Date: Thu, 20 Nov 2014 15:55:20 +0000 From: Arthur Chance <freebsd@qeng-ho.org> To: Paul Pathiakis <pathiaki2@yahoo.com>, freebsd-questions@freebsd.org Subject: Re: 127.0.0.1 in a jail Message-ID: <546E0EE8.3050102@qeng-ho.org> In-Reply-To: <546E08B3.9090906@yahoo.com> References: <546E08B3.9090906@yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 20/11/2014 15:28, Paul Pathiakis via freebsd-questions wrote: > Hi, > > I have a question about jails and localhost. > > I have found older documentation that says within a jail 127.0.0.1 is > mapped to the jail's IP address so that software that maps to localhost > or 127.0.0.1 get handed the jails IP. > I've always understood that to mean that if you attempt to bind(2) a socket with a socket address of 127.0.0.1 then the jail ip addr (or the default one when it has more than one ip addr) is substituted. This does not mean that a DNS (or /etc/hosts) lookup of localhost in a jail will automatically return the jail ip. > However, I have tried ping (yes, I turned on raw sockets, bad me.) and > telnet to a sendmail process I have running. > > They both return errors. > > PING 127.0.0.1 (127.0.0.1): 56 data bytes > ping: sendto: Operation not permitted > ping: sendto: Operation not permitted > ping: sendto: Operation not permitted > > > # telnet 127.0.0.1 > Trying 127.0.0.1... > telnet: connect to address 127.0.0.1: Connection refused > telnet: Unable to connect to remote host > > > Needless to say, this is causing problems with some software that I have > to install. > > Does anyone know how to verify that 127.0.0.1/localhost map to the > jail's IP? > > If it isn't, how do I change it to be so? I don't think you can do anything to make 127.0.0.1 work as a target for connecting to - how is the common network stack to decide whether you're talking to the jail or the main box? It might be possible in VIMAGE jails, but I have no experience of them. You could always add an entry for localhost in the jail's /etc/hosts that is the jail's address rather than 127.0.0.1. That's not going to happen automatically though.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?546E0EE8.3050102>