IPv6 only Jails cannot connect to the outside world
Trond Endrestøl
Trond.Endrestol at fagskolen.gjovik.no
Tue Oct 6 10:16:07 UTC 2015
On Tue, 6 Oct 2015 11:54+0200, Niklaas Baudet von Gersdorff wrote:
> On 06/10/15 11:42, Trond Endrestøl wrote:
> > You could run local_unbound in each jail, point /etc/resolv.conf to
> > 127.0.0.1 or ::1, and have unbound forward each query to as many
> > resolvers as you like. Or use dns/bind910 if you prefer that one.
>
> Thank you for pointing that out. I am not very much into DNS resolving
> yet; but I already put your advice on my "further reading" list.
>
> Would you recommend either of them?
local_unbound is in base, if you prefer to limit the number of
installed ports in each jail.
Just add local_unbound_enable="YES" to each jail's /etc/rc.conf.
Start the local_unbound service, and let it create its files in
/var/unbound. Stop the unbound service.
Edit /var/unbound/forward.conf to your heart's content. Add as many
"forward-addr:" statements as you need below "name: .". See
unbound.conf(5) for more information.
You might want to verify the settings in /etc/resolv.conf and
/etc/resolvconf.conf.
Start the unbound service, and check the resolver using host,
ping{,6}, traceroute{,6} ...
Once you get one jail running as desired, just copy the configuration
files, save /etc/rc.conf, to the other jails.
--
+-------------------------------+------------------------------------+
| Vennlig hilsen, | Best regards, |
| Trond Endrestøl, | Trond Endrestøl, |
| IT-ansvarlig, | System administrator, |
| Fagskolen Innlandet, | Gjøvik Technical College, Norway, |
| tlf. mob. 952 62 567, | Cellular...: +47 952 62 567, |
| sentralbord 61 14 54 00. | Switchboard: +47 61 14 54 00. |
+-------------------------------+------------------------------------+
More information about the freebsd-questions
mailing list