# routing in jails



## andrewm659 (May 2, 2017)

Not sure this is the right part of the forums.  Move it if necessary. 

I have my FreeBSD 11 server running jails (ezjail) and I just moved it to a new VLAN.  Most everything inbound works.  I have for example rancid setup in one of the jails.  Works great.  But since I moved it to a new VLAN and no longer have a flat network I can't SSH or telnet outbound from there.  I can ping the other VLAN however and the destination firewall.


Here is my /etc/sysctl.conf

```
# cat /etc/sysctl.conf
# $FreeBSD: releng/11.0/etc/sysctl.conf 112200 2003-03-13 18:43:50Z mux $
#
#  This file is read when going to multi-user and its contents piped thru
#  ``sysctl'' to adjust kernel values.  ``man 5 sysctl.conf'' for details.
#

# Uncomment this to prevent users from seeing information about processes that
# are being run under another UID.
#security.bsd.see_other_uids=0
security.jail.allow_raw_sockets=1
net.inet.ip.forwarding=1
```

rc.conf

```
ezjail_enable="YES"
gateway_enable="YES"
```


----------



## SirDice (May 2, 2017)

With the standard jails there is no routing. It's the host that does the routing, jails themselves don't have access to network settings.


----------

