Allowing routing table visibility in jails to make multiple IPs work properly
Rudy (bulk)
crapsh at monkeybrains.net
Fri Jan 3 08:17:02 UTC 2014
I'm having issues when putting multiple IPs on a jail... one external,
one internal (on a different vlan). The source IP from the jail is
always the first IP, so a solution is to use ipfw_nat to nat when using
the internal vlan to the 'second ip'. Ugly hack. and it doesn't work
when there is an MTU difference between the vlans:
http://www.freebsd.org/cgi/query-pr.cgi?pr=184389
Re: kern/184389: libalias fails to adjust MTU from jails
The other solution is to let the jail 'see' the routing table:
devfs -m /data/example.monkeybrains.net/dev rule apply path kmem unhide
devfs -m /data/example.monkeybrains.net/dev rule apply path mem unhide
Is there anyway (or plans for) a method to reveal the routing table but
not all of mem and kmem to the jail?
Rudy
More information about the freebsd-jail
mailing list