Can you set up a jail that owns, i e has exclusive access to, one ethernet interface?

[n3mmr]

CAN you even assign an interface exclusively to one jail??

My FreeNAS box has three ethernet interfaces, and I would like to set up a jail, or other container, that owns one of these exclusively.

I'm hoping to allow the local, inhouse, public ( i e other tenants in this condominium) access to this exclusive interface through tftp and ftp and CIFS, having an address in 10.0.0.0/16 on that exclusive interface.

The rest of the NAS box is behind a private NAT router, my private NAT router as it were, as seen from the 10.0.0.0/16 network.

This jail would be used for storing switch firmwares for download, and as a repo for switch configuration files, diagnostics and logs.

 

[Mlovelace]

Did you look at the docs for jail creation? You can select which nic the jail is assigned to if vimage is unchecked.
http://doc.freenas.org/9.10/jails.html#jail-config-opts-tab

 

[n3mmr]

I finally managed to (partly) understand what I had got wrong to start with, so now I have a jail with a NIC assigned, but one that doesn't seem private. Might not matter, since I take it the IP address and the alias associated with that address ARE private to the jail.

 

[zoomzoom]

I haven't had a chance to play around with networking in jails and VMs, however if you're opening up an IP for public use, it would make more sense to me to put it on it's own subnet. I believe this can be accomplished on the FreeNAS server via a vLAN (Network - vLAN), however if not, it can definitely be done via your router.

• The vLAN is a virtual interface that has a subnet assigned to it, along with a static IP within the appropriate subnet assigned to the Jail. If you're only running two IPs on the subnet (the vLAN IP and the jail IP), assign a subnet according to the limited quantity of IPs assigned, such as 10.0.0.0/29 (10.0.0.0 - 10.0.0.7) or 10.0.0.0/30 [Net30] (10.0.0.0 - 10.0.0.3)