Le 30 nov. 2011 à 18:36, Damien Fleuriot a écrit : > > > On 11/30/11 6:29 PM, bsd wrote: >> Le 30 nov. 2011 à 17:17, Damien Fleuriot a écrit : >> >>> >>> >>> On 11/30/11 5:05 PM, bsd wrote: >>>> Hi, >>>> >>>> I have been configuring a jail system using the howto provided here : >>>> http://www.freebsd.org/doc/handbook/jails-application.html >>>> >>>> The is now correctly starting, but I can't seem to use the network stack. >>>> >>>> >>>>> root@master 16:52:55 ~ -> jls >>>>> JID IP Address Hostname Path >>>>> 1 xx.216.yy.150 n0.no.no /jail/j/n0 >>>> >>>> >>>> But I can't ping neither outside of the jail, nor inside of It. >>>> >>>> I am a bit confused because I don't know if I have to configure the IP >>>> using an alias on the main Eth interface, or do something else. >>>> >>>>> ifconfig_bce0_alias0="inetxx.216.yy.150/32" >>>> >>>> >>>> >>>> This last command seems to have frozen my system. >>>> >>> >>> Confirm that the MISSING SPACE between your "inet" and "xxx.216..." >>> statements is only a typo and NOT present in your actual rc.conf >>> >> >> This is confirmed. >> >> I have the equivalent of : >> >> ifconfig_bce0_alias0="inet 1.2.3.4/32" >> > > AFAIK, unless you allow raw sockets, you will not be able to ping from > the jail. > > > Find below the conf I successfully used, a long time ago, for a jail > hosting DNS. > > This is from my rc.conf on the host system. > > > > > ### JAILS > jail_enable="NO" > jail_set_hostname_allow="NO" > jail_list="ns" > jail_ns_interface="lo53" > jail_ns_ip="192.168.0.53,2001:41d0:2:613b::53/56" > jail_ns_hostname="ns.my.gd" > # fec0:[interface index]::[damien fleuriot]:[interface number] > # example: fec0:5::df:252 for loopback interface lo252 > jail_ns_rootdir="/var/jail/ns" > jail_ns_devfs_enable="YES" > #jail_ns_devfs_ruleset="devfsrules_jail_ns" > > > You will notice this creates a lo53 (loopback) interface with private > IPv4 and IPv6 addresses. > > I then used PF to redirect DNS queries to this jail.
I don't want the IP to be redirected, I would like the jail to have It's own IP. Redirection would probably involve a NAT on your main IP to the IP of the jail, which is something I would like to avoid. Did you use something like the aforementioned ifconfig alias to give the IP to your jail ? ifconfig_bce0_alias0="inet 1.2.3.4/32" What bothers me is that I am not able to ping from the outside either… ?? And I can't install any ports because I don't have any network available inside the jail. –––––––––––––––––––––––––––––––––––––––––––––– ---------> Grégory Bernard Director <--------- ---------------> www.osnet.eu <--------------- --> Your provider of OpenSource appliances <-- –––––––––––––––––––––––––––––––––––––––––––––– OSnetOSnetOSnetOSnetOSnetOSnetOSnetOSnetOSnetO _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
