Jail with public IP alias

Patrick gibblertron at gmail.com
Tue Aug 27 22:28:40 UTC 2013 

That's not the behaviour I see. My jail has a private and public IP.

$ ifconfig bce1
bce1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=c01bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,VLAN_HWTSO,LINKSTATE>
        ether a4:ba:db:29:7a:1b
        inet 192.168.42.23 netmask 0xffffffff broadcast 192.168.42.23
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active

If I ssh into another host on the 192.168.42.0 network, I see:

$ who
patrick          ttyp1    Aug 27 15:21 (192.168.42.23)

The host of the jail has multiple IPs on that private subnet:

$ ifconfig bce1
bce1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=c01bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,VLAN_HWTSO,LINKSTATE>
        ether a4:ba:db:29:7a:1b
        inet 192.168.42.17 netmask 0xffffff00 broadcast 192.168.42.255
        inet 192.168.42.18 netmask 0xffffffff broadcast 192.168.42.18
        inet 192.168.42.19 netmask 0xffffffff broadcast 192.168.42.19
        inet 192.168.42.20 netmask 0xffffffff broadcast 192.168.42.20
        inet 192.168.42.21 netmask 0xffffffff broadcast 192.168.42.21
        inet 192.168.42.23 netmask 0xffffffff broadcast 192.168.42.23
        inet 192.168.42.24 netmask 0xffffffff broadcast 192.168.42.24
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active

Are you using NAT from your jail to the outside world?

Patrick


On Tue, Aug 27, 2013 at 2:21 PM, Alejandro Imass <aimass at yabarana.com> wrote:
> On Tue, Aug 27, 2013 at 4:59 PM, Alejandro Imass <aimass at yabarana.com> wrote:
>> Hi,
>>
>> I have a machine with several public IPs on the same NIC and I bound
>> one of those IPs to a jail created with EzJail. Suppose the scenario
>> is something like this:
>>
>> em0
>> 190.100.100.1
>> 190.100.100.2
>> 190.100.100.3
>> 190.100.100.4
>>
>> In the jail we are bound only to 190.100.100.4
>>
>> The default router is correctly set on the jail, etc.
>>
>> But when we ssh out of that jail, or send an email, the receiving end
>> always sees 190.100.100.1 not 190.100.100.4 which is the IP the jail
>> is bound to.
>
>
> I think my problem is actually more basic than this. The problem
> actually occurs on the base system as well and I think it's because
> all the IPs are on the same subnet, then the kernel assumes to use the
> primary IP as the source address. For the sake and usefulness of the
> mail archives I will end this thread here and start another one with a
> more appropriate title, not before researching to see if this can be
> done with the routing table or if I need to use ipfw to re-write the
> source address.
>
> Thanks,
>
> --
> Alejandro Imass
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"

More information about the freebsd-questions mailing list