Hello all,
I am looking to allow a processes inside jails to make network requests (such as DNS lookups, http requests, etc). The spit in the punch is that I wish to avoid giving them an alias on the host's NIC as I want to automate the creation and destruction of jails, and wish to avoid potential IP address conflicts across the LAN.
The best I can think of is attempting to request addresses with DHCP in my automated jail creation script, or, in the case of a static network, verify the address is available before creating the alias for the jail, although this feels very messy.
With exclusively incoming traffic, it is trivial to use nginx or similar to forward incoming requests to a jail bound exclusively to a loopback interface, but this obviously will not work with traffic originating inside the jail. Perhaps there is a way to configure a router and bridge for outgoing jail traffic on the loopback interface, bridging to the "real" network interface, although any ideas would be much appreciated.
Thanks,
DD
I am looking to allow a processes inside jails to make network requests (such as DNS lookups, http requests, etc). The spit in the punch is that I wish to avoid giving them an alias on the host's NIC as I want to automate the creation and destruction of jails, and wish to avoid potential IP address conflicts across the LAN.
The best I can think of is attempting to request addresses with DHCP in my automated jail creation script, or, in the case of a static network, verify the address is available before creating the alias for the jail, although this feels very messy.
With exclusively incoming traffic, it is trivial to use nginx or similar to forward incoming requests to a jail bound exclusively to a loopback interface, but this obviously will not work with traffic originating inside the jail. Perhaps there is a way to configure a router and bridge for outgoing jail traffic on the loopback interface, bridging to the "real" network interface, although any ideas would be much appreciated.
Thanks,
DD
