From owner-freebsd-virtualization@FreeBSD.ORG Thu Dec 10 17:58:36 2009 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C4BCA1065670 for ; Thu, 10 Dec 2009 17:58:36 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outV.internet-mail-service.net (outv.internet-mail-service.net [216.240.47.245]) by mx1.freebsd.org (Postfix) with ESMTP id A78D38FC24 for ; Thu, 10 Dec 2009 17:58:36 +0000 (UTC) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id 20275ADA5F; Thu, 10 Dec 2009 09:59:38 -0800 (PST) X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (h-67-100-89-137.snfccasy.static.covad.net [67.100.89.137]) by idiom.com (Postfix) with ESMTP id 8E1322D6018; Thu, 10 Dec 2009 09:56:32 -0800 (PST) Message-ID: <4B2136D8.9000404@elischer.org> Date: Thu, 10 Dec 2009 09:58:48 -0800 From: Julian Elischer User-Agent: Thunderbird 2.0.0.23 (Macintosh/20090812) MIME-Version: 1.0 To: Reinhard Haller References: <4B1FE20D.9000009@interactive-net.de> <4B20B92E.2070105@interactive-net.de> <4B213495.4020108@elischer.org> In-Reply-To: <4B213495.4020108@elischer.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: "Bjoern A. Zeeb" , FreeBSD virtualization mailing list Subject: Re: create a vnet jail in rc.conf X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Dec 2009 17:58:36 -0000 Julian Elischer wrote: > Reinhard Haller wrote: >> Bjoern A. Zeeb schrieb: >>> On Wed, 9 Dec 2009, Reinhard Haller wrote: >>> >>> Hi, >>> >>>> I'm searching for a way to create vnet jails in rc.conf. I tried it >>>> with >>>> jail_flags (-c vnet) with no success. >>>> >>>> The documentation is not very helpful, I'm missing the way to create >>>> the >>>> vnet jail and I suspect the specification of an ipv6 address to the >>>> epair in the jail is not working. >>>> >>>> Any suggestions? >>> vnets are not yet supported by the legacy jail management framework >>> and will not. >>> The plan is to have something different for when vimages are no longer >>> "experimental" (tech preview, ... call it what you like to and what >>> sounds good;). Ideally for 8.2 but that's just a wild handwaving. >>> >> Wasting another year? >>> I have some uncommented old notes lying around here: >>> http://people.freebsd.org/~bz/jail-persist.txt >>> >>> The current ones are actually a lot more complex and no longer good >>> examples. Rather than using "persist" you can still give a command to >>> start a jail starting all the rc framework etc. in it. >>> >>> /bz >>> >> I tried it with the following, but suffered intermittent routing >> problems (route6d died and cannot be restarted): >> >> jail -c vnet name=d1 host.hostname=dns1.intern.de path=/jails/dns1 >> persist >> jail -c vnet name=d2 host.hostname=dns2.intern.de path=/jails/dns2 >> persist >> ifconfig bridge0 create >> ifconfig epair create >> ifconfig epair create >> ifconfig bridge0 addm epair0a addm epair1a up >> ifconfig epair0a inet6 fd08:e8a3:4825:10::1 >> ifconfig epair0b vnet 1 >> ifconfig epair1b vnet 2 >> jexec 1 csh >> ifconfig epair0b inet6 fd08:e8a3:4825:10::10 >> route -n add -inet6 default fd08:e8a3:4825:10::1 >> exit >> jexec 2 csh >> ifconfig epair1b inet6 fd08:e8a3:4825:10::11 >> route -n add -inet6 default fd08:e8a3:4825:10::1 >> exit >> >> Is this the way to get a stable vnet system? > > > > > > using epair and bridge is probably suboptimal. > > try using: > 1: three epair sets to make a mesh (usable with smal nunbers fo jails) > 2: using netgraph to make a bridge.. > > > I'm doing thsii from memory so you may need to tweak it: > > > ngctl mkpeer em0: bridge lower link0 > ngctl name em0:lower switch > ngctl connect switch: em0: link1 upper > > # and then for each vnet, > ngctl mkpeer switch: eiface link2 ether # I forgot, you have to give each a different mac addr I think: ifconfig ngeth0 ether 1:2:3:4:5:6 > ifconfig ngeth0 vnet d1 > > ngctl mkpeer switch: eiface link3 ether > ifconfig nget1 vnet d2 > > ngctl mkpeer switch: eiface link4 ether > ifconfig ngeth2 vnet d3 > > ngctl mkpeer switch: eiface link5 ether > ifconfig ngeth3 vnet d4 > > etc > > you'll need to kldload ng_ether, ng_bridge and ng_eiface > (though I think ngctl may do that for you) > > >> >> Thanks >> Reinhard >> >> _______________________________________________ >> freebsd-virtualization@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization >> To unsubscribe, send any mail to >> "freebsd-virtualization-unsubscribe@freebsd.org" > > _______________________________________________ > freebsd-virtualization@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization > To unsubscribe, send any mail to > "freebsd-virtualization-unsubscribe@freebsd.org"