jail: external and localhost distinction
Robert Watson
rwatson at FreeBSD.org
Thu Jan 29 00:56:14 PST 2009
On Thu, 29 Jan 2009, Dmitry Morozovsky wrote:
> am I right concluding that under FreeBSD jail there is no way to attach two
> processes to the same port of external interface address and localhost?
>
> I tried to move rather standard two-tier nginx(ip:80)+apache(127.1:80)
> scheme into a jail and on apache start got
>
> [Thu Jan 29 00:09:32 2009] [crit] (48)Address already in use: make_sock:
> could not bind to address 127.0.0.1 port 80
>
> (this is under RELENG_7 if it's relevant)
>
> Any thoughts? Thanks in advance.
The way Jail is implemented is that the jail IP is silently substituted for
the loopback IP is used. This has some downsides, and this is one of them.
The virtual network stack (VIMAGE) project for FreeBSD 8.0 is intended to
address this, among many other things, by providing full virtualization of all
network stack data structures for jails.
Robert N M Watson
Computer Laboratory
University of Cambridge
More information about the freebsd-stable
mailing list