From owner-freebsd-current@FreeBSD.ORG Wed Sep 29 13:26:44 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CAB3016A4CE; Wed, 29 Sep 2004 13:26:44 +0000 (GMT) Received: from lark.auton.cs.cmu.edu (LARK.AUTON.CS.CMU.EDU [128.2.222.44]) by mx1.FreeBSD.org (Postfix) with SMTP id 6E62143D45; Wed, 29 Sep 2004 13:26:44 +0000 (GMT) (envelope-from dpelleg@lark.auton.cs.cmu.edu) Sender: dpelleg@lark.auton.cs.cmu.edu To: Doug Barton References: <20040928025635.Q5094@ync.qbhto.arg> <727FCC18-1156-11D9-BBA6-000D936BE398@beforever.com> <20040928142532.M90002@qbhto.arg> From: Dan Pelleg Date: 29 Sep 2004 09:26:07 -0400 In-Reply-To: <20040928142532.M90002@qbhto.arg> Message-ID: Lines: 18 User-Agent: Gnus/5.0808 (Gnus v5.8.8) XEmacs/21.1 (Cuyahoga Valley) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii cc: freebsd-current@FreeBSD.org cc: Peter Schultz Subject: Re: HEADS UP: named now runs chroot'ed by default X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Sep 2004 13:26:44 -0000 Doug Barton writes: > On Tue, 28 Sep 2004, Peter Schultz wrote: > > > Why not do it FreeBSD style and auto-jail named? > > The simplest answer is that not every host can burn (or even obtain) an > extra IP address for the jail. It's also questionable what additional > benefit would be obtained. > Benefit question aside, it's possible to run the jail on a RFC1918 address, and run NAT on the host to make that fact transparent. A ugly hack, but it definitely works. -- Dan Pelleg