Multiple interfaces

[Miroslav Lachman]

Peter Ankerstål wrote:
> On 01/10/11 16:45, Stefan Bethke wrote:
>> Am 10.01.2011 um 15:28 schrieb Peter Ankerstål:
>>
>>> I want access to a public and a private network from a jail.
>>>
>>> Can I configure a jail with multiple interfaces?
>> Yes, see rc.conf(5):
>> jail_<jname>_ip
>> (str) Unset by default. Set to the (primary) IPv4 and/or
>> IPv6 address(es) assigned to the jail. The argument can be a
>> sole address or a comma separated list of addresses. Addi-
>> tionally each address can be prefixed by the name of an
>> interface followed by a pipe to overwrite
>> jail_<jname>_interface or jail_interface and/or suffixed by a
>> netmask, prefixlen or prefix. In case no netmask, prefixlen
>> or prefix is given, `/32' will be used for IPv4 and `/128'
>> will be used for an IPv6 address. If no address is given for
>> the jail then the jail will be started with no networking
>> support.
>>
>> Assuming that the private and the public networks are attached to em0
>> and em1, respectively, you'd set
>> jail_myjail_ip="em0|172.17.43.3,em1|192.0.2.27"
>> in rc.conf.
>>
>>
>> Stefan
>>
> Oh, thanks!
>
> Sorry about that. But the "pipe" part is very hard to miss in the manual.

You don't need to specify interface name (em0,em1) if you do not use 
auto adding / removing IP addresses on interfaces (if you do not have 
jail_<jname>_interface).
I have IP adresses defined in rc.conf in the standard way as
ifconfig_bge1="inet ...
ifconfig_bge1_alias0="inet ...
ifconfig_nfe0="inet 192.168.22.56 netmask 255.255.255.0"
ifconfig_nfe0_alias0="inet 192.168.22.57 netmask 255.255.255.0"

jail_alpha_ip="1.2.3.4"
jail_alpha_ip_multi0="192.168.22.57"

or just

jail_alpha_ip="1.2.3.4,192.168.22.57"

The jail will use these addresses as they are on a different interfaces.

Miroslav Lachman