Sorry, I cannot help you with jail.conf. All I use currently is iocage - even for those 1000 customer jails.
And as this is the TrueNAS forum wouldn’t the FreeBSD forum be a better place for that discussion?
1 Like
It’s amazing how infrequently you see /31s in the wild. I don’t understand it.
I’ve scratched out some concept code of what I’ve been more or less doing/trying. I’ve written this up in /bin/sh so people can run if they want (on a FreeBSD machine).
@pmh said something in one of his posts above I need to address and I will also read the links @NickF1227 just posted.
Here is a quick script (sorry, not that fluent in /bin/sh). This should create the bridge, epair and the jail using stock jail. The 192.168.0.250 is generic; replace with something you need/want.
WARNING: do not run the code below on CORE!
#!/bin/sh
jailname=$1
jailip=$2
: ${IP="192.168.0.250"}
# Check to see if there is already a `bridge` we can use.
bridge=$(ifconfig -g bridge -ifdisabled)
if [ ${bridge} ]
then
echo "Using the disabled bridge: $bridge"
ifconfig $bridge $IP/24 up
else
echo "No disabled bridge. Creating new bridge."
# create a new bridge
bridge="$(ifconfig bridge create)"
ifconfig $bridge $IP/24 up
fi
# if we've failed to create (or find an existing one to use) bridge, exit.
[ "$bridge" ] || echo "*ERROR* Unable to create a bridge, exiting..."
: exit
epairA="$(ifconfig epair create)"
epairB="${epairA%?}b"
echo "restarting network..."
service netif restart && service routing restart
echo " "
echo "***"
echo "Configuration:"
echo "Bridge: $bridge"
echo "epairA: $epairA"
echo "epairB: $epairB"
echo "Jail name: $jailname"
echo "Jail IP: $jailip"
echo "***"
#
# Association
ifconfig $epairA up # Start the epaira.
ifconfig $epairB up # Start the epairb.
ifconfig $bridge addm $epairA up # Add the epair to the bridge and start bridge.
#
# Jail Creation
echo "Creating the jail."
jail -c name=$jailname host.hostname=$jailname persist vnet vnet.interface=$epairB
echo "Attaching the epairB to the jail."
ifconfig -j $jailname $epairB $jailip/24 up
echo "** To cleanup:"
echo "doas service jail stop && doas ifconfig $epairA destroy && doas ifconfig $bridge down"
echo "** To test:"
echo "ping -c2 freebsd.org"
echo "ping -c2 $jailip"
echo "** To launch:"
echo "doas jexec $jailname /bin/csh"
You appear to be using a /24 so the article I posted wouldn’t be relevant. Sorry I derailed 
I’m absolutely dumb with networking so no ‘derailment’ yet. Should I?
Nope. What you are doing is fine, and is common practice.
This should help explain.
Thanks! I’ll give that link a read (later). I will take all the help I can get. I was reading VLAN stuff for almost a day before I realized I wanted VNET. *face-palm*
You get a full network stack, so things like DHCP can actually work.
Not sure with Plex, but I know Jellyfin web (and also the *arr suite) all require VNET to work.
Nothing really if you don’t need what VNET enables. In fact, I found an issue with it that greatly reduces throughput and haven’t found a solution for it yet. You can read more about it here. jails - Huge downgrade in iperf3 speed when a jail is active | The FreeBSD Forums
You’re running FreeBSD VMs on a Linux host? 
Is there a problem with that?
Nah. If it works for you then it works.
Linux VS BSD!
I’m really only using Linux (Proxmox) mainly because of the convenience it offers with things like PBS.
I would prefer to use FreeBSD everywhere honestly, but if I were to do this on FreeBSD, I would lose a lot of these convenient tools as a hypervisor. But as a server and firewall to deploy individual services, I prefer FreeBSD due to jails and pf. Hence, the FreeBSD VM.
This has me doing a double-take because I have the IP on the interface. Do I attach the bridge to the interface (em0) and remove the IP address on em0 itself?
I’m still digesting the first part of the sentence. I have a few minutes to play.
Thanks though for all the hints you guys have given me. I appreciate it.
Correct. IP should be on the bridge.
SIDEBAR:
Okay, I’ve seen that “proxmox” several times now so I just googled it. That’s a Linux based NAS. Is that competition why the whole SCALE Truecharts/docker/container/k3s topic seems a bit heated?
On it. I’ll play along these lines and hopefully I get further.
Thank you very much for the confirmation!
If that’s what you found on Google, you need to Google harder. Proxmox is a hypervisor.
It is not a NAS per-say, but a hypervisor.
Ah. Thanks. Good enough description for me. The last time I played with one of those a friend of mine was writing something along those lines. He would get angry at me for calling his project a hypervisor but all I knew is it spun up/down a bunch of VMs on my NAS. I had to create a VM (debian) and ran the thing on my laptop and it started creating/destroying VMs replicating a made up network I configured. His thing was something to do with security though and I was just testing for him.
TrueNAS SCALE is a Linux-based NAS. Proxmox, while it is (Debian) Linux-based, it is not a NAS. It is a hypervisor. I wouldn’t say they’re direct competitors. While both could be made to do the same things, their primary focuses are fundamentally different. TrueNAS focuses on primarily being a NAS with capabilities to do other things. Conversely, Proxmox focuses on primarily being a hypervisor with capabilities to do other things. They’re somewhat similar, but have very different areas in which they excel.
1 Like