Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 11 Jul 2014 22:55:58 +0300
From:      wishmaster <artemrts@ukr.net>
To:        Fbsd8 <fbsd8@a1poweruser.com>
Cc:        freebsd-jail@freebsd.org, Marcin Michta <marcin.michta@gmail.com>
Subject:   Re[2]: Jail vnet features
Message-ID:  <1405108158.121371273.hhxi3qt1@frv34.fwdcdn.com>
In-Reply-To: <53BFE67C.6040301@a1poweruser.com>
References:  <001501cf9cf7$cb848ab0$628da010$@gmail.com> <002801cf9d09$ccba9480$662fbd80$@gmail.com> <53BFE67C.6040301@a1poweruser.com>

next in thread | previous in thread | raw e-mail | index | archive | help


 
 --- Original message ---
 From: "Fbsd8" <fbsd8@a1poweruser.com>
 Date: 11 July 2014, 16:49:08
  


> Marcin Michta wrote:
> > Hello,
> > 
> > 
> > 
> > I want to ask what are advantages and disadvantages using VNET?
> > 
> > I know that it allows each jail to have a private networking stack, but what
> > else?
> > 
> > 
> > 
> > Regards
> > 
> > Marthin
> > 
> 
> Its experimental, it has many bugs posted in PR system, loses memory 
> every time a vnet jail is stopped, firewalls in vnet jail don't work,
> other that these show stoppers, use at your own risk.

Hey, man. Stop panic!

Firewall works very well. Memory leak on shutdown it is not very big problem.
Main advantage for me is: I am able to filtering and prioritization traffic coming thought base system. My vnete'ed jails is like a regular LAN clients and they share INET pipe with appropriate weight. I use ipfw.







Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1405108158.121371273.hhxi3qt1>