FreeBSD 12.1, vnet jail, and internet access
Ernie Luzar
luzar722 at gmail.com
Sun Jun 28 19:32:07 UTC 2020
JÁKÓ András wrote:
>> I was under the impression that the two stacks were separate?
>
> They are. But I don't think your ISP knows anything about your private
> subnet, so they won't send IP packets with your private destination
> address to you. And most probably they won't accept IP packets with your
> private source address from you. So you have to translate these private
> addresses if you want your ISP (and others) to forward them.
>
>> Should I nat on the bridge or epair?
>
> On the bridge, I guess.
>
Have 2 questions.
If there were no ip addresses on the bridge and the epair0b in the vnet
jail would packets pass out the bridge member external interface?
How would I setup a public domain name to target the vnet jail?
More information about the freebsd-jail
mailing list