From owner-freebsd-questions  Mon Jun 10 14:49:10 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from dylan.digitalspy.co.uk (dylan.digitalspy.co.uk [212.42.1.217])
	by hub.freebsd.org (Postfix) with ESMTP id E420337B40B
	for <freebsd-questions@FreeBSD.ORG>; Mon, 10 Jun 2002 14:49:04 -0700 (PDT)
Received: from mark (host217-36-23-138.in-addr.btopenworld.com [217.36.23.138])
	by dylan.digitalspy.co.uk (Postfix) with SMTP
	id 783A993101; Mon, 10 Jun 2002 22:49:05 +0100 (BST)
Message-ID: <058001c210c8$96044100$0200a8c0@mark>
From: "Mark Hughes" <mh_lists@digitalspy.co.uk>
To: "Andrea Bacchet" <baccheta@cae.com>
Cc: <freebsd-questions@FreeBSD.ORG>
References: <8A6A2A139700D5118EB6009027B0FF3A0D91D78D@caemsx02.cae.ca>
Subject: Re: Jail single ip network (FreeBSD 4.5)
Date: Mon, 10 Jun 2002 22:48:23 +0100
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

> Uhmm, that is indeed very strange. I thought to myself
> when re-reading my message, that is was odd that I wrote
> resolve.conf, it turns out that is the name of the file
> in my jail!

:)

> My only remaining problem is how to connect to
> my jail from outside that box!
>
> dagobah (host) <-- has static IP provided to me by our IT dept.
>    darkside (jail) <-- has 192.168.200.13 as ip alias

you need to tell your host that it can route to the jail IP by looking at
itself (don't ask me how to do that :) ). If you want it accessible from
elsewhere on your network, your network must know to route requests for that
IP address to dagobah, and dagobah must know to route them to the jail. It'd
probably be much easier to get a real, static IP for the jail in the same
subnet as dagobah, then it'd all sort itself out most likely.

> I have made sure my services run on different ports,
> so there are no conflicts.

as the jail has a separate IP address to the host, it shouldn't matter what
port conflicts there are. If you want to make it appear to the external
world like the services within the jail are operating on the host, then I
guess you'd need to do NAT (man natd) on the requests or something... can't
think how else you could do that really.

Hope this helps.

Mark


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message