[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ezjail] using the same IP address in different jails



W dniu 2015-02-10 o 09:35, Zenny pisze:
> Hi  Łukasz:
> 
> "If you start web server in jail1 and try to start web server on the same
> ip:port in jail2, it won't start. I'm using the same IP in different
> jails for years now. For example - one jail for database, one for dns
> and one for e-mail system."
> 
> Would you mind elaborating on how you did achieve the above? Maybe
> this interests more than me. Thanks!

It's really simple. Just remember to use only one IPv4 and/or only one
IPv6 address per "shared IP" jail. My configuration looks like this:

# jls -v
   JID  Hostname                      Path
        Name                          State
        CPUSetID
        IP Address(es)
     1  dns1.freebsd.systems          /jails/jdns
        jdns                          ACTIVE
        2
        91.204.91.44
        2001:6a0:1cb::b
     2  db.freebsd.systems            /jails/jdb
        jdb                           ACTIVE
        3
        91.204.91.44
        2001:6a0:1cb::b
     3  web.freebsd.systems           /jails/jweb
        jweb                          ACTIVE
        4
        91.204.91.43
        2001:6a0:1cb::a
     4  mail.freebsd.systems          /jails/jmail
        jmail                         ACTIVE
        5
        91.204.91.44
        2001:6a0:1cb::b
     5  bijou.freebsd.systems         /jails/jbijou
        jbijou                        ACTIVE
        6
        91.204.91.34
        91.204.91.35
        [...]
        2001:6a0:1cb::1
        2001:6a0:1cb::2
        [...]

jdns, jdb and jmail share one IPv4 and one IPv6 address. In ezjail's
configuration files it's as simple as that:

/usr/local/etc/ezjail/jbijou:
export
jail_jbijou_ip="91.204.91.34,91.204.91.35,[...],2001:6a0:1cb::1,2001:6a0:1cb::2,[...]"

/usr/local/etc/ezjail/jdb:export jail_jdb_ip="91.204.91.44,2001:6a0:1cb::b"

/usr/local/etc/ezjail/jdns:export
jail_jdns_ip="91.204.91.44,2001:6a0:1cb::b"

/usr/local/etc/ezjail/jmail:export
jail_jmail_ip="91.204.91.44,2001:6a0:1cb::b"

/usr/local/etc/ezjail/jweb:export
jail_jweb_ip="91.204.91.43,2001:6a0:1cb::a"

If you want to ssh into those jails remember to bind sshd on host to
some other IP.

-- 
best regards,
Lukasz Wasikowski