Date: Mon, 16 Feb 2009 21:54:58 +0100 From: Anders Hagman <anders.hagman@netplex.se> To: freebsd-jail@freebsd.org Subject: Re: BIND in jail problem Message-ID: <4999D2A2.4000107@netplex.se> In-Reply-To: <499733EC.3040706@netplex.se> References: <499733EC.3040706@netplex.se>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi
responding to my own mail with a solution:
If you spell right resolv and not reslov everything works.
[root@ippbx1 ~]# mv /etc/reslov.conf /etc/resolv.conf
[root@ippbx1 ~]# host ippbx1
ippbx1.kalmar.se has address 172.16.101.3
Working with bash helps you spell. ;->
> Hi
>
> I'm trying to use BIND inside a jail and have passed the chroot
> problem and have a running named without chroot.
>
> The problem is that the jail does not have the address 127.0.0.1 or does
> not use the info in resolv.conf.
>
> When I use the host command I get:
>
> [root@ippbx1 ~]# host ippbx1
> ;; reply from unexpected source: 172.16.101.3#53, expected 127.0.0.1#53
>
> /etc/resolv.conf
> domain kalmar.se
> search kalmar.se
> nameserver 127.0.0.1
>
> tcpdump:
> 21:33:49.569332 IP (tos 0x0, ttl 64, id 31390, offset 0, flags [none],
> proto UDP (17), length 52) 172.16.101.3.62278 > 172.16.101.3.53: 28477+
> A? ippbx1. (24)
>
> 21:33:49.569890 IP (tos 0x0, ttl 64, id 31393, offset 0, flags [none],
> proto UDP (17), length 52) 172.16.101.3.53 > 172.16.101.3.62278: 28477
> ServFail 0/0/0 (24
>
> As you can see the destination address is 172.16.101.3 despite the name
> server address in resolv.conf. The host command does not add the domain
> as it should and sends the query as "A? ippbx1" instead of "A?
> ippbx1.kalmar.se". The host command expects to get an answer from
> 127.0.0.1.
>
> Changing the nameserver address in resolv.conf to 172.16.101.3 does not
> change anything. Using the FQDN does not help because it's still the
> wrong expected address. The only thing that works is: host
> ippbx1.kalmar.se 172.16.101.3.
>
> Using ping give a different picture:
>
> [root@ippbx1 ~]# ping ippbx1
> ping: cannot resolve ippbx1: Host name lookup failure
>
> /etc/resolv.conf
> domain kalmar.se
> search kalmar.se
> nameserver 172.16.101.3
>
>
> tcpdump:
> 21:47:39.143152 IP (tos 0x0, ttl 64, id 31817, offset 0, flags [none],
> proto UDP (17), length 62) 172.16.101.3.60878 > 127.0.0.1.53: 35805+ A?
> ippbx1.kalmar.se. (34)
> 21:47:39.143165 IP (tos 0x0, ttl 64, id 31818, offset 0, flags [none],
> proto ICMP (1), length 56) 127.0.0.1 > 172.16.101.3: ICMP 127.0.0.1 udp
> port 53 unreachable, length 36
>
>
> ping does add the domain to the query but does not read the address from
> resolv.conf and sends the query to 127.0.0.1. And 127.0.0.1 is the host
> 0 machine and does not run BIND.
>
>
> uname -a
> FreeBSD ippbx1.kalmar.se 7.1-RELEASE FreeBSD 7.1-RELEASE #0
> named -v
> BIND 9.4.2-P2
>
> named.conf:
> zone "kalmar.se" { type master; file "master/kalmar"; };
> zone "101.16.172.in-addr.arpa" { type master; file "master/kalmar.rev"; };
>
> zone file kalmar:
>
> $TTL 3h
> @ SOA ippbx1.kalmar.se. root.ippbx1.kalmar.se. 42 1d 12h 1w 3h
> ; Serial, Refresh, Retry, Expire, Neg. cache TTL
>
> IN NS ippbx1.kalmar.se.
> ippbx1 IN A 172.16.101.3
>
> zone file kalmar.rev:
>
> $TTL 3h
> @ SOA ippbx1.kalmar.se. root.ippbx1.kalmar.se. 42 1d 12h 1w 3h
> ; Serial, Refresh, Retry, Expire, Neg. cache TTL
> IN NS ippbx1.kalmar.se.
> 3 IN PTR ippbx1.kalmar.se.
>
>
> Why do I what to run BIND inside a jail? Well I'm building a IP-PBX lab
> and want to run six autonomous jails with DNS, DHCP, NTP and asterisk
> inside.
> DHCP and Asterisk works but DNS is vital for the lab.
>
> BR
> Anders H
>
> _______________________________________________
> freebsd-jail@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-jail
> To unsubscribe, send any mail to "freebsd-jail-unsubscribe@freebsd.org"
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4999D2A2.4000107>