-
Notifications
You must be signed in to change notification settings - Fork 11
Network
Iocage is not meant to be a network manager. It provides configuration interfaces for common network scenarios, but the general assumption is that networking is already configured on the host.
There are two modes of network operation in iocage: VNET on/off. The vnet property of a jail defined which of the modes is enabled:
# global
ioc set vnet=on defaults
# per-jail
ioc set vnet=on <JAIL_NAME>Like previous iocage versions, libiocage comes with support for VNET/VIMAGE. In Freebsd 11.1-RELEASE there is no default kernel support for VIMAGE/VNET, so that this network mode requires building a custom kernel with options VIMAGE.
ifconfig bridge0 create
ifconfig bridge0 10.23.42.1/24
ioc create -b -n jail-a
ioc create -b -n jail-b
ioc set vnet=on interfaces="vnet0:bridge0" ip4_addr="vnet0|10.23.42.2/24" defaultrouter="10.23.42.1" jail-a
ioc set vnet=on interfaces="vnet0:bridge0" ip4_addr="vnet0|10.23.42.3/24" defaultrouter="10.23.42.1" jail-b
ioc start jail-a,jail-bWhenever a Jail is started with vnet=off configuration property. Iocage forwards the ip4_addr and ip6_addr configuration properties to the jail command, so that the network configuration is similar to VNET. When using this network mode jails can list all existing host interfaces.
ioc create -b -n non-vnet-jail
ioc set vnet=off ip4_addr="em0|10.1.1.10/24" non-vnet-jail
ioc start non-vnet-jail