[Solved] pdnsd inside jail for lan

folivora · #1 October 2nd, 2010, 10:35

Hello.

I'm running pdnsd in jail environment. When I use nslookup www.google.com <my-isp-dns-add> inside of jail it resolves dns.

But when I try to use pdnsd (nslookup www.google.com <pdns-add->), it can't resolve www.google.com.

It seems that pdnsd can't communicate with my isp's dns-server. Is there some security things which I need to configure in jail, that pdnsd can have access to my isp's dns-servers ?

- Folivora

folivora · #2 October 2nd, 2010, 13:52

Hello again =)

I tested that my isp-dns is reachable from jail also via ping by enabling temp. raw_sockets. I tested my pdnsd.conf outside of the jail environment and it works like a charm. Does anyone have any clue what can cause the problem that pdnsd can't resolve / communicate with my isp's dns-servers. Does it have something to do with loopback interface?

Share you thoughts please.

Cheers

- Folivora

Savagedlight · #3 October 2nd, 2010, 14:06

Can you copypaste your jail/network configuration files?
It's hard to offer assistance about networking issues when there's no solid information available.

folivora · #4 October 2nd, 2010, 14:13

Here is my jails rc.conf:

Code:

hostname="dns"
ifconfig_em0="inet 192.168.0.4 netmask 255.255.255.255"
defaultrouter="192.168.0.2"
rpcbind_enable="NO"
clear_tmp_enable="YES"
pdnsd_enable="YES"

And here my host-OS rc.conf for the jail.

Code:

#JAIL DNS
jail_dns_rootdir="/usr/jail/dns"
jail_dns_hostname="dns"
jail_dns_exec_start="/usr/local/sbin/pdnsd"
jail_dns_ip="192.168.0.4"
jail_dns_devfs_enable="YES"

I hope that you were meaning these..

- Folivora

Savagedlight · #5 October 2nd, 2010, 14:58

Is there any alias on the host listening to ip 192.168.0.4?

folivora · #6 October 2nd, 2010, 15:04

Yes there is

Here:

Code:

ifconfig_em0="inet 192.168.0.2 netmask 255.255.255.0"
ifconfig_em0_alias1="inet 192.168.0.4 netmask 255.255.255.255"

I tested this from host-OS

Code:

nslookup 127.0.0.1 192.168.0.4
Server:         192.168.0.4
Address:        192.168.0.4#53

1.0.0.127.in-addr.arpa  name = localhost.

So it seems that it works 25%

- Folivora

**DutchDaemon** · #7 October 2nd, 2010, 19:42

The first alias is supposed to be alias0.

folivora · #8 October 2nd, 2010, 19:55

@DutchDaemon:

Yep i know, this is my 2nd alias. That is the reason, why it's 1.

I left out alias0 from my posts, so they wont mix up.

- Folivora

folivora · #9 October 3rd, 2010, 13:39

This can be marked as solved.

Problem was with pdnsd.conf file.

- Folivora

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Working with DTC inside a jail	spork	Porting New Software	3	July 20th, 2010 07:34
ssmtp not working from inside jail	Moe	Web & Network Services	21	March 22nd, 2010 00:08
DNS inside jail	gpatrick	Web & Network Services	0	November 1st, 2009 04:43
[Solved] ports inside a jail and distfiles?	wonslung	Installation and Maintenance of FreeBSD Ports or Packages	3	June 15th, 2009 23:41
syslog-ng inside jail	myha	Installing & Upgrading	1	December 23rd, 2008 13:28