Is it possible dedicate lan port only for VM?

Wizzard

Dabbler
Joined
Jul 28, 2019
Messages
16
So i have 2 hardware ports, what i have now: is one is connected to local network without access to internet.
What i want to do is connect second one port to another subnet which have access to internet (to use torrent jails, rsync etc.) but i want make this "eth2" work only for jails, e.g. all requests to and from freeNas host machine will be denied. VM and Jails have separate MAC and IP assigned by DHCP.
So is it possible to make some configuration to denied everything for specific interface on host and allow what needed to jaisl and VM?
 

artlessknave

Wizard
Joined
Oct 29, 2016
Messages
1,506
I haven't really fiddled with it but it should be possible to manually change the iface that the jails are bridged to, though I'm not sure why you would do so. haven't had much sucess with jail networking changes though myself. I just have all my network ports in a failover LAGG.
 

Wizzard

Dabbler
Joined
Jul 28, 2019
Messages
16
I already done it, make VM if DHCP aware, and same physicall interface but on host DHCP-disable and set IP manually with different subnetwork, so now i could connect to VM and from VM host not visible in network.
 

KevDog

Patron
Joined
Nov 26, 2016
Messages
462
Yea this is possible to have jail traffic go through another interface -- or you could just set up VLANs if you have the capability since this is virtually the same thing. Make your secondary interface active, create a bridge and add the interface as a member, and then in each of your jails, just add the jail to the bridge.
 
Top