jail(8) vimage epair bridge
Anders Hagman
anders.hagman at netplex.se
Fri Apr 26 14:45:53 UTC 2013
Hi
24 apr 2013 kl. 22:07 skrev Joe <fbsd8 at a1poweruser.com>:
> Anders Hagman wrote:
>> Hi
>> 23 apr 2013 kl. 15:14 skrev Joe <fbsd8 at a1poweruser.com>:
>>> Hello list
>>>
>>> I am using jail(8) trying to get a functional vimage environment on my
>>> 9.1-RELEASE system. My PC only has a single real NIC facing the public
>>> internet.
>>>
>>> My goal is to be able to have multiple vimage jails, each with
>>> their own epairXa epairXb and bridgeX where the "X" is the jails JID
>>> number all having their traffic passing through the single rl0 real
>>> interface. The vnet.start script shown below handles this nicely.
>>>
>>> The problem is after the first vimage jail is started the rl0 interface
>>> gets marked as busy when the second vimage jail is started.
>> You don't need more the one bridge.
>> Connect all epairXa and the rl0 interface to the bridge. Put the epairXb in the right jail.
>> If you want separation. Create vlan interfaces.
> > Connect them to rl0 and put them inside the jail.
>
> Hello Anders;
>
> Now that I have an bridge, epair solution,
> I would like to learn the vlan method you spoke about.
> Would you please provide some details about how it could be done.
> I have never used vlan before.
You need a vlan switch and a trunk connection between your server and the switch. You need a router/firewall that handles vlans. m0n0wall.
In your server create vlan interfaces:
Ifconfig vlan101 create vlan 101 vlandev rl0
Move the interface to a started jail
Ifconfig vlan101 vnet jailX
Connect to jail, config and test
Br
Anders
More information about the freebsd-jail
mailing list