[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ezjail] Jails and networks

[fixed the top-posting]

Le mardi 13 à 23:30, Cyberia / Jisri a écrit :
> On Tue, Dec 13, 2011 at 4:21 PM, Jack Raats <jack AT jarasoft DOT net> wrote:
>> I'm running FreeBSD 7.4-STABLE with the latest ezjail from the ports.
>> I only have one networkcard.
>> On my network I have two gateways
>> I want:
>> The host is running as netmask with gateway
>> The jail must be running netmask with
>> gateway
> I did not test this but below are some steps you can try and let us
> know:
> [snip]
> After you create the jail log into it and create  /etc/rc.conf with
> the following in it:
> defaultrouter=""

Jails do not make routing decisions, so I'm afraid setting
$defaultrouter in a jail will have no effect.

Jack, I think what you want is an alternate FIB (forwarding info table)
for your jail. In the default FIB (n°0), you use with gw, and in the second FIB (n°1) you use with
gw Then, you tell ezjail (actually, you tell
/etc/rc.d/jail) to use FIB 1. Everything in the host will use the
default FIB (with the gw).

I don't have time right now to dig deeper into it, but you will want to:

- search for FIB in the doc ;
- configure a second FIB with something like `setfib 1 route ...' ;
- as FIB appeared with 7.1, look if your copy of /etc/rc.d/jail has
  support to run a jail with another FIB, otherwise try to copy the
  relevant bits from a more recent release ;
- twiddle the value of jail_XXX_fib in your conf file ;
- ...
- PROFIT! (hopefully)