Date: Mon, 27 Jun 2005 09:36:37 -0400 From: "Raymond Wagner" <wagnerr@zoomtown.com> To: <freebsd-security@freebsd.org> Subject: running jail with alternate IP Message-ID: <200506271336.j5RDamWY022065@ms-smtp-01-eri0.ohiordc.rr.com>
next in thread | raw e-mail | index | archive | help
I am currently setting up a firewall that translates my internal network over to 5 public IP addresses. The addresses are dynamically assigned, so I use ddclient to update my www.dyndns.org account. I've set up several aliases on the external interface of the firewall, and succeeded in having the internal computers use those extra public IPs. What I want to do is have 5 copies of ddclient all running in separate jails bound to different public IPs. I did some experimenting with jail, jailing a shell and then running lynx to www.whatismyip.com. I had to open up the firewall to get it to work, and then it gave me the public IP address bound to the first IP on the interface. Looking at the firewall logs, it seems as if jail is sending packets on the main IP (the non-aliased one), but modifying the header so they return to the aliased IP that was given to it when running the jail command. Is this how jail is supposed to operate, or am I doing something wrong?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200506271336.j5RDamWY022065>