diff --git a/usr/local/share/bastille/start.sh b/usr/local/share/bastille/start.sh
index a82fb611..9965ad6b 100644
--- a/usr/local/share/bastille/start.sh
+++ b/usr/local/share/bastille/start.sh
@@ -35,6 +35,21 @@ usage() {
     error_exit "Usage: bastille start TARGET"
 }
 
+# indicate if an IP configurtaion value (e.g. a value given for ip4 or ip6)
+# requires extra configuration external to the jail
+#
+# success if it does, failure if it does not
+ip_require_config() {
+
+    case "${1}" in
+        disable|inherit|"not set")
+            return 1
+            ;;
+    esac
+
+    return 0
+}
+
 # Handle special-case commands first.
 case "$1" in
 help|-h|--help)
@@ -67,24 +82,29 @@ for _jail in ${JAILS}; do
 
     ## test if not running
     elif [ ! "$(/usr/sbin/jls name | awk "/^${_jail}$/")" ]; then
-        # Verify that the configured interface exists. -- cwells
-        if [ "$(bastille config $_jail get vnet)" != 'enabled' ]; then
-            _interface=$(bastille config $_jail get interface)
-            if ! ifconfig | grep "^${_interface}:" >/dev/null; then
-                error_notify "Error: ${_interface} interface does not exist."
-                continue
+        ## if networking is entirely inherited we can skip any setup
+        _ip4=$(bastille config $_jail get ip4)
+        _ip6=$(bastille config $_jail get ip6)
+        if ip_require_config "${_ip4}" || ip_require_config "${_ip6}"; then
+            # Verify that the configured interface exists. -- cwells
+            if [ "$(bastille config $_jail get vnet)" != 'enabled' ]; then
+                _interface=$(bastille config $_jail get interface)
+                if ! ifconfig | grep "^${_interface}:" >/dev/null; then
+                    error_notify "Error: ${_interface} interface does not exist."
+                    continue
+                fi
             fi
-        fi
 
-        ## warn if matching configured (but not online) ip4.addr, ignore if there's no ip4.addr entry
-        ip=$(grep 'ip4.addr' "${bastille_jailsdir}/${_jail}/jail.conf" | awk '{print $3}' | sed 's/\;//g')
-        if [ -n "${ip}" ]; then
-            if ifconfig | grep -w "${ip}" >/dev/null; then
-                error_notify "Error: IP address (${ip}) already in use."
-                continue
+            ## warn if matching configured (but not online) ip4.addr, ignore if there's no ip4.addr entry
+            ip=$(grep 'ip4.addr' "${bastille_jailsdir}/${_jail}/jail.conf" | awk '{print $3}' | sed 's/\;//g')
+            if [ -n "${ip}" ]; then
+                if ifconfig | grep -w "${ip}" >/dev/null; then
+                    error_notify "Error: IP address (${ip}) already in use."
+                    continue
+                fi
+                ## add ip4.addr to firewall table:jails
+                pfctl -q -t jails -T add "${ip}"
             fi
-            ## add ip4.addr to firewall table:jails
-            pfctl -q -t jails -T add "${ip}"
         fi
 
         ## start the container