vnet without epair

Sun Feb 10 13:56:10 UTC 2013

On Sun, 10 Feb 2013, Nikos Vassiliadis wrote:

> On 2/10/2013 2:54 PM, Teske, Devin wrote:
> > It's not in ports only because I first wanted to see where jail.conf would take us w/respect to vimages.
> 
> I see.
> 
> > However, this package not being in ports shouldn't prevented you from trying it -- it's extremely stable and as I mentioned, we've been using it heavily at $work for over 12 months now. When you download the package (*.tgz) and pkg_add it, it installs the following two files only:
> >
> > /etc/rc.d/vimage
> > /etc/rc.conf.d/vimage
> >
> > NOTE: The rc.conf.d file is the "documentation" on usage
> >
> > If you haven't tried it, then I hope you will because I think the new jail.conf stuff falls short. Don't get me wrong, jail.conf is a great start, but simply adding the ability to manage the vnet aspect of a jail does not make a vimage (what's missing is the built-in support for generating bridges as vimages are brought up/down dynamically).
> >
> > I feel that before I add this to ports I need to reprogram it to use jail.conf (not directly). That will simplify its code and [should] make it smaller. I was somewhat waiting on /etc/rc.d/jail to blaze the trail for me.
> >
> > In short, the landscape has been changing fast enough that it's prevented me from adding this to ports, but in spite of that it's still very much real _and_ real stable.
> >
> 
> Yes, of course.
> 
> I will try it and report back to you my findings.
> 
> What I - nikos - really need from a script like yours is the ability
> to generate arbitrarily complex topologies with interconnected vnet
> jails. Something like:
> a----b----c---d
>       |
>       |
> h----e----f---g
>            |
>            |
>            i
> 
> Like a cut-down version of imunes[1] without the need of a graphical
> user interface.
> 

Excellent! This is precisely what I was after when I wrote the vimage package and its contents. I'm familiar with IMUNES and netgraph fits the bill well (especially with "ngctl dot" being useful in providing visual confirmation when you've achieved the desired network layout -- when "ngctl dot | dot -Tsvg -o netgraph.svg" starts to look like your IMUNES graph, then you know you're making progress toward having the right configuration).
-- 
Devin

_____________
The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you.