Reinhard Haller wrote:
Julian Elischer schrieb:
Julian Elischer wrote:
Reinhard Haller wrote:
I tried it with the following, but suffered intermittent routing
problems (route6d died and cannot be restarted):

   jail -c vnet name=d1 path=/jails/dns1
   jail -c vnet name=d2 path=/jails/dns2
   ifconfig bridge0 create
   ifconfig epair create
   ifconfig epair create
   ifconfig bridge0 addm epair0a addm epair1a up
   ifconfig epair0a inet6 fd08:e8a3:4825:10::1
   ifconfig epair0b vnet 1
   ifconfig epair1b vnet 2
   jexec 1 csh
   ifconfig epair0b inet6 fd08:e8a3:4825:10::10
   route -n add -inet6 default fd08:e8a3:4825:10::1
   jexec 2 csh
   ifconfig epair1b inet6 fd08:e8a3:4825:10::11
   route -n add -inet6 default fd08:e8a3:4825:10::1

Is this the way to get a stable vnet system?
using epair and bridge is probably suboptimal.

try using:
1: three epair sets to make a mesh (usable with smal nunbers fo jails)

Do you mean 2 ip-addresses per jail and another 2 for the host?

yeah route rather than bridge.

2: using netgraph to make a bridge..

bridge + epair are cloneable interfaces, they are created before pf
starts. The netgraph stuff is problematic when using interfaces in pf.conf.

_______________________________________________ mailing list
To unsubscribe, send any mail to 

Reply via email to