Date: Sun, 28 Jun 2020 15:32:04 -0400 From: Ernie Luzar <luzar722@gmail.com> To: =?ISO-8859-1?Q?J=C1K=D3_Andr=E1s?= <jako.andras@eik.bme.hu> Cc: David Mehler <dave.mehler@gmail.com>, freebsd-jail <freebsd-jail@freebsd.org> Subject: Re: FreeBSD 12.1, vnet jail, and internet access Message-ID: <5EF8F034.4040705@gmail.com> In-Reply-To: <20200627213730.GE77414@eik.bme.hu> References: <CAPORhP7mU=4gMYWhkLPK-Sdyxcuhry4YTM%2B-vXOs27qeAc2a2Q@mail.gmail.com> <20200627204831.GC77414@eik.bme.hu> <CAPORhP4XmmT%2B2ZcDazZVAguBPAG2qYQaWFGWE73Sdgfk3htRVA@mail.gmail.com> <20200627213730.GE77414@eik.bme.hu>
next in thread | previous in thread | raw e-mail | index | archive | help
JÁKÓ András wrote: >> I was under the impression that the two stacks were separate? > > They are. But I don't think your ISP knows anything about your private > subnet, so they won't send IP packets with your private destination > address to you. And most probably they won't accept IP packets with your > private source address from you. So you have to translate these private > addresses if you want your ISP (and others) to forward them. > >> Should I nat on the bridge or epair? > > On the bridge, I guess. > Have 2 questions. If there were no ip addresses on the bridge and the epair0b in the vnet jail would packets pass out the bridge member external interface? How would I setup a public domain name to target the vnet jail?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5EF8F034.4040705>