Date: Thu, 10 Dec 2009 09:58:48 -0800 From: Julian Elischer <julian@elischer.org> To: Reinhard Haller <reinhard.haller@interactive-net.de> Cc: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net>, FreeBSD virtualization mailing list <freebsd-virtualization@freebsd.org> Subject: Re: create a vnet jail in rc.conf Message-ID: <4B2136D8.9000404@elischer.org> In-Reply-To: <4B213495.4020108@elischer.org> References: <4B1FE20D.9000009@interactive-net.de> <4B20B92E.2070105@interactive-net.de> <4B213495.4020108@elischer.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Julian Elischer wrote: > Reinhard Haller wrote: >> Bjoern A. Zeeb schrieb: >>> On Wed, 9 Dec 2009, Reinhard Haller wrote: >>> >>> Hi, >>> >>>> I'm searching for a way to create vnet jails in rc.conf. I tried it >>>> with >>>> jail_flags (-c vnet) with no success. >>>> >>>> The documentation is not very helpful, I'm missing the way to create >>>> the >>>> vnet jail and I suspect the specification of an ipv6 address to the >>>> epair in the jail is not working. >>>> >>>> Any suggestions? >>> vnets are not yet supported by the legacy jail management framework >>> and will not. >>> The plan is to have something different for when vimages are no longer >>> "experimental" (tech preview, ... call it what you like to and what >>> sounds good;). Ideally for 8.2 but that's just a wild handwaving. >>> >> Wasting another year? >>> I have some uncommented old notes lying around here: >>> http://people.freebsd.org/~bz/jail-persist.txt >>> >>> The current ones are actually a lot more complex and no longer good >>> examples. Rather than using "persist" you can still give a command to >>> start a jail starting all the rc framework etc. in it. >>> >>> /bz >>> >> I tried it with the following, but suffered intermittent routing >> problems (route6d died and cannot be restarted): >> >> jail -c vnet name=d1 host.hostname=dns1.intern.de path=/jails/dns1 >> persist >> jail -c vnet name=d2 host.hostname=dns2.intern.de path=/jails/dns2 >> persist >> ifconfig bridge0 create >> ifconfig epair create >> ifconfig epair create >> ifconfig bridge0 addm epair0a addm epair1a up >> ifconfig epair0a inet6 fd08:e8a3:4825:10::1 >> ifconfig epair0b vnet 1 >> ifconfig epair1b vnet 2 >> jexec 1 csh >> ifconfig epair0b inet6 fd08:e8a3:4825:10::10 >> route -n add -inet6 default fd08:e8a3:4825:10::1 >> exit >> jexec 2 csh >> ifconfig epair1b inet6 fd08:e8a3:4825:10::11 >> route -n add -inet6 default fd08:e8a3:4825:10::1 >> exit >> >> Is this the way to get a stable vnet system? > > > > > > using epair and bridge is probably suboptimal. > > try using: > 1: three epair sets to make a mesh (usable with smal nunbers fo jails) > 2: using netgraph to make a bridge.. > > > I'm doing thsii from memory so you may need to tweak it: > > > ngctl mkpeer em0: bridge lower link0 > ngctl name em0:lower switch > ngctl connect switch: em0: link1 upper > > # and then for each vnet, > ngctl mkpeer switch: eiface link2 ether # I forgot, you have to give each a different mac addr I think: ifconfig ngeth0 ether 1:2:3:4:5:6 > ifconfig ngeth0 vnet d1 > > ngctl mkpeer switch: eiface link3 ether > ifconfig nget1 vnet d2 > > ngctl mkpeer switch: eiface link4 ether > ifconfig ngeth2 vnet d3 > > ngctl mkpeer switch: eiface link5 ether > ifconfig ngeth3 vnet d4 > > etc > > you'll need to kldload ng_ether, ng_bridge and ng_eiface > (though I think ngctl may do that for you) > > >> >> Thanks >> Reinhard >> >> _______________________________________________ >> freebsd-virtualization@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization >> To unsubscribe, send any mail to >> "freebsd-virtualization-unsubscribe@freebsd.org" > > _______________________________________________ > freebsd-virtualization@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization > To unsubscribe, send any mail to > "freebsd-virtualization-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4B2136D8.9000404>