Jail resource limits
Geoffroy DESVERNAY
dgeo at ec-marseille.fr
Sun May 25 21:00:00 UTC 2008
Steven Hartland a écrit :
> This is something we're really looking forward to tbh a great
> feature :) One of the reasons for this is hosting jails, with
> the addition of multi IP support we will be able to enable
> jails to connect to "backdoor" secure services such as a
> mysql server.
>
We are already doing this (sql on a separated(physical) LAN, but jail
don't need a second interface for that: the real host's routing table is
used for outgoing packets.
Note we still need a static route on the SQL server for the packets to
come back the same way
I still don't know if this behaviour is the better one (one may think
that jail's packets should not go through different interface ?), but it
works quite well ;)
That said, we are interested in testing IPv6 and limitation stuff on
i386/amd64 machines... But not able to code (I may discover a missing
';' bug, not not much more ;)
--
Geoffroy Desvernay
Ecole Centrale de Marseille
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-jail/attachments/20080525/75c23a32/signature.pgp
More information about the freebsd-jail
mailing list