Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 27 May 2013 07:45:06 +0000 (UTC)
From:      Mogamat Abrahams <lists@tabits.co.za>
To:        freebsd-jail@freebsd.org
Subject:   Cant reach Jailed services from internet.
Message-ID:  <loom.20130527T091739-282@post.gmane.org>
next in thread | raw e-mail | index | archive | help 
Hi,

Got a 9.1 machine with two jails on it.  webjail (IP=.79), mailjail(IP=.78). 
I can reach the jailed services from the host, reach the jails from each 
other, reach the internet from the jails and host, reach the host from the 
internet BUT I cannot reach the jails from the internet.

I've used EZJAIL to set these up and assigned a public IP address to the 
jails. These IP's are also aliased to the em0 interface of the host(perhaps 
this is a problem?). I am assuming that the jails inherit the routing of the 
host.

I've seen some posts stating that ports should be forwarded to the jails, 
but that would defeat the possibility of running duplicate services in 
separate jails on their own ips. Like have 3 WWW servers on one host, each 
in its own jail.

Some clues from the bigger brains would be appreciated :-)

M

====================
HOST ifconfig:

em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        
options=4219b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MAG
IC,VLAN_HWTSO>
        ether 00:30:48:b0:57:9b
        inet 67.205.xx.xx netmask 0xffffffe0 broadcast 67.205.74.63
        inet 174.xx.xx.76 netmask 0xfffffffc broadcast 174.x.x.79
        inet 174.xx.xx.79 netmask 0xfffffffc broadcast 174.x.x.79
        inet 174.xx.xx.77 netmask 0xfffffffc broadcast 174.x.x.79
        inet 174.xx.xx.78 netmask 0xfffffffc broadcast 174.x.x.79
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
------------
Jail ifconfig:

em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
      
options=4219b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MAG
IC,VLAN_HWTSO>
        ether 00:30:48:b0:57:9b
        inet 174.x.x.79 netmask 0xffffffff broadcast 174.x.x.79
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?loom.20130527T091739-282>