Date: Thu, 4 Jun 2020 13:38:32 +0200 From: =?utf-8?B?SsOBS8OTIEFuZHLDoXM=?= <jako.andras@eik.bme.hu> To: freebsd-jail@freebsd.org Subject: vnet jails on VLAN subinterfaces Message-ID: <20200604113832.GD76013@eik.bme.hu>
next in thread | raw e-mail | index | archive | help
Hello everyone, I've already asked this on forums.freebsd.org, but didn't get an answer yet. I hope someone can answer it here. I'd like to use 802.1Q tagged VLANs on an Ethernet interface, one VLAN per jail. I assigned VLAN subinterfaces to the jail's network stacks: em0 - em0.99 (host) em0 - em0.100 (jail0) em0 - em0.101 (jail1) Here em0 and em0.99 belong to the base system while em0.10[01] belong to the jails' network stacks. This works perfectly so far. But I didn't see this setup mentioned anywhere, that's why I'm curious whether this a "valid" setup, do I use vnet correctly? Or does it only work by accident? I found vnet jail examples using one epair per jail, which is connected to the physical interface by a bridge. With tagged 802.1Q VLANs this could look something like the following: em0 - em0.99 (host) em0 - em0.100 - bridge0 - epair0a - epair0b (jail0) em0 - em0.101 - bridge1 - epair1a - epair1b (jail1) Here epair[01]b belong to the jails' network stacks, and all other interfaces to the base system. This works too, but is more complicated than the one without bridges and epairs. AndrĂ¡s
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20200604113832.GD76013>