Date: Mon, 23 Jan 2012 10:43:07 -0600 (CST) From: "Valeri Galtsev" <galtsev@kicp.uchicago.edu> To: freebsd-jail@freebsd.org Subject: Re: multiple jails with multiple network interfaces Message-ID: <38576.128.135.70.2.1327336987.squirrel@cosmo.uchicago.edu> In-Reply-To: <20120123070117.GA79715@psconsult.nl> References: <57939.69.209.76.5.1327292727.squirrel@cosmo.uchicago.edu> <20120123070117.GA79715@psconsult.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks you, Paul! As I keep repeating myself, in nothing else helps, read the manual... Knowing what I can do ipv4-wise in jail now, I'll just create multiple jails for each of services, one per IP address. Thanks a lot! Sincerely yours, Valeri On Mon, January 23, 2012 1:01 am, Paul Schenkeveld wrote: > On Sun, Jan 22, 2012 at 10:25:27PM -0600, Valeri Galtsev wrote: >> Hello! >> >> I have a FreeBSD 9.0 host that is registered in DNS to appear with >> multiple IP addresses: >> >> host some.host.com >> >> some.host.com has address a.b.c.x >> some.host.com has address a.b.d.x >> some.host.com has address a.b.e.x >> >> I built multiple jails to run one service in each following mostly: >> >> http://www.freebsd.org/doc/handbook/jails-application.html >> >> I am trying to start each of the jails with all network interfaces this >> machine has configured (with the same IP addressed as interfaces are >> configured on the host system). For that I have in jail related portion >> of >> /etc/rc.conf the following >> >> jail_enable="YES" >> jail_set_hostname_allow="NO" >> jail_list="http ftp rsync pxe" >> jail_http_hostname="some.host.com" >> jail_http_ip="a.b.c.x,a.b.d.x,a.b.e.x" >> jail_http_rootdir="/jail/http" >> ... >> jail_ftp_hostname="some.host.com" >> jail_ftp_ip="a.b.c.x,a.b.d.x,a.b.e.x" >> jail_ftp_rootdir="/jail/ftp" >> ... >> >> When I start jails: >> >> /etc/rc.d/jail start >> >> first in the list jail starts perfectly (and I can verify that service >> configured to run in it is accessible on all three public IP addresses >> of >> the machine), all other jails, however, fail to start with the message >> >> some# /etc/rc.d/jail start >> Configuring jails:. >> Starting jails: some.host.com some.host.com some.host.com ... >> cannot start jail "ftp" >> . >> >> If I only leave one IP address in each of the jais, they all start OK. >> If >> I configure some jails with different IP (on the same class C network), >> leaving first jail with multiple IP addresses, e.g.: >> >> jail_http_hostname="some.host.com" >> jail_http_ip="a.b.c.x,a.b.d.x,a.b.e.x" >> jail_http_rootdir="/jail/http" >> ... >> jail_ftp_hostname="some.host.com" >> jail_ftp_ip="a.b.c.y" >> jail_ftp_rootdir="/jail/ftp" >> ... >> >> all jails start OK (first with multiple IPs, and other with single >> different IP). If first (in order of start) jail is with single IP, and >> next jail is with multiple IPs including the IP of the first one: >> >> jail_http_hostname="some.host.com" >> jail_http_ip="a.b.c.x" >> jail_http_rootdir="/jail/http" >> ... >> jail_ftp_hostname="some.host.com" >> jail_ftp_ip="a.b.c.x,a.b.d.x,a.b.e.x" >> jail_ftp_rootdir="/jail/ftp" >> ... >> >> then jail with multiple IPs will not start. >> >> >> I tried to search, but I didn't find anybody mentioning having this >> problem or having it resolved of just having similar configuration with >> multiple IPs. >> >> Is there something obviously wrong that I'm doing? >> >> Is it possible that there is some restriction that will not allow me to >> have this configuration? > > See jail(8): > > ip4.addr > ... It is only possible to start > multiple jails with the same IP address, if none of the jails has > more than this single overlapping IP address assigned to itself. > > So jails can have the same IP4 address but that has to be the only IP4 > address of that jail, otherwise all address must be unique. > > Kind regards, > > Paul Schenkeveld > _______________________________________________ > freebsd-jail@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-jail > To unsubscribe, send any mail to "freebsd-jail-unsubscribe@freebsd.org" > ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?38576.128.135.70.2.1327336987.squirrel>