Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 15 Feb 2007 16:29:38 -0500
From:      John Nielsen <lists@jnielsen.net>
To:        freebsd-questions@freebsd.org
Cc:        pancho pantera <pajarodelapaz@hotmail.com>
Subject:   Re: jailed VPS behind NAT
Message-ID:  <200702151629.38558.lists@jnielsen.net>
In-Reply-To: <BAY19-F7DCB810E7AACA9555C9B4AF960@phx.gbl>
References:  <BAY19-F7DCB810E7AACA9555C9B4AF960@phx.gbl>

next in thread | previous in thread | raw e-mail | index | archive | help
On Thursday 15 February 2007 14:44, pancho pantera wrote:
> hello,
>
> i don't know where to search for THIS,  info about  jailed VPS.and secondly
> handbook and other  papers and docs, are some times criptic , because
> english is not may mother language, i usually speak spanish.
>
> usually irtual private servers  has  its own public internet IP address,
> but here in mexico this is  very expensive.
>
> my project is  to get just one IP address and  put freebsd jails  for  VPS
> behind NAT for offer: " VPS whit shared IP".
>
> something between shared webhsoting and FULL VPS (whit own public IP for
> each).
>
> please letme  know  where can  ia find  more  info or  answer for this
> topic.

Set up NAT as you otherwise would using the "real" interface and IP as the 
external network. There are several different methods for doing this, most of 
which are discussed and mentioned in the handbook. I use ipfw+natd since 
that's what I'm most familiar with, but pf may be a better option if you're 
just getting started.

Since your "internal" network doesn't have (or need) a real network interface, 
use the loopback interface (lo0). Create an alias in the 127.0.0.0/8 network 
for each jail. You should of course reserve 127.0.0.1 as the "real" localhost 
address.

Set up the jails as you normally would, using the 127.x.x.x IP's you allocated 
above. See the jail(8) manpage to get started. There are other howtos and 
guides out there that might give more background and examples, but the 
manpage has always been adequate fo my (modest) needs. You might also want to 
look at the sysutils/ezjail port. See also 
http://erdgeist.org/arts/software/ezjail/ .

Decide how you are going to allocate ports and/or proxy/share commonly used 
ports. For http and https (80 and 443), consider running Apache with 
mod_proxy and virtualhosts.

Should get you started at least...

JN



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200702151629.38558.lists>