You could just go with building the host kernel with VIMAGE . . . Then each jail has its own virtual network stack.
-- Jason Hellenthal Voice: 95.30.17.6/616 JJH48-ARIN > On Jun 10, 2014, at 21:19, "s...@sky-ip.org" <s...@sky-ip.org> wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > >> On 6/11/2014 3:28 AM, Allan Jude wrote: >>> On 2014-06-10 20:23, s...@sky-ip.org wrote: >>>> On 6/11/2014 3:20 AM, Allan Jude wrote: >>>>> On 2014-06-10 20:07, s...@sky-ip.org wrote: >>>>> Hi, >>>>> >>>>> Operating system is FreeBSD 10.0 64 Bit >>>>> >>>>> I have installed ezjail from ports and properly configured a >>>>> jail with its own static and dedicated IP address. Everything >>>>> works good, it's just that I have an application which >>>>> requires to talk to another one via RPC on IP 127.0.0.1, and >>>>> I have noticed the jail does not have a lo0 interface or >>>>> localhost 127.0.0.1 IP address. >>>>> >>>>> This is bad because the application has no choice but to bind >>>>> to the public IP address assigned to the jail, and it's not >>>>> safe. >>>>> >>>>> How can I add a lo0 interface with IP 127.0.0.1 to a jail? >>>>> >>>>> Thanks in advance. >>>>> _______________________________________________ >>>>> freebsd-jail@freebsd.org mailing list >>>>> http://lists.freebsd.org/mailman/listinfo/freebsd-jail To >>>>> unsubscribe, send any mail to >>>>> "freebsd-jail-unsubscr...@freebsd.org" >>> >>>> Does it have to be 127.0.0.1? You can add an alias like >>>> 127.0.0.2 to the lo0 interface and use that. >>> >>>> Inside the jail, 127.0.0.1 is mapped to the IP of the jail. >>> >>>> Using ezjail, you can also allocate more than 1 IP address to >>>> a jail by comma separating them >>> >>>> You can also make it automatically alias the IPs for you with >>>> the syntax: >>> >>>> em0|192.168.0.10,lo0|127.0.0.2 etc >>> >>> >>> >>> Thank you Allan for your fast reply. >>> >>> I have the jail already created via: # ezjail-admin create >>> <jailname> <em0|public IP> >>> >>> How do I modify the already existing jail to have 127.0.0.2, for >>> example, or can't I just have 127.0.0.1 in the jail? >>> >>> _______________________________________________ >>> freebsd-jail@freebsd.org mailing list >>> http://lists.freebsd.org/mailman/listinfo/freebsd-jail To >>> unsubscribe, send any mail to >>> "freebsd-jail-unsubscr...@freebsd.org" >> >> Stop the jail, and then edit /usr/local/etc/ezjail/jail_name >> >> and change the line that defines the IPs > > Thank you it works, with 127.0.0.2 > > If I try to add 127.0.0.1 will this create any conflicts with the host > or will it work? Because i have something important listening on > hosts's 127.0.0.1 and don't want to mess up. I would need the same > configuration within the jail also, so that's why I need the .1 > localhost IP. > > - -- > s7r > PGP Fingerprint: 7C36 9232 5ABD FB0B 3021 03F1 837F A52C 8126 5B11 > PGP Pubkey: http://www.sky-ip.org/s...@sky-ip.org.asc > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.17 (MingW32) > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iQEcBAEBAgAGBQJTl66PAAoJEIN/pSyBJlsR3kQIAMONQ/3FrX9tQBbdJRc7N3eP > a/fIOnBYWZCu7ad0DF2NXfOIzfrQBuKCGhm3CLQmzVGw0k/fdD/Yu/U9/kdjgI/n > A/ZELHZmowQPfao8tK6eSqeOmw6gNzhCth5ILfH0CJvvarjBXUi7ygHhwzB1U97n > sqJzKv8cDAVf67Sd3YbNNa2FoXdM32esEpsjnB8dJEF9ijzv54ovXdREYZhgkibX > IN1XcsfUGLdtZDL14+JXlTOaBDk9WgUuoEcsWeAZtM8VVaTiN/QqYbywf598hxLN > 5G3AyyfUrLAq4z2RjnzZ2SGAIqv42CyE4MSf3Sft/fFNRExxiq3xAoWmwaTqRnk= > =3gqI > -----END PGP SIGNATURE----- > _______________________________________________ > freebsd-jail@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-jail > To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
smime.p7s
Description: S/MIME cryptographic signature
