FreeBSD 12.0 shipped with vnet networking enabled by default. This allows a jail to be allocated a real fake interface, and for it to have its own networking stack. I have been using iocage, so here is how I configure a jail:
In recent years, it has been increasingly difficult to administer older dell servers from Linux. icedtea-web works great for idrac6+, but 5- still requires either activex or an older version of java. Especially to get the virtual media working.
Giving jails their own subnet and routing traffic into that subnet with PF has some benefits. It allows jails to communicate freely between themselves, but keep that traffic on the backend private subnet. I like exposing an ssh service running in a jail on the backend, and using -D flag of ssh to proxy some ssh and http traffic to the backend network. Kind of a poor mans development environment and VPN.
Often when deploying a new machine, I have it reverse-tunnel into my jump server so that I can always get to it via ssh, despite mixed firewall environments. I am used to doing this with FreeBSD systems, but when doing it on Linux I often forget the systemd unit file syntax.
Poudriere is a simple way to create FreeBSD binary packages. https://pkg.freebsd.org does this, and those packages are sufficient for most use cases. Building your own packages has some advantages:
I use tarsnap because it sticks to the unix philosophy...it does one thing (backups) very well. Encryption is done on the client before the backup ever leaves, and it is as easy as using tar.
If you haven't already, go get an account at tarsnap. You will need one to complete this tutorial. I put about $5 in my account, and have never refilled it.
I have a failed drive in my pool!
# mfiutil show drives mfi0 Physical Drives: 0 ( 137G) FAILED <FUJITSU MBE2147RC D905 serial=D304PB40ASPD> SAS E1:S0 1 ( 932G) ONLINE <MM1000GBKAL HPGB serial=9XG259SP> SATA E1:S1