Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 11 Dec 2009 12:51:38 -0800
From:      Julian Elischer <julian@elischer.org>
To:        Reinhard Haller <reinhard.haller@interactive-net.de>
Cc:        "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net>, FreeBSD virtualization mailing list <freebsd-virtualization@freebsd.org>
Subject:   Re: create a vnet jail in rc.conf
Message-ID:  <4B22B0DA.3000905@elischer.org>
In-Reply-To: <4B220346.1090204@interactive-net.de>
References:  <4B1FE20D.9000009@interactive-net.de> <4B220346.1090204@interactive-net.de>
next in thread | previous in thread | raw e-mail | index | archive | help 
Reinhard Haller wrote:
> Julian Elischer schrieb:
>> Julian Elischer wrote:
>>> Reinhard Haller wrote:
>>>> I tried it with the following, but suffered intermittent routing
>>>> problems (route6d died and cannot be restarted):
>>>>
>>>>    jail -c vnet name=d1 host.hostname=dns1.intern.de path=/jails/dns1
>>>> persist
>>>>    jail -c vnet name=d2 host.hostname=dns2.intern.de path=/jails/dns2
>>>> persist
>>>>    ifconfig bridge0 create
>>>>    ifconfig epair create
>>>>    ifconfig epair create
>>>>    ifconfig bridge0 addm epair0a addm epair1a up
>>>>    ifconfig epair0a inet6 fd08:e8a3:4825:10::1
>>>>    ifconfig epair0b vnet 1
>>>>    ifconfig epair1b vnet 2
>>>>    jexec 1 csh
>>>>    ifconfig epair0b inet6 fd08:e8a3:4825:10::10
>>>>    route -n add -inet6 default fd08:e8a3:4825:10::1
>>>>    exit
>>>>    jexec 2 csh
>>>>    ifconfig epair1b inet6 fd08:e8a3:4825:10::11
>>>>    route -n add -inet6 default fd08:e8a3:4825:10::1
>>>>    exit
>>>>
>>>> Is this the way to get a stable vnet system?
>>> using epair and bridge is probably suboptimal.
>>>
>>> try using:
>>> 1: three epair sets to make a mesh (usable with smal nunbers fo jails)
> 
> Do you mean 2 ip-addresses per jail and another 2 for the host?
> 
>>> 2: using netgraph to make a bridge..
> 
> bridge + epair are cloneable interfaces, they are created before pf
> starts. The netgraph stuff is problematic when using interfaces in pf.conf.

though in 8.1 and 9 each jail has its own pf.

> 
> 
> _______________________________________________
> freebsd-virtualization@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization
> To unsubscribe, send any mail to "freebsd-virtualization-unsubscribe@freebsd.org"

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4B22B0DA.3000905>