Frank de Bot (lists)
2015-Aug-24 21:24 UTC
Multiple IP/subnet in jail, source address for connections
Hello,
I'm trying to have jail with a public and a private IP address. Both
are on the same interface. The public is called 79.x.x.213 and private
10.4.3.6
Out from ifconfig within the jail is:
inet 79.x.x.213 netmask 0xffffffff broadcast 79.x.x.213
inet 10.4.3.6 netmask 0xffffffff broadcast 10.4.3.6
When I try to reach a host on the 10.4.3.0/24 network, it will use the
source address 79.x.x.123 (seen with tcpdump)
When done outside of the jail on the server, it does have the right
source address.
How can I get my jail to have the right source address? Some tools
provide a way to define a source address, like telnet -s, but it's not
workable.
Frank de Bot
Michael Loftis
2015-Aug-24 21:46 UTC
Multiple IP/subnet in jail, source address for connections
Normally when jails are added their IPs are created as "normal" aliases, so they'll get a /32 netmask when you don't specify. So Depending on how you're creating the jail you'll need to specify the netmask with the IP wherever you configure your jail. (You didn't mention if you're using ezjail or not for example....) On Mon, Aug 24, 2015 at 2:24 PM, Frank de Bot (lists) <lists at searchy.net> wrote:> Hello, > > I'm trying to have jail with a public and a private IP address. Both > are on the same interface. The public is called 79.x.x.213 and private > 10.4.3.6 > Out from ifconfig within the jail is: > > inet 79.x.x.213 netmask 0xffffffff broadcast 79.x.x.213 > inet 10.4.3.6 netmask 0xffffffff broadcast 10.4.3.6 > > When I try to reach a host on the 10.4.3.0/24 network, it will use the > source address 79.x.x.123 (seen with tcpdump) > When done outside of the jail on the server, it does have the right > source address. > How can I get my jail to have the right source address? Some tools > provide a way to define a source address, like telnet -s, but it's not > workable. > > > Frank de Bot > _______________________________________________ > freebsd-stable at freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"-- "Genius might be described as a supreme capacity for getting its possessors into trouble of all kinds." -- Samuel Butler