vpn client (pptp) inside a jail
Andras GELANYI
andras at gelanyi.hu
Thu Jan 4 06:26:36 PST 2007
On Thu, 4 Jan 2007 13:54:22 +0200, Nikos Vassiliadis <nvass at teledomenet.gr> wrote:
>> Anyway. Could someone tell me whether it is possible or not?
>> Does anyone know a solution for assigning a jail to a trusted network
>> through a tunnel without any influence on the base system's networking?
>
> I can use my pptp address from within a jail, of course the tunnel is
> already
> up and visible to the base system. You can also get the "secondary IP
> address
> effect" for your jail using a loopback interface. For example:
> ng0 1.2.3.4 <-> 5.6.7.8
> lo1 9.10.11.12
> 9.10.11.12 would also be your jail address, totally unrelated to the
> tunnel.
>
> I am not sure what you are looking for. Perhaps
> you should explain a bit further. Nikos
>
i do not really have a complete plan at the moment but an idea to use a
jail on my remote system as a sandbox. i mean i would like to set up a jail
and use it (sometimes) as client / virtual machine in a remote network
through some kind of tunneling without any modification to the base system
and sometimes as a regular host to test and compile some completelydifferent
stuff.
i suspect that it is impossible but it might look like as configuring a pseudo
device (eg gre) and use only pure ip traffic through the base system's nat
until the jail's endpoint.
to be honest i am pretty new to freebsd jails so i might be wromg. so please
correct me if you know more. :)
of course the best solution would be to use true virtualization. anyway do you
know anything about the xen dom0 status on freebsd x86 smp? :)
andras
More information about the freebsd-questions
mailing list