pdnsd inside jail for lan

F

folivora

Hello.

I'm running pdnsd in jail environment. When I use nslookup [url]http://www.google.com[/url] <my-isp-dns-add> inside of jail it resolves dns.

But when I try to use pdnsd (nslookup http://www.google.com <pdns-add->), it can't resolve http://www.google.com.

It seems that pdnsd can't communicate with my isp's dns-server. Is there some security things which I need to configure in jail, that pdnsd can have access to my isp's dns-servers ?

- Folivora
 
Hello again =)

I tested that my isp-dns is reachable from jail also via ping by enabling temp. raw_sockets. I tested my pdnsd.conf outside of the jail environment and it works like a charm. Does anyone have any clue what can cause the problem that pdnsd can't resolve / communicate with my isp's dns-servers. Does it have something to do with loopback interface?

Share you thoughts please.

Cheers

- Folivora
 
Can you copypaste your jail/network configuration files?
It's hard to offer assistance about networking issues when there's no solid information available.
 
Here is my jails rc.conf:

Code: 
hostname="dns"
ifconfig_em0="inet 192.168.0.4 netmask 255.255.255.255"
defaultrouter="192.168.0.2"
rpcbind_enable="NO"
clear_tmp_enable="YES"
pdnsd_enable="YES"

And here my host-OS rc.conf for the jail.

Code: 
#JAIL DNS
jail_dns_rootdir="/usr/jail/dns"
jail_dns_hostname="dns"
jail_dns_exec_start="/usr/local/sbin/pdnsd"
jail_dns_ip="192.168.0.4"
jail_dns_devfs_enable="YES"

I hope that you were meaning these..

- Folivora
 
Yes there is

Here:
Code: 
ifconfig_em0="inet 192.168.0.2 netmask 255.255.255.0"
ifconfig_em0_alias1="inet 192.168.0.4 netmask 255.255.255.255"

I tested this from host-OS

Code: 
nslookup 127.0.0.1 192.168.0.4
Server:         192.168.0.4
Address:        192.168.0.4#53

1.0.0.127.in-addr.arpa  name = localhost.

So it seems that it works 25%

- Folivora
 
@DutchDaemon:

Yep i know, this is my 2nd alias. That is the reason, why it's 1.

I left out alias0 from my posts, so they wont mix up.

- Folivora
 
You must log in or register to reply here.
Back
Top