in a jail

Arthur Chance freebsd at qeng-ho.org
Thu Nov 20 15:55:26 UTC 2014

On 20/11/2014 15:28, Paul Pathiakis via freebsd-questions wrote:
> Hi,
> I have a question about jails and localhost.
> I have found older documentation that says within a jail is
> mapped to the jail's IP address so that software that maps to localhost
> or get handed the jails IP.

I've always understood that to mean that if you attempt to bind(2) a 
socket with a socket address of then the jail ip addr (or the 
default one when it has more than one ip addr) is substituted. This does 
not mean that a DNS (or /etc/hosts) lookup of localhost in a jail will 
automatically return the jail ip.

> However, I have tried ping (yes, I turned on raw sockets, bad me.) and
> telnet to a sendmail process I have running.
> They both return errors.
> PING ( 56 data bytes
> ping: sendto: Operation not permitted
> ping: sendto: Operation not permitted
> ping: sendto: Operation not permitted
> # telnet
> Trying
> telnet: connect to address Connection refused
> telnet: Unable to connect to remote host
> Needless to say, this is causing problems with some software that I have
> to install.
> Does anyone know how to verify that map to the
> jail's IP?
> If it isn't, how do I change it to be so?

I don't think you can do anything to make work as a target for 
connecting to - how is the common network stack to decide whether you're 
talking to the jail or the main box? It might be possible in VIMAGE 
jails, but I have no experience of them.

You could always add an entry for localhost in the jail's /etc/hosts 
that is the jail's address rather than That's not going to 
happen automatically though.

More information about the freebsd-questions mailing list