From owner-freebsd-net@freebsd.org Fri May 10 21:02:31 2019 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 18BF015886A9 for ; Fri, 10 May 2019 21:02:31 +0000 (UTC) (envelope-from chris@debilux.org) Received: from mail.dblx.io (mail.dblx.io [IPv6:2a01:4f8:161:10c7::13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AB8578B4BB for ; Fri, 10 May 2019 21:02:29 +0000 (UTC) (envelope-from chris@debilux.org) Received: from [10.0.3.125] (port-92-201-114-140.dynamic.qsc.de [92.201.114.140]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.dblx.io (Postfix) with ESMTPSA id 48B40456B for ; Fri, 10 May 2019 23:01:58 +0200 (CEST) From: Christian Baer Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.8\)) Subject: VLANs for use with jails Message-Id: <2BE6B69D-FB37-49BA-AAA1-67531A4BE064@debilux.org> Date: Fri, 10 May 2019 23:02:26 +0200 To: Artem Viklenko via freebsd-net X-Mailer: Apple Mail (2.3445.104.8) X-Rspamd-Queue-Id: AB8578B4BB X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; spf=pass (mx1.freebsd.org: domain of chris@debilux.org designates 2a01:4f8:161:10c7::13 as permitted sender) smtp.mailfrom=chris@debilux.org X-Spamd-Result: default: False [-3.37 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; NEURAL_HAM_MEDIUM(-0.99)[-0.992,0]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; MV_CASE(0.50)[]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org]; DMARC_NA(0.00)[debilux.org]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; IP_SCORE(-0.76)[ipnet: 2a01:4f8::/29(-2.06), asn: 24940(-1.73), country: DE(-0.01)]; TO_DN_ALL(0.00)[]; MX_GOOD(-0.01)[mail.dblx.io]; NEURAL_HAM_SHORT(-0.81)[-0.805,0]; TO_MATCH_ENVRCPT_ALL(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+,1:+]; ASN(0.00)[asn:24940, ipnet:2a01:4f8::/29, country:DE]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_TLS_ALL(0.00)[]; RCVD_COUNT_TWO(0.00)[2] Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 May 2019 21:02:31 -0000 I'm using 12.0-RELEASE and run several VIMAGE jails with iocage. At the moment I use a tagged switch port to put the whole system in my = LAN VLAN. I wan't to switch the port to a trunk port and want to put the jails in = different VLANs. As the iocage networking manual is crap I have no clue what to do. My current rc.conf looks like this: defaultrouter=3D"10.0.3.1" defaultrouter6=3D"fe80::b6fb:e4ff:fe2d:abf6%em0" ifconfig_igb0=3D"inet 10.0.3.11/24 -rxcsum -rxcsum6 -txcsum -txcsum6 = -lro -tso -vlanhwtso" ifconfig_igb0_ipv6=3D"inet6 accept_rtadv -lro -tso" ifconfig_igb1=3D"inet 10.0.3.12/24 -rxcsum -rxcsum6 -txcsum -txcsum6 = -lro -tso -vlanhwtso" ifconfig_igb1_ipv6=3D"inet6 accept_rtadv -lro -tso"=20 I set the default interface of the jails to igb1 and use igb0 for = communication with the host itself. What's the proper way to set up igb1 to be untagged (and so be in the = management vlan) and create the different VLANs on it and use it with = the jails? On of the VLANs should also be in the management VLAN (to = move my Unifi controller from a Pi to a jail). Does anyone have a similar setup? I found so many different approaches = but none of them suited my needs. I tried to combine some approaches = messed up my config more than once. Best regards Chris=