Multiple IP Jail's patch for FreeBSD 6.2

Jan Knepper jan at digitaldaemon.com
Sun Nov 18 14:01:20 PST 2007


Andre Oppermann wrote:
> Ed Schouten wrote:
>> Hello,
>>
>> It may be interesting to mention that yesterday there was a presentation
>> at the NLUUG (Netherlands UNIX Users Group) conference by Marco Zec, who
>> once wrote a patchset for FreeBSD 4.11 (and is in the process of porting
>> it to FreeBSD 7.x) that gives each jail its own networking stack.
>>
>> You can hook up physical interfaces to jails or perform bridging between
>> jails through netgraph bridging code. That way you can create virtual
>> network topologies on a single box. This will allow you to use multiple
>> IPv4 and IPv6 addresses on each instance. You can even use (I)PF(W)
>> inside jails.
>
> I'm working on a "light" variant of multi-IPv[46] per jail.  It doesn't
> create an entirely new network instance per jail and probably is more
> suitable for low- to mid-end (virtual) hosting.  In those cases you
> normally want the host administrator to excercise full control over
> IP address and firewall configuration of the individual jails.  For
> high-end stuff where you offer jail based virtual machines or network
> and routing simulations Marco's work is more appropriate.
Any of this available in 7.x at the moment?
I have a patched 6.2-STABLE running with 7 jails with multiple IP 
addresses. Would not be able to upgrade that box unless this becomes 
available or unless I port it to 7.x...

Thanks!
Jan




More information about the freebsd-hackers mailing list