How to set up static route to jails?

B

BillA

Hello,
I'm having a real problem getting my head around routing. The routes were always configured on my machines, and so I am a bit confused by the examples in the handbook and online.

Here's my situation. I have a dedicated server inside of a NOC. The default router is 77.x.x.x. I want to put a reverse proxy on my IP 88.x.x.x, forwarding traffic to jails 192.x.x.10, 192.x.x.20 and 192.x.x.30.

Jails 1,2, and 3 do not need to talk to one another, only to the proxy

So it looks like this:

NOC External (default router) 77.x.x.x
---------------------------------
My reverse proxy IP 88.x.x.x
Jail1 192.x.x.10
Jail2 192.x.x.20
Jail3 192.x.x.30


In rc.conf, do I keep the default router as 88.x.x.x? Will this expose my 192 jails to external traffic?

Would you kindly take a look at this rc.conf setting and see if it would work?

My host rc.conf:
Code: 
gateway_enable="YES"
defaultrouter="88.x.x.x"
static_routes="lan1"
route_lan1="-net 192.168.1.0/24   77.x.x.x"

The client rc.conf would look like this:
Code: 
defaultrouter="77.x.x.x"
static_routes="lan1"

I just know that this is wrong. Unfortunately, I am self-learning and don’t have the depth of knowledge to determine what it is.
Thank you for your help,
Bill
 
You cannot set routes inside a regular jail. Routes need to be set on the host, not the jail.

How is that 88.x.x.x address accessed? I'm assuming this is done via 77.x.x.x.? If so, leave 77.x.x.x as your default gateway.

The services on 88.x.x.x (which I assume is on the same host as the jails) can connect to the 192.168/16 jails without any issues because they are 'directly-connected'. No need for any static routes. This should be fairly obvious when you check with netstat on the host when all the jails have been started.
 
You must log in or register to reply here.
Back
Top