Date: Mon, 30 Oct 2000 19:53:34 -0800 (PST) From: Jon Simola <jon@abccom.bc.ca> To: Stefan Aeschbacher <stefan@aeschbacher.com> Cc: hackers@freebsd.org Subject: Re: jail network problems Message-ID: <Pine.BSF.3.96.1001030193550.17274E-100000@newmail.netbistro.com> In-Reply-To: <39FC3586.5B6426DB@aeschbacher.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 29 Oct 2000, Stefan Aeschbacher wrote: > I am running 4.1-stable updated ca 22.10.00. > I set up a jail, started it but I have no network at all. > I made an alias for the used IP address, I ran /etc/rc > with the following output: <snip> How are you starting the jail? I use this in my boot scripts (single line): /usr/sbin/jail /u2/xxx.xxx.xxx.195 some.domain.com xxx.xxx.xxx.195 /bin/sh /etc/rc > ping doesnt work from within the jail (I assume this is normal) Yep, I was looking into that and the archives revealed that it was a non-trivial fix for a minor problem. > jail# telnet localhost - doesnt work > jail# telnet some address - doesnt work > some host# telnet jail - doesnt work > some host# ping jail - doesnt work (should it?) > > any hint? If you can't ping the jail's IP from another machine, I'd suspect that the IP isn't aliased properly. Here's what I've got setup in /etc/rc.conf: ifconfig_fxp0="inet xxx.xxx.xxx.192 netmask 0xffffff00" ifconfig_fxp0_alias0="inet xxx.xxx.xxx.193 netmask 0xffffffff" ifconfig_fxp0_alias1="inet xxx.xxx.xxx.194 netmask 0xffffff00" ifconfig_fxp0_alias2="inet xxx.xxx.xxx.195 netmask 0xffffff00" route_0="xxx.xxx.xxx.193 -iface lo0" route_1="xxx.xxx.xxx.194 -iface lo0" route_2="xxx.xxx.xxx.195 -iface lo0" (And yes, I know that one of the aliases has a /32 netmask and the other two have a /24 - I was experimenting and there doesn't seem to be a difference) The routes are something I picked up from reading the archives, they allow processes in the jail to communicate with the host (mysql, in my case). Another one that caught me was having /etc/resolv.conf setup properly inside the jail, otherwise things like telnet will sit and spin trying to do hostname lookups. --- Jon Simola <jon@abccom.bc.ca> | "In the near future - corporate networks Systems Administrator | reach out to the stars, electrons and light ABC Communications | flow throughout the universe." -- GITS To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.1001030193550.17274E-100000>