On 5/30/2013 8:29 AM, Joe wrote:
Pietro Paolini wrote:
Hello all,
I am a new bye on the FreeBSD and I am looking at the VIMAGE features
experiencing some problems.
I added the options :
VIMAGE
if_bridge
and I removed
STCP
then I recompiled my kernel and install it.
After that, following this tutorial
http://imunes.tel.fer.hr/virtnet/eurobsdcon07_tutorial.pdf I tried
the "Exercise 2" which consist on the following commands:
vimage -c n1
vimage -c n2
ngctl mkpeer efface ether ether
ngctl mkpeer efface ether ether
ngctl mkpeer em0: bridge lower link0
ngctl name em0:lower bridge0
ngctl connect em0: bridge0: upper link1
ngctl connect ngeth0: bridge0: ether link2
ngctl connect ngeth1: bridge0: ether link3
vimage -i n1 ngeth0 e0
But my virtual interface on the n1 vimage does not receive any packet
from the external network while I can see the packet go out from it.
For instance using DHCP, e0 on n1 sends DHCP packets but it does not
receive the answers (which are send, I verified it from wireshark),
in adding
the ARP request for his IP address (if I try to add it statically)
are not received then it can not answer.
At the end of the line the question is: how can I make this "virtual
network" and the external real network be able to communicate ?
Thanks in advance.
Pietro.
1. That link is from 2007. So very much has changed since then.
There are more current links on the internet about this subject. Most
are for 8.X releases.
2. If your running 8.2-RELEASE or 9.1-RELEASE all you need to add is
"options vimage" statement to your kernel source and recompile.
3. There are 2 networking methods available for creating vnet/vimage
jail networks, if_bridge/epair and netgraph. The if_bridge/epair
method is far simpler to config and use then the netgraph method.
4. There are 2 methods of jail setup, the rc.d method where your jail
definition parameters go into the hosts rc.conf and the jail(8) method
where you can place each jails definition parameter in separate files.
5. There are two very important show stopper PRs on vimage,
164763 memory leak and 149050 the rc.d keyword "nojail" problem.
Vimage is a very long way from prime time usage, thats why it's
labeled as highly experimental. Host system freezes and page faults
are common.
6. When it comes to running a firewall in a vnet/vimage jail your
limited to IPFW and it has limitations. Dummynet and in kernel NAT
cause system freezes. IPFILTER causes page fault at boot time. PF will
run on the host but not run in the vnet/vimage jail. Here are a bunch
of PRs on vimage firewall problems, 143621, 176092, 161094, 176992,
143808, 148155, 165252, 178480, 178482
Check out these links
http://druidbsd.sourceforge.net/vimage.shtml
http://devinteske.com/vimage-jails-on-freebsd-8
http://lists.freebsd.org/pipermail/freebsd-virtualization/2011-September/000747.html
http://bsdbased.com/2009/12/06/freebsd-8-vimage-epair-howto
http://zewaren.net/site/?q=node/78
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscr...@freebsd.org"
I would like to thank Pietro for asking the question and Joe for
answering, as I was looking into vimage myself. This sort of thing
really helps a lot of people who are exploring FreeBSD and new features.
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
