Tom - FreeBSD journal article by A. Fengler

New About Yours API Help
967 bytes, Plain text
Hey Allan and Benedict,

I'm here with another question on jails. I was reading the article "Advanced jail management with ezjail" in the now free FreeBSD Journal and he mentions:

> Since the router is not doing NAT, any jail with a private IP address will not be
> able to connect out. We can work around this by running our own NAT somewhere,
> but we probably do not want to NAT our entire server.
> We can change the FIB, or routing table, for the jail.

However, he does not explain how you should actually perform the NAT between these two routing tables (FIBs). The FreeBSD handbook also does not mention multiple routing tables so I'm left to wonder: how?

I imagine I can setup a jail with two NICs, one in each FIB and install IPFW or PF on it to do the NAT. Perhaps I could use Netgraph in some weird way to perform NAT betewen the two routing tables but I'm wondering what the best and most simpl way is.

Any thoughts?

Best regards,
Tom
Pasted 4 months, 3 weeks ago — Expires in 222 days
URL: http://dpaste.com/2B43MY1