TCP/IP inside of one jail is hosed but other jails (same jail
install) work fine
Greg Barniskis
nalists at scls.lib.wi.us
Mon May 23 10:08:41 PDT 2005
Chad Leigh -- Shire.Net LLC wrote:
> Hi
>
> I have a single install of FreeBSD that is used for jails and all
> the jails share the basic install through read only partitions
> mounted from this root install. (Obviously not the same install
> as the running host).
>
> The problem jail has no TCP connectivity except that apache2
> works. Ie, the website is working that runs inside this jail.
> sshd is running but you cannot connect to it with ssh with the
> error in the logs
>
> May 23 09:37:57 xxxxxx sshd[96372]: fatal: Timeout before
> authentication for 6x.1xx.4x.58
>
> If I am inside the jail and do, for example, nslookup, I get
>
> # nslookup
>> www.sun.com
> ;; connection timed out; no servers could be reached
>>
I am no expert on jails, but the symptoms you describe suggest to me
that TCP/IP is fine except that for processes inside the one jail,
*DNS lookups* are broken. The local sshd wants to DNS lookup your
SSH client IP and can't, but apache runs fine because it (probably)
is not logging client host names, just IP nums.
Check that jail's /etc/resolv.conf and/or its internal DNS server if
it has one, or else the external DNS server(s) that it's configured
to query, as well as any DNS-related firewall rules that may be in play.
--
Greg Barniskis, Computer Systems Integrator
South Central Library System (SCLS)
Library Interchange Network (LINK)
<gregb at scls.lib.wi.us>, (608) 266-6348
More information about the freebsd-questions
mailing list