Re: named (bind) in jail does not start
On Sat, 29 Nov 2003 15:39:50 +
Matthew Seaman [EMAIL PROTECTED] wrote something
special:
On Sat, Nov 29, 2003 at 03:23:48PM +0100, Axel S. Gruner wrote:
/usr/sbin/named
i get this error message:
opensocket_f: bind([0.0.0.0].53): Address already in use
Ok, Port 53 is not in use in the jail nor the hostsystem.
I think the problem is 0.0.0.0, and i have to bind named on the IP
of the jail.
I tested same named configuration on the hostsystem, i thought about
some misconfigration, but on the hostsystem named starts perfectly.
I also tried to start named with -g and -u in the jail, same error.
So, my short question is, how can i run named in the jail?
Any ideas?
[...]
In bind9 you need to add something like the following to named.conf --
bind8 will be similar:
options {
[...]
listen-on {
192.168.1.1;
};
query-source address 192.168.1.1 port 53;
transfer-source 192.168.1.1 port 53;
notify-source192.168.1.1 port 53;
};
Yes. Thats it. Thanks a lot.
--
asg
Die Antwort auf alle Fragen ist 42.
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: named (bind) in jail does not start
On Saturday 29 November 2003 15:23, Axel S. Gruner wrote: Ok, Port 53 is not in use in the jail nor the hostsystem. I think the problem is 0.0.0.0, and i have to bind named on the IP of the jail. I tested same named configuration on the hostsystem, i thought about some misconfigration, but on the hostsystem named starts perfectly. See named.conf(5)/listen-on -- Melvyn === FreeBSD sarevok.webteckies.org 5.2-BETA FreeBSD 5.2-BETA #1: Sat Nov 29 00:15:33 CET 2003 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/ SAREVOK_NOFW_DBG i386 === pgp0.pgp Description: signature
Re: named (bind) in jail does not start
On Sat, 29 Nov 2003 15:29:40 +0100
Melvyn Sopacua [EMAIL PROTECTED] wrote something special:
On Saturday 29 November 2003 15:23, Axel S. Gruner wrote:
Ok, Port 53 is not in use in the jail nor the hostsystem.
I think the problem is 0.0.0.0, and i have to bind named on the IP
of the jail.
I tested same named configuration on the hostsystem, i thought about
some misconfigration, but on the hostsystem named starts perfectly.
See named.conf(5)/listen-on
Thanks for your quick reply.
Is this incorrect:
listen-on {
192.168.0.201/32;
};
I did not work for me.
--
asg
Die Antwort auf alle Fragen ist 42.
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to [EMAIL PROTECTED]
named (bind) in jail does not start
Hi. I have configured named in jail (FreeBSD 5.1-RELEASE-p10). If i want to start named in the jail /usr/sbin/named i get this error message: opensocket_f: bind([0.0.0.0].53): Address already in use Ok, Port 53 is not in use in the jail nor the hostsystem. I think the problem is 0.0.0.0, and i have to bind named on the IP of the jail. I tested same named configuration on the hostsystem, i thought about some misconfigration, but on the hostsystem named starts perfectly. I also tried to start named with -g and -u in the jail, same error. So, my short question is, how can i run named in the jail? Any ideas? Thanks in advance. -- asg Die Antwort auf alle Fragen ist 42. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: named (bind) in jail does not start
On Sat, Nov 29, 2003 at 03:23:48PM +0100, Axel S. Gruner wrote:
Hi.
I have configured named in jail (FreeBSD 5.1-RELEASE-p10).
If i want to start named in the jail
/usr/sbin/named
i get this error message:
opensocket_f: bind([0.0.0.0].53): Address already in use
Ok, Port 53 is not in use in the jail nor the hostsystem.
I think the problem is 0.0.0.0, and i have to bind named on the IP of
the jail.
I tested same named configuration on the hostsystem, i thought about
some misconfigration, but on the hostsystem named starts perfectly.
I also tried to start named with -g and -u in the jail, same error.
So, my short question is, how can i run named in the jail?
Any ideas?
Yes. The problem is that named is attempting to bind(2) to
INADDR_ANY. In a jail, that includes the loopback address. Problem
is, jails don't get their own loopback addresses -- there's just the
one loopback shared between the host system and all jails. Which
effectively means that jailed processes can't bind to the loopback.
The answer is to configure named to only bind to the jail IP number --
see http://www.isc.org/products/BIND/docs/config/ (for bind8) or
http://www.nominum.com/content/documents/bind9arm.pdf (for bind9)
[available in HTML as
file:///usr/local/share/doc/bind9/arm/Bv9ARM.html if you've installed
the bind9 port.]
In bind9 you need to add something like the following to named.conf --
bind8 will be similar:
options {
[...]
listen-on {
192.168.1.1;
};
query-source address 192.168.1.1 port 53;
transfer-source 192.168.1.1 port 53;
notify-source192.168.1.1 port 53;
};
There are equivalent IPv6 statements if you're an IPv6 user.
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks
Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey Marlow
Tel: +44 1628 476614 Bucks., SL7 1TH UK
pgp0.pgp
Description: PGP signature
Re: named (bind) in jail does not start
On Sat, Nov 29, 2003 at 03:29:40PM +0100, Melvyn Sopacua wrote: Ok, Port 53 is not in use in the jail nor the hostsystem. I think the problem is 0.0.0.0, and i have to bind named on the IP of the jail. I tested same named configuration on the hostsystem, i thought about some misconfigration, but on the hostsystem named starts perfectly. See named.conf(5)/listen-on FYI: I'm using named (bind9) in jail on RELENG_4, it works just fine, *without* listen-on directive. Please try `netstat -an -f inet' to make sure, there is no conflict. -- Pawe Maachowski ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to [EMAIL PROTECTED]
