On 2007/05/24 14:33, Michael wrote: > Hi, > > Fernando Quintero schrieb: > > What if you use something like QEMU? > > it's in the ports and you could create a openbsd box with Pf and more > > and then try probe your stuff. > > if you attach the virtual interface to a tap interface it could works. > > I've tried qemu. It is nice but REALLY slow. You only get like 10% of > the native speed especially since there is no kqemu for OpenBSD.
On the plus side, no kqemu means that VMs have better segregation than with kqemu or vmware. Works really nicely for testing things (serial console and -nographic is the way forward there...) but fairly heavy on resources. > I can do most of what I want to do with the sysjail as it is now, but > being have to "route" stuff to the jail would be a big bonus. > > Do you know if this is possible with FreeBSD jail? No, I think you'd want each jail to have a separate routing table and virtual interfaces for what you're trying to do. FreeBSD jail and sysjail are chroot-plus-restrictions, they don't do virtualisation. (If that's even a word). Dragonfly's vkernel(7) probably comes closest to what you're looking for (unless you want to look at something like Xen)...
