[Vserver] BIND (named) and "lo" interface inside vserver

Tue, 15 Nov 2005 06:20:07 -0800 

Hello.

Shortly:  when  I use BIND (or PowerDNS) inside vserver listening
ALL addresses (0.0.0.0), nslookup to server 127.0.0.1 shows error
message   "reply   from   unexpected  source:  213.248.62.106#53,
expected 127.0.0.1#53"

Long  description.  I have installed linux-vserver (named "zulu")
on  kernel  2.6.12.5  and  set  up  one  real  IP  for  it      -
213.248.62.106:

[EMAIL PROTECTED] /]# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:30:48:75:13:D2
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:39623139 errors:0 dropped:0 overruns:0 frame:0
          TX packets:18575687 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:50148146621 (46.7 GiB)  TX bytes:1249870165 (1.1 GiB)
          Base address:0x3000 Memory:dd300000-dd320000

eth0:zulu Link encap:Ethernet  HWaddr 00:30:48:75:13:D2
          inet addr:213.248.62.106  Bcast:213.248.62.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Base address:0x3000 Memory:dd300000-dd320000

First question: why doesn't ifconfig show "lo" interface?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Then,    I    installed    named   (BIND),   compiled   it   with
--disable-linux-caps  before.  BIND  listens  on all IP addresses
inside vserver:

[EMAIL PROTECTED] /]# netstat -na
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             
State
tcp        0      0 213.248.62.106:53           0.0.0.0:*                   
LISTEN
udp        0      0 213.248.62.106:53           0.0.0.0:*
...

Then I try nslookup:

[EMAIL PROTECTED] /]# nslookup
> server 127.0.0.1
Default server: 127.0.0.1
Address: 127.0.0.1#53
> hostmag.ru.
;; reply from unexpected source: 213.248.62.106#53, expected 127.0.0.1#53
;; reply from unexpected source: 213.248.62.106#53, expected 127.0.0.1#53

Second  question: what's  wrong?  Why  BIND tries to answer from
vserver IP address, but NOT from localhost which I used?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I  have  also  tried  PowerDNS  instead of BIND - absolutely same
effect.

I  do not want to write 213.248.62.106 in my resolv.conf, because
this  IP may be changed one fine day, or vserver will be moved to
another machine.

Seems networking stack isolation in linux-vserver is not finished
yet?

-- 
B.r,
  Dmitry Koteroff
  Chief programmer, http://host-ing.ru

_______________________________________________
Vserver mailing list
[email protected]
http://list.linux-vserver.org/mailman/listinfo/vserver

Reply via email to