> On Mon, Aug 24, 2015 at 2:24 PM, Frank de Bot (lists) > <li...@searchy.net> wrote: > > Hello, > > > > I'm trying to have jail with a public and a private IP address. > > Both > > are on the same interface. The public is called 79.x.x.213 and > > private > > 10.4.3.6 > > Out from ifconfig within the jail is: > > > > inet 79.x.x.213 netmask 0xffffffff broadcast 79.x.x.213 > > inet 10.4.3.6 netmask 0xffffffff broadcast 10.4.3.6 > > > > When I try to reach a host on the 10.4.3.0/24 network, it will use > > the > > source address 79.x.x.123 (seen with tcpdump) > > When done outside of the jail on the server, it does have the right > > source address. > > How can I get my jail to have the right source address? Some tools > > provide a way to define a source address, like telnet -s, but it's > > not > > workable. > > > > > > Frank de Bot > >
Am 24. August 2015 23:46:10 MESZ, schrieb Michael Loftis <mlof...@wgops.com>: > Normally when jails are added their IPs are created as "normal" > aliases, so they'll get a /32 netmask when you don't specify. So > Depending on how you're creating the jail you'll need to specify the > netmask with the IP wherever you configure your jail. (You didn't > mention if you're using ezjail or not for example....) > I guess Frank is connecting to the private IP from inside the same subnet. Thus the host is using its default route to answer. When you add a route to your other private networks, say they're all inside 10.0.0.0/8, via the gateway in 10.4.3.0/24 the host should use its private IP to respond (looks up route to 10.5.17.0/24, matches 10.0.0.0/8, uses gw of 10.4.3.0/24, uses local address in 10.4.3.0/24 to send packets to gw of 10.4.3.0/24). Of course this won't work w/o such a gateway in 10.4.3.0/24. Regards, Florian _______________________________________________ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
