From owner-freebsd-questions@FreeBSD.ORG Mon Apr 6 15:38:50 2015 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7B305194 for ; Mon, 6 Apr 2015 15:38:50 +0000 (UTC) Received: from smtp1.mail.ru (smtp1.mail.ru [94.100.179.111]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id EEA91925 for ; Mon, 6 Apr 2015 15:38:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=mail.ru; s=mail2; h=Content-Transfer-Encoding:Content-Type:In-Reply-To:References:Subject:To:MIME-Version:From:Date:Message-ID; bh=XKXpaLA/nMGdVbt6S8YaKun2dXrN13EYsa5YYn42ZFQ=; b=URPHBS5sr4b9RK8coeqb4R4Aq8oQDicOxdsmy+3uOfJVJ7bRHXaweWfCykDEUSsJb67msUMSyO0C0z8XtcBpX9sGxX0wLrJ5WMgOUtPnatMYfiGvrJvPYM3pwGHiDAGk63/w1v4pcy4Rd8uoaw/cAkV8PEAOpTQVea6XWn3Ynrc=; Received: from [109.188.125.8] (port=44051 helo=[192.168.0.12]) by smtp1.mail.ru with esmtpa (envelope-from ) id 1Yf96h-0005JY-Re for freebsd-questions@freebsd.org; Mon, 06 Apr 2015 18:38:41 +0300 Message-ID: <5522A88F.4020500@artem.ru> Date: Mon, 06 Apr 2015 18:38:55 +0300 From: Artem Kuchin User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0 MIME-Version: 1.0 To: freebsd-questions@freebsd.org Subject: Re: how to do interval jail ips References: <552297B5.1030203@artem.ru> <55229C4E.5050504@gmail.com> <55229DE1.5050700@artem.ru> <5522A559.8050407@infracaninophile.co.uk> In-Reply-To: <5522A559.8050407@infracaninophile.co.uk> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit X-Spam: Not detected X-Mras: Ok X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Apr 2015 15:38:50 -0000 06.04.2015 18:25, Matthew Seaman пишет: > On 06/04/2015 15:53, Artem Kuchin wrote: >> 06.04.2015 17:46, Ernie Luzar пишет: >>> Artem Kuchin wrote: >>>> Hello! >>>> >>>> I have several jails and some of the use real ips, some are just >>>> internal for the server like 10.0.0.x >>>> However, i assigned all ips to the external em0 interface. >>>> This causes problems, because of server in the same lan have 10.0.0.x >>>> address of their interfaces too. >>>> So, there is a conflict. >>>> This is just a colocation, so, i cannot control the ip assignment. >>>> >>>> What is the correct way to assign ip address which are seen only >>>> withing a host? >>>> (some kind of virtual NIC) >>>> >>>> Artem >>>> >>> xl0,10.0.10.2 for lan on device xl0 >>> >>> em0,x.x.x.x for rl0 device facing pubic internet >>> >>> use the correct device names for you network configuration >>> >> i don't get it. I do not have xl0 device >> I only have em0 >> Or i can specify whatever device i like even if it is not installed in >> the server? > You can create jail IPs bound to the loopback interface lo0 exactly as > you would for a standard NIC. Need a little clarification. Do you mean i need to specify ip aliases on lo0 interfaces in rc.conf and then specify that ip in jail conf?? > Be aware though that if you assign your internal IPs from, say, > 10.11.0.0/24 that will mean you would have trouble reaching anything on > that particular subnet via your network interface. This is understood. It is a colocation server. No need to access anything localy. VPN is also not up.