Multiple NAT router
Julian Elischer
julian at elischer.org
Mon Jul 24 20:40:15 UTC 2006
Brian Candler wrote:
>On Mon, Jul 24, 2006 at 04:09:29PM +0200, Marko Zec wrote:
>
>
>>>There's a project called 'vimage' which adds a separate virtual forwarding
>>>table per jail. This might work for you, although all the natd's "outside"
>>>interfaces would need to sit on the same interface, and I don't know if it
>>>can do that.
>>>
>>>
>>Yes this should work with a virtualized stack - all the "outsied" interfaces
>>in each jail / virtual stack could be simply bridged together using netgraph
>>which is virtualization-agnostic, i.e. a global facility in the current
>>implementation of "vimage".
>>
>>Of course a significant problem might be that the stack virtualization patches
>>exist only for FreeBSD 4.x, but there's a very good chance that a formal
>>project aimed at bringing vimage into sync with 6.x and -CURRENT could start
>>shortly...
>>
>>
>
>Also, what would really suit him is a netgraph IP interface node - i.e.
>something which takes raw ethernet frames from the interface, performs IP
>encapsulation/decapsulation and ARP - and an IP forwarding node with its own
>forwarding table. Has anyone done any work in that area? It would be really
>cool for VPN edge routing, for example.
>
>
an ng_ip node :-)
I've considerred it.
>Regards,
>
>Brian.
>_______________________________________________
>freebsd-net at freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-net
>To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
>
>
More information about the freebsd-net
mailing list