VLANing between jails not segmenting traffic
Marko Cupać
marko.cupac at mimar.rs
Thu Nov 2 12:28:16 UTC 2017
On Mon, 30 Oct 2017 22:46:35 +0100
Michael Gmelin <grembo at freebsd.org> wrote:
> You can use fibs with net.add_addr_allfibs=0 to get separate routing
> tables (comes with its own set of complications though).
I hoped to go this way, but the fact that host (in fib0) replies to
icmp requests destined to jail with raw_sockets disabled (in fib 1) via
host's default gateway, making really wierd routing situation.
Had to go back to separate physical hosts for now. Will check VIMAGE.
--
Before enlightenment - chop wood, draw water.
After enlightenment - chop wood, draw water.
Marko Cupać
https://www.mimar.rs/
More information about the freebsd-net
mailing list