djbdns on 1270.0.1 in a jail problem

[Alain Wolf]

Randy Schultz wrote:
> Heya,
>
> Playing around with jails and have run across something weird, I was
wondering if somebody could explain.
>
> I'm trying to get djbdns to run inside the jail, with tinydns running on
127.0.0.1.  The thing I cannot figure out is why tinydns always comes up
on
> the jail's IP address, and not lo0, as reported by sockstat: Root Dude ?

Hi Randy,

I fell in the same hole on my first setup.
There is no such thing as 127.0.0.1 in a FreeBSD Jail.
There is just the IP, which the Jail is configured for.
I am not a developer, but as far as I understand, a Jail and its IP, is
some kind of virtualization, which can not contain any virtualized
environment inside itself again. At least not in 6.x

So it looks that 127.0.0.1 would be an additional IP like any other one,
which is NOT possible in FreeBSD Jails.

I read promising things about a fully virtualized IP environment in
FreeBSD 7.x, where we can do a lot more than this, but we have to wait for
that.

After I realized that, I redesigned my plans and I liked them even better.
My DJB-DNS setup is now as follows, and works flawless.

dnscache runs in its own Jail in every physical machine, caching DNS
queries for all other Jails on the same machine.

Two copies of TinyDNS run each in its own Jail too. Providing a (rather
expensive) Split-Horizon DNS Solution.

Hope this helps

Regards

Alain