Have not used dummynet but a good starting point could be the official IPFW Handbook section http://www.freebsd.org/doc/handbook/firewalls-ipfw.html.
Just treat your jails as you would a physical host with firewall rules. One caveat to watch out for is that after enabling IPFW on your host all jails will have a default deny rule and each jail will need to have a rule added to allow traffic in/out. Also make sure your bridge contains your real NIC if you want to talk to hosts beyond your jail environment (standard networking things - man pages are your friends, ifconfig, bridge, route, etc.). Cheers, Peter On Saturday, 27-04-2013 on 21:37 Laurent Alebarde wrote: zulu writes: > > Try and exclude altq and pf from kernel - make them a loadable module > instead (just to rule out these). > Thanks zulu, it works now. No crash, and I can ping my zjail. I think I am going to drop pf completely until it is officially compatible with VIMAGE, and use IPFW. Do you have a good link please for basic and elaborate (including dummynet) use of IPFW with zjails (I have not found very usefull things up to now) ? Cheers, Laurent. _______________________________________________ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org" _______________________________________________ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
