From owner-freebsd-jail@freebsd.org Wed Dec 14 04:47:58 2016 Return-Path: Delivered-To: freebsd-jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4E21AC7620D for ; Wed, 14 Dec 2016 04:47:58 +0000 (UTC) (envelope-from ike@blackskyresearch.net) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 226511506 for ; Wed, 14 Dec 2016 04:47:57 +0000 (UTC) (envelope-from ike@blackskyresearch.net) Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.nyi.internal (Postfix) with ESMTP id 66A4E209BE; Tue, 13 Dec 2016 23:47:56 -0500 (EST) Received: from frontend1 ([10.202.2.160]) by compute1.internal (MEProxy); Tue, 13 Dec 2016 23:47:56 -0500 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= blackskyresearch.net; h=cc:content-transfer-encoding :content-type:date:from:in-reply-to:message-id:mime-version :references:subject:to:x-me-sender:x-me-sender:x-sasl-enc :x-sasl-enc; s=mesmtp; bh=GMPDOfe1Kexo7gUtHgCsyEN6V58=; b=dUcn7F zFjyQ2ql29TxitaUMdJFTYfJPsNn2rtZQVEECIKyjcDiRbY22IVx2YMQfdZ2q2sI yLixy78FmwSYhp0kgoEUQRznSwAYbhoW3poRMZjLSXfa0HalSdRLvV2Vampz6hiF M/Df1i1a6NYfKxyinjT7xVaBJolyNnkd1fQUo= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-sender:x-me-sender:x-sasl-enc:x-sasl-enc; s= smtpout; bh=GMPDOfe1Kexo7gUtHgCsyEN6V58=; b=S99CM1U9pKD9z7GMycMv xjuF/T/2w6erluRgp7o42URH0S92xN4UDfugjKeL8SXmvxCfoMSKJDoBo1gcUvR3 1NbaL/z3zaaOTi01JV2uIQ5EU+9mVP1RYy8GsY96EYfxl07V9UZ/AOA67jN6qL+F TDBM1zUvova8FWKB1eEokqQ= X-ME-Sender: X-Sasl-enc: eBhn+oRnYnZjJW8KODuuwJk7mF5A5HoKqIVzpg1LDBoL 1481690876 Received: from [10.0.224.105] (cpe-24-90-119-105.nyc.res.rr.com [24.90.119.105]) by mail.messagingengine.com (Postfix) with ESMTPA id 1B5627EE37; Tue, 13 Dec 2016 23:47:56 -0500 (EST) Subject: Re: multiple interfaces for jail.conf(1) and jail_set(2) Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\)) Content-Type: text/plain; charset=utf-8 From: "Isaac (.ike) Levy" X-Priority: 3 (Normal) In-Reply-To: <11488.128.135.52.6.1481666606.squirrel@cosmo.uchicago.edu> Date: Tue, 13 Dec 2016 23:47:55 -0500 Cc: freebsd-jail@freebsd.org Content-Transfer-Encoding: quoted-printable Message-Id: References: <0ED7F403-F14E-4A72-8E54-AF74AAE15061@blackskyresearch.net> <11488.128.135.52.6.1481666606.squirrel@cosmo.uchicago.edu> To: galtsev@kicp.uchicago.edu X-Mailer: Apple Mail (2.3124) X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Dec 2016 04:47:58 -0000 Hi Valeri, > On Dec 13, 2016, at 5:03 PM, Valeri Galtsev = wrote: >=20 > On Tue, December 13, 2016 2:14 pm, Isaac (.ike) Levy wrote: >> Hi All, >>=20 >> Can I specify multiple IP interfaces and assign IP=C3=A2=C2=80=C2=99s = to them using >> jail.conf? >> I have jails with IPv4/IPv6 addresses on multiple physical = interfaces, as >> well as assigning a loopback. >=20 > Last time I tried it which was about year and a half ago the answer = was: Just to clarify your answer, > no, this is not possible. Jail can only have one IP address (in = addition > to loopback addresses). Do you mean this just for jail.conf configuration/usage? If so, from all I=E2=80=99ve read and tried, that makes complete sense, = and makes me sad as it prevents me from using the slickness of = jail.conf(1) and jail_set(2) - not yet :) -- However, to be very clear for the list archive, jails can most = definately have many IP addresses, (since between FreeBSD 7 and 8 I = believe?), including loopback, (which is just an IP address like any = other), For example, # ifconfig em0 inet alias 10.10.10.10/32 # ifconfig em1 inet alias 10.10.10.11/32 # ifconfig lo0 inet alias 127.0.0.11/32 # ifconfig em0 inet6 alias 2:2:2:2::10 prefixlen 64 # jail -c path=3D/some/place host.hostname=3Dmyjail = ip4.addr=3D=E2=80=9C10.10.10.10,10.10.10.11,127.0.0.11" = ip6.addr=3D"2:2:2:2::10" command=3D/bin/sh /etc/rc Best, .ike