Date: Thu, 22 Nov 2012 22:42:35 +1100 From: Morgan Reed <morgan.s.reed@gmail.com> To: "Teske, Devin" <Devin.Teske@fisglobal.com> Cc: "freebsd-stable@freebsd.org" <freebsd-stable@freebsd.org>, "<nickolasbug@gmail.com>" <nickolasbug@gmail.com> Subject: Re: natd in a jail Message-ID: <CAKnh_Yus8=RTDq_hisdMVxiR-7pZG1Uuvj2hsvCk8Ny=D8s0xg@mail.gmail.com> In-Reply-To: <13CA24D6AB415D428143D44749F57D7201E49842@ltcfiswmsgmb21> References: <CAKnh_YtF5f_0-vuGO0ov%2BJDKa_gxF%2Bf80-DCcfxPYyew0_ZG7Q@mail.gmail.com> <CAPyG9gM4Ht560WEerVXvxx=W8Q=thC7FtGyaFMC5Pou2kijLBw@mail.gmail.com> <CAMgYTKsVcSqhE1iO=b%2Bb%2BF1XwHr2cFNgKa=%2BNnzUsNjSGk5TgQ@mail.gmail.com> <13CA24D6AB415D428143D44749F57D7201E49842@ltcfiswmsgmb21>
index | next in thread | previous in thread | raw e-mail
On Thu, Nov 22, 2012 at 10:32 PM, Teske, Devin <Devin.Teske@fisglobal.com> wrote: > I have created a boot script for managing vimages (downloadable as a FreeBSD package) and made a little write-up on how to use it... > http://druidbsd.sf.net/vimage.shtml As noted elsewhere, these are VIMAGE jails, but I'm managing them manually with a spaghetti script at the moment (just proof-of-concept at this point), I'll have a look at the script, might make my life easier. > Note that I use netgraph for bridging (not if_bridge+epair method which seems to be popular in some other setups -- we've benchmarked netgraph and it scales well). Not to mention that "ngctl dot | dot -Tsvg -o network.svg" can produce nice pretty graphs of your vimage structure when using my setup. Hmmm, I've not done anything with netgraph before, I'll have a look into it, if it is an issue of the appropriate interfaces not being exposed to natd from the epair/bridge setup that might be an alternate solution, not hugely concerned about scale, it'll pretty much only be my traffic that gets routed this way, but I am interested in making it as efficient as possible (no sense adding additional latency unnecessarily when one already has the tunnel latency to deal with). Thanks, Morganhome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAKnh_Yus8=RTDq_hisdMVxiR-7pZG1Uuvj2hsvCk8Ny=D8s0xg>