Sample (and simple) VNET configurations in shell


The left-center-right configuration is the easiest way to test input, forwarding and output paths with virtual network stacks. The picture below shows the base system with a physical interface (unrelated) and the three virtual nodes not connected to the outside. The commands below can be used to create this sample configuration.


  1. Create the virtual instances

    jail -i -c name=left   vnet persist
    jail -i -c name=center vnet persist
    jail -i -c name=right  vnet persist
  2. Create the interfaces and move them to the virtual instances

    ifconfig epair create
    ifconfig epair create
    # assuming that gave us epair0/1 (use ifconfig epair<n> if you want a special number)
    ifconfig epair0a vnet left
    ifconfig epair0b vnet center
    ifconfig epair1a vnet center
    ifconfig epair1b vnet right
  3. Configure the interfaces in each virtual instance

    We are doing this manually but you could use the rc framework or other ways as well.

    jexec left ifconfig epair0a inet up
    jexec left ifconfig epair0a inet6 2001:db8::1/64 alias
    jexec center ifconfig epair0b inet up
    jexec center ifconfig epair0b inet6 2001:db8::2/64 alias
    jexec center ifconfig epair1a inet up
    jexec center ifconfig epair1a inet6 2001:db8:1::1/64 alias
    jexec right ifconfig epair1b inet up
    jexec right ifconfig epair1b inet6 2001:db8:1::2/64 alias
  4. Simple single hop tests with ping{,6}, enable forwarding, add default routes and traceroute{,6}s

    jexec center ping  -c 1 -n
    jexec center ping  -c 1 -n
    jexec center ping6 -c 5 -n 2001:db8::1
    jexec center ping6 -c 5 -n 2001:db8:1::2
    jexec center sysctl net.inet.ip.forwarding=1
    jexec center sysctl net.inet6.ip6.forwarding=1
    jexec left route add -inet default
    jexec left route add -inet6 default 2001:db8::2
    jexec right route add -inet default
    jexec right route add -inet6 default 2001:db8:1::1
    jexec left traceroute -n
    jexec left traceroute6 -n 2001:db8:1::2
    Note that while doing all the syscalls with jexec is not particularly efficient, it can be scripted a lot easier.

Script to download

A more sophisticated script can be downloaded here:

Image/VNETSamples (last edited 2010-05-15 02:03:15 by BjoernZeeb)