Date: Tue, 8 Mar 2022 19:50:58 +0800 From: PstreeM China <pstreem@gmail.com> To: infoomatic <infoomatic@gmx.at> Cc: questions@freebsd.org Subject: Re: local-unbound in a jail Message-ID: <CAPDFJPjETPBRA3%2BpDma99ZdOf6g1n4CZLE=F%2BHYxhJ860D6LEg@mail.gmail.com> In-Reply-To: <bda5e771-b3ff-6071-cecc-007c85508708@gmx.at> References: <dfca984d-95e5-a0e7-3f2e-da0a9925dce8@unixnation.net> <bda5e771-b3ff-6071-cecc-007c85508708@gmx.at>
next in thread | previous in thread | raw e-mail | index | archive | help
--000000000000cb816505d9b3989b Content-Type: text/plain; charset="UTF-8" yes, highly recommend using vnet to do this. and also recommend the tools: *bastille* . it's a amazing tools to manager the jail. i think vnet it's the best way to startup the service in jail. i use bastille create jail and configure use vnet . On Sat, Feb 19, 2022 at 2:03 AM infoomatic <infoomatic@gmx.at> wrote: > I highly recommend using vnet enabled jails for network based services > ... imho too much hassle with networking issues with non-vnet jails. > > > On 18.02.22 18:02, Steve Kirk wrote: > > Afternoon all, > > > > I suspect that I know the answer to this question, however... I have > > tried to run local-unbound in a jail (as I intend to run rspamd in > > said jail) but it seems like it doesn't play nicely because there's no > > loopback address *inside* the jail which is the only interface this > > service is designed to work with. > > > > Trying to keep things minimal but I think I should be installing > > unbound or named from ports if I want a caching DNS server inside a > > jail, rather than abusing local-unbound? > > > > Cheers, > > Steve > > > > --000000000000cb816505d9b3989b Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr">yes, highly recommend using vnet to do this. and also reco= mmend the tools:=C2=A0 <b>bastille</b> . it's a amazing=C2=A0tools=C2= =A0to=C2=A0manager the=C2=A0jail.=C2=A0<div>i think vnet it's the best = way to startup the service in jail.=C2=A0 i use bastille create jail and co= nfigure use vnet .</div></div><br><div class=3D"gmail_quote"><div dir=3D"lt= r" class=3D"gmail_attr">On Sat, Feb 19, 2022 at 2:03 AM infoomatic <<a h= ref=3D"mailto:infoomatic@gmx.at">infoomatic@gmx.at</a>> wrote:<br></div>= <blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-= left:1px solid rgb(204,204,204);padding-left:1ex">I highly recommend using = vnet enabled jails for network based services<br> ... imho too much hassle with networking issues with non-vnet jails.<br> <br> <br> On 18.02.22 18:02, Steve Kirk wrote:<br> > Afternoon all,<br> ><br> > I suspect that I know the answer to this question, however... I have<b= r> > tried to run local-unbound in a jail (as I intend to run rspamd in<br> > said jail) but it seems like it doesn't play nicely because there&= #39;s no<br> > loopback address *inside* the jail which is the only interface this<br= > > service is designed to work with.<br> ><br> > Trying to keep things minimal but I think I should be installing<br> > unbound or named from ports if I want a caching DNS server inside a<br= > > jail, rather than abusing local-unbound?<br> ><br> > Cheers,<br> > Steve<br> ><br> <br> </blockquote></div> --000000000000cb816505d9b3989b--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPDFJPjETPBRA3%2BpDma99ZdOf6g1n4CZLE=F%2BHYxhJ860D6LEg>