From owner-freebsd-questions@freebsd.org Sat Aug 15 13:39:40 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 113683BAFB1 for ; Sat, 15 Aug 2020 13:39:40 +0000 (UTC) (envelope-from freebsd@qeng-ho.org) Received: from bede.qeng-ho.org (bede.qeng-ho.org [217.155.128.241]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BTLyL6Tbrz472f for ; Sat, 15 Aug 2020 13:39:38 +0000 (UTC) (envelope-from freebsd@qeng-ho.org) Received: from arthur.home.qeng-ho.org (arthur.home.qeng-ho.org [172.23.1.2]) by bede.qeng-ho.org (Postfix) with ESMTP id 8C53310374; Sat, 15 Aug 2020 14:39:37 +0100 (BST) Subject: Re: can a domain name config point to a vlan tag at the host To: Ernie Luzar , "freebsd-questions@freebsd.org" References: <5F37E329.3000903@gmail.com> From: Arthur Chance Message-ID: <9a027a2c-3575-25ac-6ccc-0f186a3d6820@qeng-ho.org> Date: Sat, 15 Aug 2020 14:39:37 +0100 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:68.0) Gecko/20100101 Thunderbird/68.11.0 MIME-Version: 1.0 In-Reply-To: <5F37E329.3000903@gmail.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-GB Content-Transfer-Encoding: 8bit ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1597498779; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=5FqYUBEMXnzLBT4Ls3pnssOZkGReHNsze43pUjVVa6o=; b=xxca7r3tYmZAXfRwdFx8nj6gIlzUVReNaUsYyYRfA7aLhvmioI4X+I4AxHbFHqopv/w22U y34FlGYg6NXPnvoAq2Xai5aSqYVZMvBwgbIkXkQA/YyMHO4SzIxGwcc8PtzCoSQ0vZB9UD 5oWdJ18cxlaLHSC82Rlk0zFFTrPe4Ha30kSD7I9n49jpkpXCKkjxHiHZUUyNopSAg9+mIq O6HU5tMMvGZrL7FParTzqxCwQybeVoeFkhYRAt0TfndGF6ARe5skXLmrtmKbcWNcL623C6 ddYmBL95YJyxsAkOLJWID56EV6CkWQatL8FvsqKyQxpK9hgPQuRuVHrmFnTsVQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1597498779; a=rsa-sha256; cv=none; b=FaBz2UXZOfto1fEUlyHaVLvg/EaPm0bjfOTBEtW92mzIZwHAv99aoVhEJ5HcUQZzDAF+EJ bsXaCjMNTEVHFnKEorOh48axknYkex+NW/CrUsWNiDwtAwDTCwp8Le+QudZm1C9kmg3yjv AJelO2vZw1R1/Ey4JiASsQKZRJsq46FLyWtU4BU+aNn31ADOVQGp5vDnhckNKkC6kj7qk8 YN0FRM5PhlMCcH1Pubml44Xcf3YifvH5KUrPE1bp1m3WY6WWrTG4eNv4BWzpV/riClyggZ q9pFH2OlOYoiUKKoesvVTlSgL5bc0xnwtl4ZWGML4sUMWZSpP60xVy/RLYHokw== ARC-Authentication-Results: i=1; mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of freebsd@qeng-ho.org designates 217.155.128.241 as permitted sender) smtp.mailfrom=freebsd@qeng-ho.org X-Rspamd-Queue-Id: 4BTLyL6Tbrz472f X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of freebsd@qeng-ho.org designates 217.155.128.241 as permitted sender) smtp.mailfrom=freebsd@qeng-ho.org X-Spamd-Result: default: False [-2.88 / 15.00]; TO_DN_EQ_ADDR_SOME(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.05)[-1.051]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:217.155.128.240/29]; NEURAL_HAM_LONG(-0.97)[-0.969]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; DMARC_NA(0.00)[qeng-ho.org]; ARC_SIGNED(0.00)[i=1]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-0.56)[-0.564]; RCPT_COUNT_TWO(0.00)[2]; FREEMAIL_TO(0.00)[gmail.com,freebsd.org]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:13037, ipnet:217.155.0.0/16, country:GB]; RCVD_COUNT_TWO(0.00)[2]; MID_RHS_MATCH_FROM(0.00)[] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 15 Aug 2020 13:39:40 -0000 On 15/08/2020 14:29, Ernie Luzar wrote: > I set up vlan for the host interface cabled to the public internet. > How do I drive internet traffic to the desired vlan name on the host > using a registered domain name? > > My rc.conf has this > > ifconfig_re0="DHCP" > gateway_enable="YES" > > vlans_re0="1 2 3" > > # vlan_1  is for the host > # vlan_2  is for vnet jailA > # vlan_3  is for vnet jailB > > Final goal is to drive traffic from the public internet using a fqdn to > the vnet jailA. I strongly suggest you read up more about networking because it's obvious you don't really understand it. All network traffic goes to *IP addresses* not domains. DNS says what addresses to use for a specific domain, but *all* connection attempts, whatever the protocol, are to a specific numeric IP address. Yes, protocols like HTTP then accept a host specification for further "routing" but that happens *after* the initial connection is made. If you want to run N jails with N different domains, all with their own traffic to arbitrary ports, you are going to need at least N different IP addresses. -- The number of people predicting the demise of Moore's Law doubles every 18 months.