Hello,
I'm admittedly new to using jails, despite having used FreeBSD for several years. I'm trying to set up a host to accommodate three different networks with two different NICs.
One of the NICs is for a "WAN/public" connection (2 networks there) and one will be for the LAN.
Most of the jails will have a LAN connection as well as one of the WAN connections (there's two WAN IP ranges due to IPv4 exhaustion. Different gateways, but same physical connection).
For example:
172.30.112.0
24.111.1.0
96.2.192.0
I've searched around and tried a few different things.
Here's the rc.conf for the host:
I'm using
Here's what the host's routes look like before the jail is started:
When I start the jail, my hosts's routes change:
The broadcast for each interface also changes to its own address (/32).
I can "fix" things by doing the following on the host system:
Obviously, this is undesirable.
I've tried using
I found a forum post suggesting putting
I mentioned three networks above, but I'm only testing with two at the moment. I'm hoping that whatever solution works for these two networks will help with getting three working.
Am I missing something obvious here? Any insight? Anything is greatly appreciated.
Thanks.
I'm admittedly new to using jails, despite having used FreeBSD for several years. I'm trying to set up a host to accommodate three different networks with two different NICs.
One of the NICs is for a "WAN/public" connection (2 networks there) and one will be for the LAN.
Most of the jails will have a LAN connection as well as one of the WAN connections (there's two WAN IP ranges due to IPv4 exhaustion. Different gateways, but same physical connection).
For example:
172.30.112.0
24.111.1.0
96.2.192.0
I've searched around and tried a few different things.
Here's the rc.conf for the host:
Code:
ifconfig_igb0="inet 172.30.112.196 netmask 255.255.240.0"
ifconfig_igb0_alias0="inet 172.30.112.192 netmask 255.255.240.0"
ifconfig_igb1="inet 24.111.1.a netmask 255.255.255.240 broadcast 24.111.1.x"
defaultrouter="24.111.1.xxx"I'm using
ezjail, and in /usr/local/etc/ezjail/jailedhost I have:
Code:
export jail_jailedhost_ip="igb0|172.30.112.192,igb1|24.111.1.a"
Code:
default 24.111.1.b UGS 0 4 igb1
24.111.1.x/28 link#3 U 0 43 igb1
24.111.1.a link#3 UHS 0 0 lo0
(and the routes for the LAN)
Code:
default 24.111.1.b UGS 0 236 igb1
24.111.1.a link#3 UHS 0 0 lo0 =>
24.111.1.a/32 link#3 U 0 0 igb1
(routes for the LAN - routes for each address /32)The broadcast for each interface also changes to its own address (/32).
I can "fix" things by doing the following on the host system:
service netif restart service routing restartObviously, this is undesirable.
I've tried using
setfib to set a different routing table for the jailed host as well, but that renders the same results.I found a forum post suggesting putting
service netif restart ; service routing restart in /usr/local/etc/ezjail/jailedhost's "exec_start" line, but this made matters worse by causing what appeared to be a loop.I mentioned three networks above, but I'm only testing with two at the moment. I'm hoping that whatever solution works for these two networks will help with getting three working.
Am I missing something obvious here? Any insight? Anything is greatly appreciated.
Thanks.