SmartOS Home Datacenter

I already described how I setup my previous network and services using FreeBSD jails, that was cumbersome and prone to failure. Using SmartOS for containerization just works, so I’m going to describe how my setup looks like.

Nat container

This container will perform routing and NAT for the internal network, to provision we need the following spec for vmadm

{
  "brand": "joyent",
  "image_uuid": "c02a2044-c1bd-11e4-bd8c-dfc1db8b0182",
  "autoboot": true,
  "alias": "gw",
  "hostname": "gw",
  "resolvers": [
    "192.168.0.4",
    "8.8.8.8"
  ],
  "max_physical_memory": 512,
  "nics": [
    {
      "nic_tag": "admin",
      "ip": "192.168.0.4"
      "gateway": "192.168.0.1",
      "netmask": "255.255.255.0",
      "allow_ip_spoofing": true,
      "primary": true
    }
 ]
}

Setup NAT

cat <<-EOF > /etc/ipf/ipnat.conf
# NAT
map net0 192.168.0.0/24 -> 0/32 proxy port ftp ftp/tcp
map net0 192.168.0.0/24 -> 0/32 portmap tcp/udp auto
map net0 192.168.0.0/24 -> 0/32
EOF

Allow routing and start firewall

routeadm -u -e ipv4-forwarding
svcadm enable ipfilter
Tall Ship Off Crete by Unknown artist