From owner-freebsd-stable@FreeBSD.ORG  Thu Jan 29 09:39:09 2009
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 17394106568B
	for <freebsd-stable@freebsd.org>; Thu, 29 Jan 2009 09:39:09 +0000 (UTC)
	(envelope-from marck@rinet.ru)
Received: from woozle.rinet.ru (woozle.rinet.ru [195.54.192.68])
	by mx1.freebsd.org (Postfix) with ESMTP id 89C0B8FC1A
	for <freebsd-stable@freebsd.org>; Thu, 29 Jan 2009 09:39:08 +0000 (UTC)
	(envelope-from marck@rinet.ru)
Received: from localhost (localhost [127.0.0.1])
	by woozle.rinet.ru (8.14.3/8.14.3) with ESMTP id n0T9d6xJ032071;
	Thu, 29 Jan 2009 12:39:06 +0300 (MSK) (envelope-from marck@rinet.ru)
Date: Thu, 29 Jan 2009 12:39:06 +0300 (MSK)
From: Dmitry Morozovsky <marck@rinet.ru>
To: Robert Watson <rwatson@freebsd.org>
In-Reply-To: <alpine.BSF.2.00.0901290855010.70708@fledge.watson.org>
Message-ID: <alpine.BSF.2.00.0901291237020.91263@woozle.rinet.ru>
References: <alpine.BSF.2.00.0901290021000.91263@woozle.rinet.ru>
	<alpine.BSF.2.00.0901290855010.70708@fledge.watson.org>
User-Agent: Alpine 2.00 (BSF 1167 2008-08-23)
X-NCC-RegID: ru.rinet
X-OpenPGP-Key-ID: 6B691B03
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.0.1
	(woozle.rinet.ru [0.0.0.0]); Thu, 29 Jan 2009 12:39:07 +0300 (MSK)
Cc: freebsd-stable@freebsd.org
Subject: Re: jail: external and localhost distinction
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Jan 2009 09:39:09 -0000

On Thu, 29 Jan 2009, Robert Watson wrote:

RW> > am I right concluding that under FreeBSD jail there is no way to attach
RW> > two processes to the same port of external interface address and
RW> > localhost?
RW> > 
RW> > I tried to move rather standard two-tier nginx(ip:80)+apache(127.1:80)
RW> > scheme into a jail and on apache start got
RW> > 
RW> > [Thu Jan 29 00:09:32 2009] [crit] (48)Address already in use: make_sock:
RW> > could not bind to address 127.0.0.1 port 80
RW> > 
RW> > (this is under RELENG_7 if it's relevant)
RW> > 
RW> > Any thoughts? Thanks in advance.
RW> 
RW> The way Jail is implemented is that the jail IP is silently substituted for
RW> the loopback IP is used.  This has some downsides, and this is one of them.
RW> The virtual network stack (VIMAGE) project for FreeBSD 8.0 is intended to
RW> address this, among many other things, by providing full virtualization of
RW> all network stack data structures for jails.

Thank you for clarification, now I see this is actually expected behaviour :)

Would then starting second jail with the same root and, say, 127.10.0.1 as an 
address be a workaround?


-- 
Sincerely,
D.Marck                                     [DM5020, MCK-RIPE, DM3-RIPN]
[ FreeBSD committer:                                 marck@FreeBSD.org ]
------------------------------------------------------------------------
*** Dmitry Morozovsky --- D.Marck --- Wild Woozle --- marck@rinet.ru ***
------------------------------------------------------------------------