Date: Mon, 30 Oct 2000 19:53:34 -0800 (PST) From: Jon Simola <jon@abccom.bc.ca> To: Stefan Aeschbacher <stefan@aeschbacher.com> Cc: hackers@freebsd.org Subject: Re: jail network problems Message-ID: <Pine.BSF.3.96.1001030193550.17274E-100000@newmail.netbistro.com> In-Reply-To: <39FC3586.5B6426DB@aeschbacher.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 29 Oct 2000, Stefan Aeschbacher wrote:
> I am running 4.1-stable updated ca 22.10.00.
> I set up a jail, started it but I have no network at all.
> I made an alias for the used IP address, I ran /etc/rc
> with the following output:
<snip>
How are you starting the jail? I use this in my boot scripts (single line):
/usr/sbin/jail /u2/xxx.xxx.xxx.195 some.domain.com xxx.xxx.xxx.195 /bin/sh /etc/rc
> ping doesnt work from within the jail (I assume this is normal)
Yep, I was looking into that and the archives revealed that it was a
non-trivial fix for a minor problem.
> jail# telnet localhost - doesnt work
> jail# telnet some address - doesnt work
> some host# telnet jail - doesnt work
> some host# ping jail - doesnt work (should it?)
>
> any hint?
If you can't ping the jail's IP from another machine, I'd suspect that the IP
isn't aliased properly. Here's what I've got setup in /etc/rc.conf:
ifconfig_fxp0="inet xxx.xxx.xxx.192 netmask 0xffffff00"
ifconfig_fxp0_alias0="inet xxx.xxx.xxx.193 netmask 0xffffffff"
ifconfig_fxp0_alias1="inet xxx.xxx.xxx.194 netmask 0xffffff00"
ifconfig_fxp0_alias2="inet xxx.xxx.xxx.195 netmask 0xffffff00"
route_0="xxx.xxx.xxx.193 -iface lo0"
route_1="xxx.xxx.xxx.194 -iface lo0"
route_2="xxx.xxx.xxx.195 -iface lo0"
(And yes, I know that one of the aliases has a /32 netmask and the other two
have a /24 - I was experimenting and there doesn't seem to be a difference)
The routes are something I picked up from reading the archives, they allow
processes in the jail to communicate with the host (mysql, in my case).
Another one that caught me was having /etc/resolv.conf setup properly inside
the jail, otherwise things like telnet will sit and spin trying to do hostname
lookups.
---
Jon Simola <jon@abccom.bc.ca> | "In the near future - corporate networks
Systems Administrator | reach out to the stars, electrons and light
ABC Communications | flow throughout the universe." -- GITS
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.1001030193550.17274E-100000>