From owner-freebsd-arch  Tue Oct 22 18: 3:50 2002
Delivered-To: freebsd-arch@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id D8F2937B401
	for <freebsd-arch@FreeBSD.ORG>; Tue, 22 Oct 2002 18:03:49 -0700 (PDT)
Received: from mailhost.nxad.com (lan.ext.nxad.com [66.250.180.254])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 7CB7843E7B
	for <freebsd-arch@FreeBSD.ORG>; Tue, 22 Oct 2002 18:03:49 -0700 (PDT)
	(envelope-from sean@nxad.com)
Received: from perrin.int.nxad.com (perrin.int.nxad.com [192.168.1.251])
	by mailhost.nxad.com (Postfix) with ESMTP
	id 29B2F212EEB; Tue, 22 Oct 2002 18:03:39 -0700 (PDT)
Received: by perrin.int.nxad.com (Postfix, from userid 1001)
	id DD98520F02; Tue, 22 Oct 2002 18:03:37 -0700 (PDT)
Date: Tue, 22 Oct 2002 18:03:37 -0700
From: Sean Chittenden <sean@chittenden.org>
To: Bill Coutinho <bill.coutinho@dextra.com.br>
Cc: freebsd-arch@FreeBSD.ORG
Subject: Re: Jail subsystem + 802.1Q VLANs
Message-ID: <20021023010337.GC33299@perrin.int.nxad.com>
References: <NEBBKGFCALOCPEPBDDBCGEEMDIAA.bill.coutinho@dextra.com.br>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <NEBBKGFCALOCPEPBDDBCGEEMDIAA.bill.coutinho@dextra.com.br>
User-Agent: Mutt/1.4i
X-PGP-Key: finger seanc@FreeBSD.org
X-PGP-Fingerprint: 6CEB 1B06 BFD3 70F6 95BE 7E4D 8E85 2E0A 5F5B 3ECB
X-Web-Homepage: http://sean.chittenden.org/
Sender: owner-freebsd-arch@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-arch.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-arch>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-arch>
X-Loop: FreeBSD.ORG

> I've read about the Jail subsystem, and learned that each jailed
> process is bound to an specific IP address ("ip_number" field in
> "struct jail"). That's fine, but my question is:
> 
> Is it possible to associate a jailed process to a VLAN number in a
> 802.1Q enabled net interface?

I believe with the patch posted by Marko Zec <zec@tel.fer.hr> at

http://www.tel.fer.hr/zec/BSD/vimage/

would make it possible.  Are there other comments/thoughts about this
patch?  It basically lets you create multiple network stacks as
virtual networks.  A chump example would be a BSD system with four
nics, and two nics in each virtual network.  It'd be possible to do
static routing on each of the virtual networks so that there would be
two default routes on a single system.

With my network admin hat on, this work is really interesting to me
because it means I can cram a BSD router into broken network
topologies where other products/os'es can't be wedged.  Could the
various net code guru's please review this?  -sc

-- 
Sean Chittenden

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message