Hi Lonnie, No, those were notes from when I was experimenting with running SmartOS on kimsufi. I ended up running it on So-You-Start (both OVH) were I have 8 IP's so there was no need.
Although ipf/ipnat is not my prefered firewall, I do find it works quite well for most cases. A minimal router zone + etherstub could certainly allow for a simple plug and play setup, but it will require a bit of work and tweaking. I have a bunch of generic notes from my OpenBSD firewall do have to do with dnsmasq specifically for DNS forwarding, DHCPv4 and ra for IPv6 but those are hightly tweaked for my setup, so those would be of little value as the man page of dnsmasq is very good. The manpage should serve as a good jump off point to get started. Regards Jorge On 2017-11-03 20:36, Lonnie Cumberland wrote: > Hello Jorge, > > Thanks for your reply and in my reading of your "SmartOS single IP with NAT" > it makes me think of many possibilities like maybe being able to add enough > stuff so that the user might be able to select network settings in a similar > way that VBox allows users but being able to code them in the zone json > files. I would also like to investigate your approach more. > > Have you done anything additional in this area since writing the article? > > Cheers, > Lonnie > > On Fri, Nov 3, 2017 at 11:33 AM, Jorge Schrauwen <[email protected]> > wrote: > > Hi Lonnie, > > I wrote the page on docu.blackdot.be [1], you can just run the ipf and ipnat > inside a 'router' zone. > That zone can then also run dnsmasq or simular to hand out the DHCP leases > and do DNS forwarding. > > You can then still add all other zones and one interface in the 'router' zone > to and etherstub. The other zone will then just get there address from the > 'router' zone if you configure them like mentioned in Brians message. > > Regards > > Jorge > > On 2017-11-03 14:56, Lonnie Cumberland wrote: > > Greetings All, > > Since my recent entry into the world of Illumos and in particular, SmartOS > which I REALLY think is awesome by the way, I an playing around with > different zone implementations and running a few VMs which led to a question. > > I am wondering if an internal NAT can be setup to provide to provide DHCP, > DNS, etc.. to dynamic zone VMs and wanted to ask the community what thoughts > and experiences you have on this? > > I started looking at pfsense and VyOS as possible off-the-shelf solutions and > am exploring this possibility. > > On a side note, the test bed network is a cable modem NAT for a local LAN of > which I have some physical machines. Once of them is for playing around with > SmartOS which I would like to setup a NAT zone to handle the other zones when > created. > > I did also run across these posts that may be of interest to you: > > https://wiki.smartos.org/display/DOC/NAT+using+Etherstubs [2] > > https://docu.blackdot.be/snipets/solaris/smartos-nat [3] (This one if > really interesting) > > https://gist.github.com/baetheus/5e1e5ab1eb68fae3490d [4] > > https://timboudreau.com/blog/smartos/read [5] > > http://www.scalingbits.com/book/export/html/479 [6] > > Anyway, thought that I would share these links and perhaps hear back from > what others are doing in SmartOS. > > Thanks and have a great day, > Lonnie > > SMARTOS-DISCUSS | Archives [7] [8] | Modify [9] Your Subscription > [10] Links: ------ [1] http://docu.blackdot.be [2] https://wiki.smartos.org/display/DOC/NAT+using+Etherstubs [3] https://docu.blackdot.be/snipets/solaris/smartos-nat [4] https://gist.github.com/baetheus/5e1e5ab1eb68fae3490d [5] https://timboudreau.com/blog/smartos/read [6] http://www.scalingbits.com/book/export/html/479 [7] https://www.listbox.com/member/archive/184463/=now [8] https://www.listbox.com/member/archive/rss/184463/26452851-88b650c7 [9] https://www.listbox.com/member/?& [10] http://www.listbox.com ------------------------------------------- smartos-discuss Archives: https://www.listbox.com/member/archive/184463/=now RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00 Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb Powered by Listbox: http://www.listbox.com
