routing in jails

andrewm659

Active Member

Reaction score: 4
Messages: 130

Not sure this is the right part of the forums. Move it if necessary.

I have my FreeBSD 11 server running jails (ezjail) and I just moved it to a new VLAN. Most everything inbound works. I have for example rancid setup in one of the jails. Works great. But since I moved it to a new VLAN and no longer have a flat network I can't SSH or telnet outbound from there. I can ping the other VLAN however and the destination firewall.


Here is my /etc/sysctl.conf
Code:
# cat /etc/sysctl.conf
# $FreeBSD: releng/11.0/etc/sysctl.conf 112200 2003-03-13 18:43:50Z mux $
#
#  This file is read when going to multi-user and its contents piped thru
#  ``sysctl'' to adjust kernel values.  ``man 5 sysctl.conf'' for details.
#

# Uncomment this to prevent users from seeing information about processes that
# are being run under another UID.
#security.bsd.see_other_uids=0
security.jail.allow_raw_sockets=1
net.inet.ip.forwarding=1
rc.conf
Code:
ezjail_enable="YES"
gateway_enable="YES"
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 6,926
Messages: 28,850

With the standard jails there is no routing. It's the host that does the routing, jails themselves don't have access to network settings.
 
Top