Date: Tue, 13 Dec 2016 15:14:24 -0500 From: "Isaac (.ike) Levy" <ike@blackskyresearch.net> To: freebsd-jail@FreeBSD.org Subject: multiple interfaces for jail.conf(1) and jail_set(2) Message-ID: <0ED7F403-F14E-4A72-8E54-AF74AAE15061@blackskyresearch.net>
next in thread | raw e-mail | index | archive | help
Hi All, Can I specify multiple IP interfaces and assign IP=E2=80=99s to them = using jail.conf? I have jails with IPv4/IPv6 addresses on multiple physical interfaces, = as well as assigning a loopback. I have not found answers in the respective man pages or digging online. I=E2=80=99m finally starting to poke around to start using the = impressively simple jail.conf subsystem to manage jails. I have been = managing jails with simple custom start scripts since 99=E2=80=99, and = custom devfs rulesets since ~2006, so jail.conf(1) and jail_set(2) are a = big welcome change for me- really awesome and clean :) -- Additional detail to clarify my loopback use: In general, I always assign each jail it=E2=80=99s own a loopback IP = somewhere in the RFC5735 specified range, 127.0.0.0/8 - (simply saving = 127.0.0.1 for the jailing host), and then I simply set localhost to = point at it=E2=80=99s IP in /etc/hosts for the jail. On the host, I = simply add the IP alias to lo0 like any other interface. This is often overlooked in common jailing practice, but often = eliminates complexity and confusion for many userland daemons. For full = Virtual Server applications, loopback is simply dotting the i=E2=80=99s = and crossing the t=E2=80=99s. I can see how localhost would be challenging to automate for easy = jail.conf configuration, mostly, in picking a loopback IP for the jail = and not letting that get messy- etc=E2=80=A6 Thanks in advance for any info! Best, .ike
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0ED7F403-F14E-4A72-8E54-AF74AAE15061>