Date: Wed, 14 Dec 2016 09:22:14 -0600 (CST) From: "Valeri Galtsev" <galtsev@kicp.uchicago.edu> To: "Allan Jude" <allanjude@freebsd.org> Cc: freebsd-jail@freebsd.org Subject: Re: multiple interfaces for jail.conf(1) and jail_set(2) Message-ID: <27934.128.135.52.6.1481728934.squirrel@cosmo.uchicago.edu> In-Reply-To: <02b85a36-007b-605d-7ab0-c9e56495d86e@freebsd.org> References: <0ED7F403-F14E-4A72-8E54-AF74AAE15061@blackskyresearch.net> <11488.128.135.52.6.1481666606.squirrel@cosmo.uchicago.edu> <BF1B3D9C-D3D3-4F57-9B10-417C176E8423@blackskyresearch.net> <02b85a36-007b-605d-7ab0-c9e56495d86e@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, December 13, 2016 11:43 pm, Allan Jude wrote: > On 2016-12-13 23:47, Isaac (.ike) Levy wrote: >> Hi Valeri, >> >>> On Dec 13, 2016, at 5:03 PM, Valeri Galtsev <galtsev@kicp.uchicago.edu> >>> wrote: >>> >>> On Tue, December 13, 2016 2:14 pm, Isaac (.ike) Levy wrote: >>>> Hi All, >>>> >>>> Can I specify multiple IP interfaces and assign IPâs to them >>>> using >>>> jail.conf? >>>> I have jails with IPv4/IPv6 addresses on multiple physical interfaces, >>>> as >>>> well as assigning a loopback. >>> >>> Last time I tried it which was about year and a half ago the answer >>> was: >> >> Just to clarify your answer, >> >>> no, this is not possible. Jail can only have one IP address (in >>> addition >>> to loopback addresses). >> >> Do you mean this just for jail.conf configuration/usage? >> >> If so, from all I’ve read and tried, that makes complete sense, and >> makes me sad as it prevents me from using the slickness of jail.conf(1) >> and jail_set(2) - not yet :) >> >> -- >> However, to be very clear for the list archive, jails can most >> definately have many IP addresses, (since between FreeBSD 7 and 8 I >> believe?), including loopback, (which is just an IP address like any >> other), >> >> For example, >> >> # ifconfig em0 inet alias 10.10.10.10/32 >> # ifconfig em1 inet alias 10.10.10.11/32 >> # ifconfig lo0 inet alias 127.0.0.11/32 >> # ifconfig em0 inet6 alias 2:2:2:2::10 prefixlen 64 >> # jail -c path=/some/place host.hostname=myjail >> ip4.addr=“10.10.10.10,10.10.10.11,127.0.0.11" ip6.addr="2:2:2:2::10" >> command=/bin/sh /etc/rc >> >> Best, >> .ike >> >> >> _______________________________________________ >> freebsd-jail@freebsd.org mailing list >> https://lists.freebsd.org/mailman/listinfo/freebsd-jail >> To unsubscribe, send any mail to "freebsd-jail-unsubscribe@freebsd.org" >> > > In ezjail I can just do this: > Of course, it is great to learn that some tools can do this or that. However, this only is helpful to those who are just choosing what to use for the future. Once your choice is made, you (at least I) kind of avoid jumping over to doing something using different tools, especially what is already done some specific way on your production machine. I guess, what I'm trying to say is: don't be surprised if OP finds your effort to help him ultimately useless. Incidentally, I for one set up jails "by the book", not by using some tool which does it all for me behind the scenes. So, reference to any tools are kind of set me off (hence this my reply ;-) Just my $0.02. Valeri > > export > jail_something_scaleengine_net_ip="vlan43|10.0.0.17,vlan43|2001:470:1::1:6667,lo0|127.0.3.1" > > If you include the interface name like that, it will automatically add > the alias when the jail starts, and remove it when the jail stops > (simplifying the task of moving the jail to a different host) > > If the IP is already bound to the machine, just use the comma separated > list of IPs. > > > -- > Allan Jude > > ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?27934.128.135.52.6.1481728934.squirrel>