FreeBSD Jail Add Multiple IPv4 / IPv6 Address

How do I add multiple IPv4 / Ipv6 inside jail?

FreeBSD does support Multi-IPv4/v6/no-IP jail and it was merged to STABLE release. You need to rebuild your kernel including jls(8) and to use the new features jail(8), jexec(8) and cpuset(1) with a new kernel. Another option is get FreeBSD 7.2 (RC1 or above) using cvsup, just do make buildworld. Here is what you need to put in /etc/rc.conf file for Multi-IPv4/v6/no-IP jail configuration for httpd jail (note there are 3 ips defined):

jail_enable="YES"
jail_list="httpd"
jail_httpd_rootdir="/iscsi/httpd"     # jail's root directory
jail_httpd_hostname="web01.cyberciti.com"  # jail's hostname
jail_httpd_ip="10.24.55.106,74.86.48.99,2607:f0d0:1002:11::4" # jail's multi IPs address
jail_smtpd_devfs_enable="YES"          # mount devfs in the jail
jail_smtpd_devfs_ruleset="devfsrules_jail" # devfs ruleset to apply to jail

Save and close the file. Restart jail service:
# /etc/rc.d/jail restart
To verify multiple IP, enter:
# jls -v
Sample output:

   JID  Hostname                      Path
        Name                          State
        CPUSetID
        IP Address(es)
     2  web01.cyberciti.com           /iscsi/httpd
                                      ALIVE
        2
        10.24.55.106
        74.86.48.99
        2607:f0d0:1002:11::4

From the man page:

jail_httpd_ip is used to set to the primary IPv4 and/or IPv6 addresses assigned to the jail. The argument can be a sole address or a comma separated list of addresses. Additionally each address can be prefixed by the name of an interface followed by a pipe to overwrite jail__interface or jail_interface and/or suffixed by a netmask, prefixlen or prefix. In case no netmask, prefixlen or prefix is given, /32 will be used for IPv4 and /128 will be used for an IPv6 address. If no address is given for the jail then the jail will be started with no networking support.

• Tweet
• 
• 

You should follow me on twitter here or grab rss feed to keep track of new changes.