TcH5190G2OxcWomUP464lUdtA-- --QabuUyHbzzRJWlhPrBEMbgUkV38HLlAPv Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIzBAEBCgAdFiEEKgIE1afOeXZNzpBEGHz25TAa4ssFAlq1UscACgkQGHz25TAa 4stliw//U8XD9nn0MOnrgTW3nROyAaYIcLn1S8VMMT9iTMILIh8nM4RDpU3wMZ9l TjjFQihgihJzOI2GLGBIpyCV3iwaG1PWjkTRT9ed+weI+8drhFx1IXlbFtWKxIt3 8dYYfH/30RRrudzJSdB+bOgwkPvRM+AXpB4ydIzZPvtG/WKRZqG7J/H4l31udLfh i2oBqjV6jeaq/z8LU0gJ8H0BlZUVnEzRtUojKXmGeyOsffKB5DAU89iCGl5rikuJ /z8ob6o0+OiRkpoDq0wKIwqw4ZWLXNINMn7bYbhtXay3p+ItVagPBO5ih2bX9ZLi Xdv3YK7xx+qmg7qzWLUBMWyivF5MeYKn7PNT+vVpNwNm9A/ANjQ9uuR6sL7XjVM5 a9xC2vpRf/DCHaExUBbRwD1KbkbUtSrkiEriOqJVXUv5D9HHRpSQ2IplV1WevbQg 8cA4+0PfV2+pbDf1sMzKIxYLrZEdRlS0IKu1qpsq5YJvEjV11+NDYgdFfN6F4xbK DnXlxL39sFhTX1d0J4q3iBTt9UZaP9fsx1INDVqwa/WDOblutFcgzdcINi/cWOOW z0iEsb+MPCGHh1Iu6/xLgWw9QqldRdQYOuPay2R3oxzCQMiLDicQRBAGf3HVuG2o fm22wRoEMABnX6+NfznofRY5wPfxGCnWYpSK0KPa0NHCVq5apvY= =yYf7 -----END PGP SIGNATURE----- --QabuUyHbzzRJWlhPrBEMbgUkV38HLlAPv--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d2b11066-0313-81b9-933c-67721054488c>