Hello, I live in a network where it is pretty much assumed that one machine == one MAC address == one IP address. Therefore, in order to play with jails, some having of course access to the network, I need to be able to send and receive using several MAC addresses, as if I had several NIC (which I of course don't have).
I first describe the setup I have come up with, then ask the list a couple of questions. rl0 (my only physical interface) is made promiscous, and its otherwise fine configuration is not touched (it still has it MAC and IP address) : # ifconfig rl0 promisc Create a bridge, and attach it rl0 : # ifconfig bridge0 create # ifconfig bridge0 addm rl0 up Create 2 interfaces : the first one will be connected to the bridge, the other will be the one we really want to use. # ifconfig tap0 create # ifconfig bridge0 addm tap0 up # ifconfig tap1 create Link tap0 to tap1, I have been using the br_select.c example that comme with the generic tap/tun driver on vtun.sf.net (basically, what it does is : @ open(/dev/tap0); open(/dev/tap1); @ for ever: @ if there is data in tap0, copy it to tap1 @ if there is data in tap1, copy it to tap0 @ end for Then, configure tap1 as wanted, as in : # ifconfig tap0 up ; ifconfig tap1 up # dhclient tap1 Then start a jail with the IP given to tap1, with a network service in it (sshd will do). Check that ssh'ing to the jail works. It should be possible to create use n tap devices, by doing : @ for ever: @ if there is data in tap0, copy it to tap1, ... tapn @ if there is data in tap1 or ... tapn, copy it to tap0 @ end for Also, while researching my problem, I see that it shouldn't be very hard to add hooks to rc.conf to automate all this process. Questions : It seems quite a convoluted setup (especially having to make a tunnel from tap0 to tap1 ... tapn). Is there an easier way ? Comments ? When googling for this, I was surprised not to find explanations on how to do that. Is my google fu lacking and me missing the obvious ? If this solution is a valid one, where can I post it for all to see ? (I thought about wiki.f.o, but it is developer-only it seems. forums.f.o ?) I'm not subscribed to the list, CC me in your answer, please. -- Fred _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[email protected]"
