From owner-freebsd-questions@FreeBSD.ORG Wed Aug 5 07:16:23 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C59931065670 for ; Wed, 5 Aug 2009 07:16:23 +0000 (UTC) (envelope-from kagesenshi.87@gmail.com) Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.250]) by mx1.freebsd.org (Postfix) with ESMTP id 84EAE8FC21 for ; Wed, 5 Aug 2009 07:16:23 +0000 (UTC) (envelope-from kagesenshi.87@gmail.com) Received: by an-out-0708.google.com with SMTP id d14so2146630and.13 for ; Wed, 05 Aug 2009 00:16:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:from:date:message-id :subject:to:content-type:content-transfer-encoding; bh=NUBjJKtJ5Hz+ns0fdda4KGLN5rrytaCZPFnbNeLrJ6c=; b=UZ47hWm7y3np4dyyaYwsI9T6+mF/k0uWVARuUs2uO8VPKuD4rmFliWwTCqO4V40cF+ 6XJrxdhyGJcVyN5w0pyNIZ9D1PSvNFDVFuScyGZMW4+6b9J0oUGfaWRiQFwNADMgWn3y //kY6cgcKrmDLvjVl7sgt5EATuUJ/sfEV55Cw= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:from:date:message-id:subject:to:content-type :content-transfer-encoding; b=EkijKsh+WSHUNDMB/E01n9OG+X4AjedoLA2bgNsjozax/INWZ0KlagQaxaGly82pjH dNone4p6SLfezwOELvI+ng25qJz7XUvfPqtNSDk3JUIwk7W7cYmQGNhKIfNo1e4Eop+H cqqlM1Nky73iipE/nJO8y2f42BZBCjuGDcxWI= MIME-Version: 1.0 Received: by 10.100.92.17 with SMTP id p17mr9573989anb.179.1249455158858; Tue, 04 Aug 2009 23:52:38 -0700 (PDT) From: Izhar Firdaus Date: Wed, 5 Aug 2009 14:52:18 +0800 Message-ID: To: freebsd-questions@freebsd.org Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Subject: routing for jails on public IPs, jails on private IPs between 2 servers X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Aug 2009 07:16:24 -0000 Hi , I have this question which need some comment/help on: =3D=3D the setup =3D=3D I have 2 freebsd servers with several jails running on it. Each server have several jails thats either listening on publicly accessible IP or listening on a loopback/private IP. The two servers are connected together using vpn with routing that allows ServerA to connect to private jails in ServerB and vice versa. ServerA (10.1.0.1_tun0,192.168.1.1_bge0,192.168.1.2_bge0,127.0.1.1_lo1,127.= 0.1.1_lo1) - JailA(192.168.1.2_bge0) - JailB(127.0.1.1_lo1) - JailC(127.0.1.1_lo1) ServerB (10.1.0.3_tun0,192.168.1.3_bge0,192.168.1.4_bge0,127.0.2.1_lo1,127.= 0.2.2_lo1) - JailA(192.168.1.4_bge0) - JailB(127.0.2.1_lo1) - JailC(127.0.2.2_lo1) =3D=3D the issue =3D=3D under the current config, ServerA can connect to all private jails in ServerB through vpn+routing and vice versa. Private jails in ServerA can connect to public jails in ServerB through NAT and vice versa. However, I cant figure out how to allow public jails in ServerA to connect to private jails in ServerB. Anybody have idea on how to implement it? Thanks --=20 Mohd Izhar Firdaus Bin Ismail Amano Hikaru =E5=A4=A9=E9=87=8E=E6=99=83 =E3=80=8C=E3=81=82=E3=81=BE=E3=81= =AE =E3=81=B2=E3=81=8B=E3=82=8B=E3=80=8D http://fedoraproject.org/wiki/MohdIzharFirdaus http://blog.kagesenshi.org 92C2 B295 B40B B3DC 6866 5011 5BD2 584A 8A5D 7331