From owner-freebsd-jail@freebsd.org Wed Dec 14 13:31:03 2016 Return-Path: Delivered-To: freebsd-jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 467D5C77453 for ; Wed, 14 Dec 2016 13:31:03 +0000 (UTC) (envelope-from galtsev@kicp.uchicago.edu) Received: from cosmo.uchicago.edu (cosmo.uchicago.edu [128.135.20.71]) by mx1.freebsd.org (Postfix) with ESMTP id 25CA4188D for ; Wed, 14 Dec 2016 13:31:02 +0000 (UTC) (envelope-from galtsev@kicp.uchicago.edu) Received: by cosmo.uchicago.edu (Postfix, from userid 48) id 662FECB8CA2; Wed, 14 Dec 2016 07:31:54 -0600 (CST) Received: from 69.209.225.31 (SquirrelMail authenticated user valeri) by cosmo.uchicago.edu with HTTP; Wed, 14 Dec 2016 07:31:54 -0600 (CST) Message-ID: <61526.69.209.225.31.1481722314.squirrel@cosmo.uchicago.edu> In-Reply-To: References: <0ED7F403-F14E-4A72-8E54-AF74AAE15061@blackskyresearch.net> <11488.128.135.52.6.1481666606.squirrel@cosmo.uchicago.edu> Date: Wed, 14 Dec 2016 07:31:54 -0600 (CST) Subject: Re: multiple interfaces for jail.conf(1) and jail_set(2) From: "Valeri Galtsev" To: "Isaac (.ike) Levy" Cc: galtsev@kicp.uchicago.edu, freebsd-jail@freebsd.org Reply-To: galtsev@kicp.uchicago.edu User-Agent: SquirrelMail/1.4.8-5.el5.centos.7 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Dec 2016 13:31:03 -0000 On Tue, December 13, 2016 10:47 pm, Isaac (.ike) Levy wrote: > Hi Valeri, > >> On Dec 13, 2016, at 5:03 PM, Valeri Galtsev >> wrote: >> >> On Tue, December 13, 2016 2:14 pm, Isaac (.ike) Levy wrote: >>> Hi All, >>> >>> Can I specify multiple IP interfaces and assign IP’s to them using >>> jail.conf? >>> I have jails with IPv4/IPv6 addresses on multiple physical interfaces, >>> as >>> well as assigning a loopback. >> >> Last time I tried it which was about year and a half ago the answer was: > > Just to clarify your answer, > >> no, this is not possible. Jail can only have one IP address (in addition >> to loopback addresses). > > Do you mean this just for jail.conf configuration/usage? No, that was earlier, in /etc/rc.conf. Since then I've heard that it can be done on jail command line, though I never tried as I kind of prefer all my stuff done "generic" and uniform way, something done on command line what does not work in central configuration files be it /etc/rc.conf or /etc/jail.conf feels like hack to me, so I tend to avoid it. Valeri > > If so, from all I’ve read and tried, that makes complete sense, and > makes me sad as it prevents me from using the slickness of jail.conf(1) > and jail_set(2) - not yet :) > > -- > However, to be very clear for the list archive, jails can most definately > have many IP addresses, (since between FreeBSD 7 and 8 I believe?), > including loopback, (which is just an IP address like any other), > > For example, > > # ifconfig em0 inet alias 10.10.10.10/32 > # ifconfig em1 inet alias 10.10.10.11/32 > # ifconfig lo0 inet alias 127.0.0.11/32 > # ifconfig em0 inet6 alias 2:2:2:2::10 prefixlen 64 > # jail -c path=/some/place host.hostname=myjail > ip4.addr=“10.10.10.10,10.10.10.11,127.0.0.11" ip6.addr="2:2:2:2::10" > command=/bin/sh /etc/rc > > Best, > .ike > > ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++