This is a question that seems to have been asked many times but I can't find a suitable answer.
I've been happy with my collection of jails for personal use but I've decided to use the spare capacity to host some jails that I'll share with others. Added to that I've now got a more capable router so I want to segregate my network. The idea is that the admin of the NAS will run on 10.0.0.x, the personal jails on 10.0.1.x and the shared will run on 10.10.0.x.
I've got interfaces igb0, igb1, igb2 and igb3 available to me but let's just simplify and say that I want the
10.0.x.x on igb0
10.10.x.x on igb3
I've been quite happy using VIMAGE and so I thought that the simplest way would be to create another bridge interface, bridge1 and then delete the epair interface from bridge0 and add it to bridge1.
so three points:
Is there a better/more standard way of doing this?
How can I get the new bridge to survive reboots. I've tried with rc.conf but that failed
Can this be added as a feature request - perhaps preferable as a warden option. Alternatively perhaps specifying the physical interface's IP or name when creating the Jail. Perhaps it could do something clever like assign the physical interface based upon its subnet.
I've been happy with my collection of jails for personal use but I've decided to use the spare capacity to host some jails that I'll share with others. Added to that I've now got a more capable router so I want to segregate my network. The idea is that the admin of the NAS will run on 10.0.0.x, the personal jails on 10.0.1.x and the shared will run on 10.10.0.x.
I've got interfaces igb0, igb1, igb2 and igb3 available to me but let's just simplify and say that I want the
10.0.x.x on igb0
10.10.x.x on igb3
I've been quite happy using VIMAGE and so I thought that the simplest way would be to create another bridge interface, bridge1 and then delete the epair interface from bridge0 and add it to bridge1.
so three points:
Is there a better/more standard way of doing this?
How can I get the new bridge to survive reboots. I've tried with rc.conf but that failed
Can this be added as a feature request - perhaps preferable as a warden option. Alternatively perhaps specifying the physical interface's IP or name when creating the Jail. Perhaps it could do something clever like assign the physical interface based upon its subnet.