Date: Thu, 4 May 2006 15:36:03 +0200 From: "No@SPAM@mgEDV.net" <nospam@mgedv.net> To: <bigby@ephemeron.org> Cc: freebsd-security@freebsd.org Subject: RE: Jails and loopback interfaces Message-ID: <000001c66f7f$b148b620$01010101@avalon.lan>
index | next in thread | raw e-mail
> I recently did something like this. I have a webserver in a jail that > needs to talk to a database, and the webserver is the only thing that > should talk to the databse. > My solution was to use 2 jails: one for the webserver, and another for the > database. > Jail 1: > * runs webserver > * binds to real interface with real, routable IP > Jail 2: > * runs database server > * binds to loopback interface, isn't directly reachable > from outside the box just to clarify that for me: you did setup this layout or you tried to setup this? as i read it, i understand that you did! i tried exactly the same but currently jails are bound to the specific ip-address assigned with them so i wonder, how the webserver on a real ip-address can communicate with the database bound to the loopback ip? if you could kindly tell, how you solved this issue (we're using 6.1).home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000001c66f7f$b148b620$01010101>