Date: Thu, 10 Dec 2009 09:49:09 -0800 From: Julian Elischer <julian@elischer.org> To: Reinhard Haller <reinhard.haller@interactive-net.de> Cc: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net>, FreeBSD virtualization mailing list <freebsd-virtualization@freebsd.org> Subject: Re: create a vnet jail in rc.conf Message-ID: <4B213495.4020108@elischer.org> In-Reply-To: <4B20B92E.2070105@interactive-net.de> References: <4B1FE20D.9000009@interactive-net.de> <4B20B92E.2070105@interactive-net.de>
next in thread | previous in thread | raw e-mail | index | archive | help
Reinhard Haller wrote: > Bjoern A. Zeeb schrieb: >> On Wed, 9 Dec 2009, Reinhard Haller wrote: >> >> Hi, >> >>> I'm searching for a way to create vnet jails in rc.conf. I tried it with >>> jail_flags (-c vnet) with no success. >>> >>> The documentation is not very helpful, I'm missing the way to create the >>> vnet jail and I suspect the specification of an ipv6 address to the >>> epair in the jail is not working. >>> >>> Any suggestions? >> vnets are not yet supported by the legacy jail management framework >> and will not. >> The plan is to have something different for when vimages are no longer >> "experimental" (tech preview, ... call it what you like to and what >> sounds good;). Ideally for 8.2 but that's just a wild handwaving. >> > Wasting another year? >> I have some uncommented old notes lying around here: >> http://people.freebsd.org/~bz/jail-persist.txt >> >> The current ones are actually a lot more complex and no longer good >> examples. Rather than using "persist" you can still give a command to >> start a jail starting all the rc framework etc. in it. >> >> /bz >> > I tried it with the following, but suffered intermittent routing > problems (route6d died and cannot be restarted): > > jail -c vnet name=d1 host.hostname=dns1.intern.de path=/jails/dns1 > persist > jail -c vnet name=d2 host.hostname=dns2.intern.de path=/jails/dns2 > persist > ifconfig bridge0 create > ifconfig epair create > ifconfig epair create > ifconfig bridge0 addm epair0a addm epair1a up > ifconfig epair0a inet6 fd08:e8a3:4825:10::1 > ifconfig epair0b vnet 1 > ifconfig epair1b vnet 2 > jexec 1 csh > ifconfig epair0b inet6 fd08:e8a3:4825:10::10 > route -n add -inet6 default fd08:e8a3:4825:10::1 > exit > jexec 2 csh > ifconfig epair1b inet6 fd08:e8a3:4825:10::11 > route -n add -inet6 default fd08:e8a3:4825:10::1 > exit > > Is this the way to get a stable vnet system? using epair and bridge is probably suboptimal. try using: 1: three epair sets to make a mesh (usable with smal nunbers fo jails) 2: using netgraph to make a bridge.. I'm doing thsii from memory so you may need to tweak it: ngctl mkpeer em0: bridge lower link0 ngctl name em0:lower switch ngctl connect switch: em0: link1 upper # and then for each vnet, ngctl mkpeer switch: eiface link2 ether ifconfig ngeth0 vnet d1 ngctl mkpeer switch: eiface link3 ether ifconfig nget1 vnet d2 ngctl mkpeer switch: eiface link4 ether ifconfig ngeth2 vnet d3 ngctl mkpeer switch: eiface link5 ether ifconfig ngeth3 vnet d4 etc you'll need to kldload ng_ether, ng_bridge and ng_eiface (though I think ngctl may do that for you) > > Thanks > Reinhard > > _______________________________________________ > freebsd-virtualization@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization > To unsubscribe, send any mail to "freebsd-virtualization-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4B213495.4020108>