natd in a jail

[Morgan Reed]

On Thu, Nov 22, 2012 at 9:38 PM, Simon Dick <simond at irrelevant.org> wrote:
> I've not used it myself, but this sound like something VIMAGE may be good
> for, basically it's a virtual tcp stack per jail, there's some docs at
> http://wiki.freebsd.org/Image but I seem to remember a more up to date one
> elsewhere but can't find it at the moment!

These are all VIMAGE jails :) I originally tried to do this without
VIMAGE but OpenVPN won't work properly in that environment as if it
updated the kernel routing table (which ISTR it couldn't, makes sense
given the nature of jail) it would have changed it on the host and all
jail images.