Network Configuration with Jails.
Philip M. Gollucci
pgollucci at riderway.com
Wed Nov 28 06:12:44 PST 2007
Félix Langelier wrote:
> Hello,
>
> I run a FreeBSD Jailer and I want to have multiple jails in 2 seperate networks. The server has 2 network interfaces and each of them are connected in a different network. Say vlan1 and vlan2.
>
> My problem is that all the network traffic is going through the first interface (vlan1). What I need is that a jail in vlan1 can't communicate with a jail in vlan2 (and vice-versa).
>
> Is it possible to split the network traffic in the right interfaces and use a diffrent default gateway for each of them ?
>
> Here is my /etc/rc.d configuration.
>
> defaultrouter="192.168.1.1"
>
> static_routes="vlan1 vlan2"
> route_vlan1="-net 192.168.1.0/24 192.168.1.1"
> route_vlan2="-net 192.168.2.0/24 192.168.2.1"
>
> # vlan1 interface config.
> ifconfig_bge0="inet 192.168.1.10 netmask 255.255.255.0"
> ifconfig_bge0_alias0="192.168.1.11 netmask 255.255.255.255"
>
> # vlan2 interface config.
> ifconfig_bge1="inet 192.168.2.10 netmask 255.255.255.0"
> ifconfig_bge1_alias0="inet 192.168.2.11 netmask 255.255.255.255"
>
> I tried to remove the default gateway but then the server was unreachable.
> I am thinking of using pf to resolve my issue.
Removing the default gateway will work, but you have to add back
_similiar_ routes, you can't just remove it.
--
------------------------------------------------------------------------
Philip M. Gollucci (philip at ridecharge.com)
o:703.549.2050x206
Senior System Admin - Riderway, Inc.
http://riderway.com / http://ridecharge.com
1024D/EC88A0BF 0DE5 C55C 6BF3 B235 2DAB B89E 1324 9B4F EC88 A0BF
Work like you don't need the money,
love like you'll never get hurt,
and dance like nobody's watching.
More information about the freebsd-questions
mailing list