From owner-freebsd-net@freebsd.org Tue Dec 1 03:45:35 2015 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9C228A3D0BF for ; Tue, 1 Dec 2015 03:45:35 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 76FBC1F2C for ; Tue, 1 Dec 2015 03:45:35 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from Julian-MBP3.local (50-196-156-133-static.hfc.comcastbusiness.net [50.196.156.133]) (authenticated bits=0) by vps1.elischer.org (8.15.2/8.15.2) with ESMTPSA id tB13jSUQ003880 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Mon, 30 Nov 2015 19:45:31 -0800 (PST) (envelope-from julian@freebsd.org) Subject: Re: vimage and jail networking To: Nathan Aherne , freebsd-net@freebsd.org References: <8538858C-BE02-489A-BC1B-2315AC18AD3F@vuid.com> From: Julian Elischer Message-ID: <565D17D2.1090007@freebsd.org> Date: Tue, 1 Dec 2015 11:45:22 +0800 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:38.0) Gecko/20100101 Thunderbird/38.4.0 MIME-Version: 1.0 In-Reply-To: <8538858C-BE02-489A-BC1B-2315AC18AD3F@vuid.com> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Dec 2015 03:45:35 -0000 On 1/12/2015 8:32 AM, Nathan Aherne wrote: > Hi Everyone! > > I am having trouble getting my head around vimage and jail networking. I would like for my jails to have private IPs (10.0.0.0/24) and only use a single public IP. > > I am having a hard time finding tutorials or information on how to structure my network. My first thoughts were to clone the loopback interface (have the jails on it) but then I get lost with how to configure the bridging. I found this tutorial on the subject - http://wiki.polymorf.fr/index.php/Howto:FreeBSD_jail_vnet but I am unsure how the bridging works as the bridge interface does not seem to be bridged to anything. > > I would really appreciate it if someone could point me in the correct direction. It seems to me you are thinking of it in the wrong way. think of the vimage jails as completely separate machines. they are connected by virtual point-to-point networks (if you use epair) or by a virtual ethernet (if you use netgraph). how would you do it if you had one nat router and a bunch of real machines on the 10 network behind it? check out, amongst other things: http://devinteske.com/wp/vimage-jails-on-freebsd-8/ also please first look on your own machine in /usr/share/examples/netgraph and especially look at the virtual.chain and virtual.lan examples I think they do exactly what you want. > > Regards, > > Nathan > _______________________________________________ > freebsd-net@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >