On Fri, Apr 14, 2006 at 02:24:42PM +0200, Benedict Verheyen wrote: > Hi again, > > > > i think i solved the issue. I'll post the things that i think are relevant > here so other people who might encounter problems with this kind of setup > can find some info here: > > > HOST > ==== > # cat /etc/resolv.conf > search mydomain.be > nameserver 192.168.1.20 > > # ifconfig > eth0 Link encap:Ethernet HWaddr 00:10:B5:40:DE:14 > inet addr:192.168.0.2 Bcast:192.168.0.255 Mask:255.255.255.0 > > eth1 Link encap:Ethernet HWaddr 00:10:B5:40:DD:EE > inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0 > > eth1:thor Link encap:Ethernet HWaddr 00:10:B5:40:DD:EE > inet addr:192.168.1.20 Bcast:192.168.1.255 Mask:255.255.255.0 > > # ls -la /etc/vservers/thor/interfaces > drwxr-xr-x 2 root root 4096 2006-04-14 13:45 0 > drwxr-xr-x 2 root root 4096 2006-04-14 13:57 1 > > interface 0 > # cat /etc/vservers/thor/interfaces/0/dev > eth1 > # cat /etc/vservers/thor/interfaces/0/ip > 192.168.1.20 > # cat /etc/vservers/thor/interfaces/0/name > thor > # cat /etc/vservers/thor/interfaces/0/prefix > 24 > > interface 1 > # cat /etc/vservers/thor/interfaces/1/dev > lo > # cat /etc/vservers/thor/interfaces/1/ip > 127.0.0.2 > # cat /etc/vservers/thor/interfaces/1/prefix > 24 > > VSERVER GUEST > ============= > # cat /etc/resolv.conf > domain mydomain.be > nameserver 192.168.1.20 > > # ifconfig > eth1 Link encap:Ethernet HWaddr 00:10:B5:40:DD:EE > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > > eth1:thor Link encap:Ethernet HWaddr 00:10:B5:40:DD:EE > inet addr:192.168.1.20 Bcast:192.168.1.255 Mask:255.255.255.0 > > lo Link encap:Local Loopback > UP LOOPBACK RUNNING MTU:16436 Metric:1 > > dnscache and tinydns related info in vserver > ============================================ > Previously pinging the localhost inside the vserver didn't work so i > changed the 127.0.0.1 to 127.0.0.2: > # cat /etc/hosts > 127.0.0.2 localhost > > I then removed the tinydns info because it was refering to 127.0.0.1: > # rm -rf /var/tinydns > > Next i remade it for 127.0.0.2 > # tinydns-conf tinydns dnslog /var/tinydns 127.0.0.2 > > I then copied the data file over and did a make > > > # ls -la /var/dnscache/root/ip/ > -rw-r--r-- 1 root root 0 2005-10-06 00:48 127.0.0.1 > -rw-r--r-- 1 root root 0 2006-04-14 12:58 127.0.0.2 > -rw-r--r-- 1 root root 0 2005-10-06 00:49 192.168 > -rw-r--r-- 1 root root 0 2006-04-14 09:21 192.168.1 > -rw-r--r-- 1 root root 0 2005-10-06 00:49 192.168.1.20 > > # ls -la /var/dnscache/root/servers > -rw-r--r-- 1 root root 166 2005-10-06 00:48 @ > -rw-r--r-- 1 root root 10 2006-04-14 12:55 1.168.192.in-addr.arpa > -rw-r--r-- 1 root root 10 2006-04-14 12:55 mydomain.be > > # cat /var/dnscache/root/servers/1.168.192.in-addr.arpa > 127.0.0.2 > > # cat /var/dnscache/root/servers/mydomain.be > 127.0.0.2 > > # cat /var/tinydns/root/data > .mydomain.be:192.168.1.20:a:259200 > .1.168.192.in-addr.arpa:192.168.1.20:a:259200 > @mydomain.be:192.168.1.1:a::86400 > =bifrost.mydomain.be:192.168.1.1:86400 > +smtp.mydomain.be:192.168.1.1:86400 > +mail.mydomain.be:192.168.1.1:86400 > =odin.mydomain.be:192.168.1.10:86400 > ... >
okay, let me comment on that, so that you understand what actually happened and how an alternative solution could look like ... 127.0.0.1 is handled special in Linux-VServer networking. it is 'remapped' to the first IP you assign to the guest, thus eliminating the need for a shared 127.0.0.1 inside. usually correcting the localhost entry in /etc/hosts (to the first assigned IP) makes the guest work as expected, except for some rare services which have the 127.0.0.1 hardcoded or configured somewhere (instead of localhost) now you basically replaced the first IP with 127.0.0.2, which also works, but has the drawback that with certain caps guest root can sniff on the lo device, which actually transports all of the local traffic > That's it. Now i can ping (by name) without problems from both the > host and the guest system. Tonight i'll test if from my machine in the > lan but i don't expect problems. I don't expect any issues either, but it might be interesting to try the alternate solution and let us know if that worked too (because it would be preferable) TIA, Herbert > If you don't hear back from me in the thread, that test must have > succeeded too :) > > Thanks to all who answered in the thread, it helped me a lot. > > Kind regards, > Benedict > > > _______________________________________________ > Vserver mailing list > Vserver@list.linux-vserver.org > http://list.linux-vserver.org/mailman/listinfo/vserver _______________________________________________ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
