Re: multiple jails with multiple network interfaces
Thanks you, Paul! As I keep repeating myself, in nothing else helps, read the manual... Knowing what I can do ipv4-wise in jail now, I'll just create multiple jails for each of services, one per IP address. Thanks a lot! Sincerely yours, Valeri On Mon, January 23, 2012 1:01 am, Paul Schenkeveld wrote: > On Sun, Jan 22, 2012 at 10:25:27PM -0600, Valeri Galtsev wrote: >> Hello! >> >> I have a FreeBSD 9.0 host that is registered in DNS to appear with >> multiple IP addresses: >> >> host some.host.com >> >> some.host.com has address a.b.c.x >> some.host.com has address a.b.d.x >> some.host.com has address a.b.e.x >> >> I built multiple jails to run one service in each following mostly: >> >> http://www.freebsd.org/doc/handbook/jails-application.html >> >> I am trying to start each of the jails with all network interfaces this >> machine has configured (with the same IP addressed as interfaces are >> configured on the host system). For that I have in jail related portion >> of >> /etc/rc.conf the following >> >> jail_enable="YES" >> jail_set_hostname_allow="NO" >> jail_list="http ftp rsync pxe" >> jail_http_hostname="some.host.com" >> jail_http_ip="a.b.c.x,a.b.d.x,a.b.e.x" >> jail_http_rootdir="/jail/http" >> ... >> jail_ftp_hostname="some.host.com" >> jail_ftp_ip="a.b.c.x,a.b.d.x,a.b.e.x" >> jail_ftp_rootdir="/jail/ftp" >> ... >> >> When I start jails: >> >> /etc/rc.d/jail start >> >> first in the list jail starts perfectly (and I can verify that service >> configured to run in it is accessible on all three public IP addresses >> of >> the machine), all other jails, however, fail to start with the message >> >> some# /etc/rc.d/jail start >> Configuring jails:. >> Starting jails: some.host.com some.host.com some.host.com ... >> cannot start jail "ftp" >> . >> >> If I only leave one IP address in each of the jais, they all start OK. >> If >> I configure some jails with different IP (on the same class C network), >> leaving first jail with multiple IP addresses, e.g.: >> >> jail_http_hostname="some.host.com" >> jail_http_ip="a.b.c.x,a.b.d.x,a.b.e.x" >> jail_http_rootdir="/jail/http" >> ... >> jail_ftp_hostname="some.host.com" >> jail_ftp_ip="a.b.c.y" >> jail_ftp_rootdir="/jail/ftp" >> ... >> >> all jails start OK (first with multiple IPs, and other with single >> different IP). If first (in order of start) jail is with single IP, and >> next jail is with multiple IPs including the IP of the first one: >> >> jail_http_hostname="some.host.com" >> jail_http_ip="a.b.c.x" >> jail_http_rootdir="/jail/http" >> ... >> jail_ftp_hostname="some.host.com" >> jail_ftp_ip="a.b.c.x,a.b.d.x,a.b.e.x" >> jail_ftp_rootdir="/jail/ftp" >> ... >> >> then jail with multiple IPs will not start. >> >> >> I tried to search, but I didn't find anybody mentioning having this >> problem or having it resolved of just having similar configuration with >> multiple IPs. >> >> Is there something obviously wrong that I'm doing? >> >> Is it possible that there is some restriction that will not allow me to >> have this configuration? > > See jail(8): > > ip4.addr > ... It is only possible to start > multiple jails with the same IP address, if none of the jails has > more than this single overlapping IP address assigned to itself. > > So jails can have the same IP4 address but that has to be the only IP4 > address of that jail, otherwise all address must be unique. > > Kind regards, > > Paul Schenkeveld > ___ > freebsd-jail@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-jail > To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org" > Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
Re: * Re: * Re: Getting Jail v2 working with 9-stable
On 23. Jan 2012, at 16:26 , Devin Teske wrote: > On Jan 23, 2012, at 3:36 AM, Denny Schierz wrote: > >> hi, >> >> Am 20.01.2012 um 15:05 schrieb Devin Teske: >> >>> Try my vimage rc.d script for this. >>> >>> http://druidbsd.sf.net/vimage.html >>> >>> http://druidbsd.sourceforge.net/download/vimage-1.4.tbz >> >> I tried it, but doesn't work. I think, it must be a bug in the SPARC Kernel, >> because other with I386 and same options doesn't have the same problems. >> > > I don't know if VIMAGE is supported yet on SPARC platform. Maybe someone > wants to chime in that's more familiar with which-platforms VIMAGE is > supported. VIMAGE should be arch independent. -- Bjoern A. Zeeb You have to have visions! It does not matter how good you are. It matters what good you do! ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
* Re: * Re: Getting Jail v2 working with 9-stable
On Jan 23, 2012, at 3:36 AM, Denny Schierz wrote: > hi, > > Am 20.01.2012 um 15:05 schrieb Devin Teske: > >> Try my vimage rc.d script for this. >> >> http://druidbsd.sf.net/vimage.html >> >> http://druidbsd.sourceforge.net/download/vimage-1.4.tbz > > I tried it, but doesn't work. I think, it must be a bug in the SPARC Kernel, > because other with I386 and same options doesn't have the same problems. > I don't know if VIMAGE is supported yet on SPARC platform. Maybe someone wants to chime in that's more familiar with which-platforms VIMAGE is supported. -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
Re: * Re: Getting Jail v2 working with 9-stable
hi, Am 20.01.2012 um 15:05 schrieb Devin Teske: > Try my vimage rc.d script for this. > > http://druidbsd.sf.net/vimage.html > > http://druidbsd.sourceforge.net/download/vimage-1.4.tbz I tried it, but doesn't work. I think, it must be a bug in the SPARC Kernel, because other with I386 and same options doesn't have the same problems. cu denny___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
Current problem reports assigned to freebsd-jail@FreeBSD.org
Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description p bin/161957 jail jls(8): jls -v doesn't show anything if system compile o kern/159918 jail [jail] inter-jail communication failure o kern/156111 jail [jail] procstat -b not supported in jail o misc/155765 jail [patch] `buildworld' does not honors WITHOUT_JAIL o conf/154246 jail [jail] [patch] Bad symlink created if devfs mount poin o conf/149050 jail [jail] rcorder ``nojail'' too coarse for Jail+VNET s conf/142972 jail [jail] [patch] Support JAILv2 and vnet in rc.d/jail o conf/141317 jail [patch] uncorrect jail stop in /etc/rc.d/jail o kern/133265 jail [jail] is there a solution how to run nfs client in ja o kern/119842 jail [smbfs] [jail] "Bad address" with smbfs inside a jail o bin/99566jail [jail] [patch] fstat(1) according to specified jid o bin/32828jail [jail] w(1) incorrectly handles stale utmp slots with 12 problems total. ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
