Maybe this is what you need http://sourceforge.net/projects/zjails/ , doesn't require any advanced ZFS or VNET knowledge (just a working ZFS pool and VIMAGE kernel).
VNET is supported and there is a "soft" jail restart option which prevents the "kern/164763: Memory leak in VNET" issue from appearing. You can also run non VNET ZFS jails - you can turn on or off VNET by simply executing "zjail set vnet=off/on myjailname" then restarting the jail with "zjail restart -c myjailname". On FreeBSD 9.1 amd64, pf inside a jail will cause an immediate kernel panic once you run pfctl in the jail - IPFW works as already stated by others. You can have pf enabled on the host however and have IPFW firewall in jails. Cheers, Peter On Wednesday, 24-04-2013 on 22:19 Laurent Alebarde wrote: Hi all, I am a FreeBSD/Jail/vnet newbbie. I read a lot of posts and tutorials, mainly : * http://wiki.polymorf.fr/index.php/Howto:FreeBSD_jail_vnet * http://archive.0xfeedface.org/blog/2011-11-21/lattera/freebsd-vnet-jail-admin-project I have some questions please : 1. Are they still up-to-date ? 2. Is the jail rc script still have to be patched to be able to use pf instead of IPFW ? 3. What are the best up-to-date links for tutorials to setup ZFS ipv4/ipv6 vnet jails ? 4. Can it be put in production safely or is it still considered experimental ? Cheers, Laurent. _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "[email protected]" _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "[email protected]"
