Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 8 Mar 2006 13:07:58 -0800 (PST)
From:      Bigby Findrake <bigby@ephemeron.org>
To:        Axel Scheepers <ascheepers@vianetworks.nl>
Cc:        freebsd-security@freebsd.org, Cyril Jaouich <cjaouich@yahoo.ca>, "Ricardo A. Reis" <ricardo_bsd@yahoo.com.br>
Subject:   Re: Jails and loopback interfaces
Message-ID:  <20060308130742.A11454@home.ephemeron.org>
In-Reply-To: <1141848426.3290.79.camel@localhost.localdomain>
References:  <20060307150703.75574.qmail@web30609.mail.mud.yahoo.com> <440DAEB2.3030102@yahoo.com.br> <1141848426.3290.79.camel@localhost.localdomain>
next in thread | previous in thread | raw e-mail | index | archive | help 
I would recommend *not* trying to use 127.0.0.1.  You'll end up in a
situation where things are trying to access the local machine and are
getting the jail instead.

Instead, I recommend schlopping another IP address, an alias, onto the
loopback interface, just as you would with any other jail.  Use an RFC
1918 address, and, as with all jails, use a netmask of 32 bits.

On Wed, 8 Mar 2006, Axel Scheepers wrote:

> On Tue, 2006-03-07 at 13:02 -0300, Ricardo A. Reis wrote:
>> Hi Cyril,
>>
>> For access loopback inside the jail, is necessary configure in host server
>> alias for loopback and start jail using loopback.
>> Remember loopback address is all 127/8 !
>>
>
> I just recently tried jails but I thought 127.0.0.1 would be mapped to
> the jails ip-address, which eventually gets mapped to the ip specified
> in the parameter or rc.conf. I could be wrong though although my
> test-jail setup confirms this on 6.1-PRERELEASE:
> test-jail# telnet localhost 22
> Trying ::1...
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> SSH-2.0-OpenSSH_4.2p1 FreeBSD-20050903
>
> Kind regards,
>
> Axel Scheepers
>


/-------------------------------------------------------------------------/
Never worry about theory as long as the machinery does what it's supposed to do.
                -- R. A. Heinlein

                    finger://bigby@ephemeron.org
                   http://www.ephemeron.org/~bigby/
                   irc://irc.ephemeron.org/#the_pub
/-------------------------------------------------------------------------/

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060308130742.A11454>