From owner-freebsd-questions@FreeBSD.ORG Thu Aug 29 01:08:26 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 02C3D417 for ; Thu, 29 Aug 2013 01:08:26 +0000 (UTC) (envelope-from aimass@yabarana.com) Received: from mail-pb0-f44.google.com (mail-pb0-f44.google.com [209.85.160.44]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id CC96825D5 for ; Thu, 29 Aug 2013 01:08:25 +0000 (UTC) Received: by mail-pb0-f44.google.com with SMTP id xa7so6973328pbc.17 for ; Wed, 28 Aug 2013 18:08:19 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=+kU7htbot5nFcxWvJpygR16UHUt4C22OLNChKii+IRw=; b=aGvXBhYZ3kVqxm0fEB9/aKcxOHPbNZ5OB88FMtdPWXQP5DPZqRA6ZTiDffCBghXNe/ booKcr85ldLTp3/bTSCKU9cLViHET9nBq+rUnaMRrSpP2Xa9hVvZybBNBib2793jNwpO XalaNUxi4Q+qxlgpniLGlDBjF0yQP5pBWISEtvLK5TzHpQFRKTTMJHEtVmoWlRbX8BXe zWEd9v1bfj1ydWUFD4zVJ4fv+hGTRTc4CGYKUM5l0USOINRHwbFoYqReMWARqUPbqBQL +kagoEHKhlJXNrEkdc30wp3Nxf9+t/I4gl8z6XBcQSD/OrYT1BS8gOnUgYQL8O/hmxyS pt7Q== X-Gm-Message-State: ALoCoQlat7Okn5ATONPUWOtIAWG5PZXe/wmhp+rftu6WHrfu8SPQAHLwQ+3tQvvPnmA67j7JPmpq MIME-Version: 1.0 X-Received: by 10.68.76.101 with SMTP id j5mr704601pbw.67.1377738499779; Wed, 28 Aug 2013 18:08:19 -0700 (PDT) Received: by 10.66.240.5 with HTTP; Wed, 28 Aug 2013 18:08:19 -0700 (PDT) In-Reply-To: <521E5976.8000605@fjl.co.uk> References: <521DC5EC.1010701@fjl.co.uk> <521E5976.8000605@fjl.co.uk> Date: Wed, 28 Aug 2013 21:08:19 -0400 Message-ID: Subject: Re: Jail with public IP alias From: Alejandro Imass To: Frank Leonhardt Content-Type: text/plain; charset=ISO-8859-1 Cc: FreeBSD Questions X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Aug 2013 01:08:26 -0000 On Wed, Aug 28, 2013 at 4:11 PM, Frank Leonhardt wrote: > On 28/08/2013 19:42, Patrick wrote: >> >> On Wed, Aug 28, 2013 at 7:25 AM, Alejandro Imass >> wrote: >>> >>> On Wed, Aug 28, 2013 at 5:42 AM, Frank Leonhardt >>> wrote: >>>> [...] > Sorry guys - I had not intention of upsetting the EzJail fan club! > No worries there I just think it's an awesome tool. We used plain old jails before, and we even went through the "service jail" path once, but EzJail is a lot more than just lightweight easy-to-use jailing. > The fact remains that I've tried to recreate this problem on what comes to a > similar set-up, but without EzJail, and I can't. I've only tested it on > FreeBSD 8.2 so far, and I've only tested it from INSIDE a jail. I completely > understood what you were saying about it doing weird stuff outside a jail, > but my point is that this may or may not be related. > Actually you can replicate it easily. Assign a number of IPs to any interface but that the interface has a default route. It will always use the "primary" or default IP on the other end. You can probably see this effect even on a private network provided all the aliases route through the same gateway. You will not be able to see this effect using aliases on the loopback AFAIK. > You don't say what version you're running. I can try and recreate it on > another version. > It doesn't matter, it's a very basic network issue with aliases in FreeBSD, Linux and other OSs. Look here: http://serverfault.com/questions/12285/when-ip-aliasing-how-does-the-os-determine-which-ip-address-will-be-used-as-sour I would like to know how people deal with this on FBSD Thanks, -- Alejandro Imass