Jail with public IP alias

Alejandro Imass aimass at yabarana.com
Thu Aug 29 01:08:26 UTC 2013

On Wed, Aug 28, 2013 at 4:11 PM, Frank Leonhardt <frank2 at fjl.co.uk> wrote:
> On 28/08/2013 19:42, Patrick wrote:
>> On Wed, Aug 28, 2013 at 7:25 AM, Alejandro Imass <aimass at yabarana.com>
>> wrote:
>>> On Wed, Aug 28, 2013 at 5:42 AM, Frank Leonhardt <frank2 at fjl.co.uk>
>>> wrote:


> Sorry guys - I had not intention of upsetting the EzJail fan club!

No worries there I just think it's an awesome tool. We used plain old
jails before, and we even went through the "service jail" path once,
but EzJail is a lot more than just lightweight easy-to-use jailing.

> The fact remains that I've tried to recreate this problem on what comes to a
> similar set-up, but without EzJail, and I can't. I've only tested it on
> FreeBSD 8.2 so far, and I've only tested it from INSIDE a jail. I completely
> understood what you were saying about it doing weird stuff outside a jail,
> but my point is that this may or may not be related.

Actually you can replicate it easily. Assign a number of IPs to any
interface but that the interface has a default route. It will always
use the "primary" or default IP on the other end. You can probably see
this effect even on a private network provided all the aliases route
through the same gateway. You will not be able to see this effect
using aliases on the loopback AFAIK.

> You don't say what version you're running. I can try and recreate it on
> another version.

It doesn't matter, it's a very basic network issue with aliases in
FreeBSD, Linux and other OSs. Look here:


I would like to know how people deal with this on FBSD


Alejandro Imass

More information about the freebsd-questions mailing list