vnet text for release notes for FreeBSD 8.0

Julian Elischer julian at elischer.org
Thu Oct 29 18:51:48 UTC 2009 

I guess we need to make a quick note for inclusion with the 8.0 
release notes:

I'm going to put  a coupel of sentences here as straw-man starting 
point, and hopefully we can work on it together.

In addition some recipes for some interesting things to do might be 
good. Maybe as a separate document on the web we can point to.



----straw man--

FreeBSD 8.0- includes a "technology demonstration" version of
the Virtual network stack work that has been done over the last
few years. Thi sis not meant to be used in production yet but is
sufficient to allow FreeBSD users to experiment with the feature
and get an idea of it's capabilities.  The feature, originally
known as "vimage" is now integrated into the jail framework, and
is controlled from the jail utility.

A new jail that is created withh the 'vnet' keyword in the
command will be allocated a separate network stack. The new
network stack will have it's own lo0 interface and can be assigned
any of the existing real interfaces or virtual interfaces.
In addition it can have its own instance of ipfw, and its own
completely separate routing tables.

Processes in the new jail can only communicate with (network wise)
processes outside the jail via unix domain sockets in shared
filesystem space, or via external (or virtualized) networking
infrastructure. This allows processes on the same machine to exist
on completely disjoint network segments, or for one machine to
have multiple interfaces on the same network segment with no
confusion. (in different vnets).

Virtualized features in 8.0 include:
* raw sockets,
* routing sockets
* IPv4 udp, tcp and sctp
* IPv6 udp, tcp and sctp
* ipsec
* ipfw
* netgraph
* divert sockets
* routing tables
* interfaces (real and virtual)

In future releases of FreeBSD more features will be virtualized
including pf. In addition work will be done to address weaknesses
the currently virtualized modules.


for some examples if vnet based configurations see:
<address on web>

"give it a try!"

----end straw man----

is scpt fully virtualized in 8.0?
did I miss anything.

julian

More information about the freebsd-virtualization mailing list