[Vserver] BIND (named) and "lo" interface inside vserver:
 vserver development mailing list 
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]

[Vserver] BIND (named) and "lo" interface inside vserver

From: Dmitry Koterov <dmitry_at_koterov.ru>
Date: Tue 15 Nov 2005 - 14:00:23 GMT
Message-ID: <1734273444.20051115170023@koterov.ru>

Hello.

Shortly: when I use BIND (or PowerDNS) inside vserver listening
ALL addresses (0.0.0.0), nslookup to server 127.0.0.1 shows error
message "reply from unexpected source: 213.248.62.106#53,
expected 127.0.0.1#53"

Long description. I have installed linux-vserver (named "zulu")
on kernel 2.6.12.5 and set up one real IP for it -
213.248.62.106:

[root@zulu /]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:30:48:75:13:D2
          UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
          RX packets:39623139 errors:0 dropped:0 overruns:0 frame:0
          TX packets:18575687 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:50148146621 (46.7 GiB) TX bytes:1249870165 (1.1 GiB)
          Base address:0x3000 Memory:dd300000-dd320000

eth0:zulu Link encap:Ethernet HWaddr 00:30:48:75:13:D2
          inet addr:213.248.62.106 Bcast:213.248.62.255 Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
          Base address:0x3000 Memory:dd300000-dd320000

First question: why doesn't ifconfig show "lo" interface?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Then, I installed named (BIND), compiled it with
--disable-linux-caps before. BIND listens on all IP addresses
inside vserver:

[root@zulu /]# netstat -na
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 213.248.62.106:53 0.0.0.0:* LISTEN
udp 0 0 213.248.62.106:53 0.0.0.0:*
...

Then I try nslookup:

[root@zulu /]# nslookup
> server 127.0.0.1
Default server: 127.0.0.1
Address: 127.0.0.1#53
> hostmag.ru.
;; reply from unexpected source: 213.248.62.106#53, expected 127.0.0.1#53
;; reply from unexpected source: 213.248.62.106#53, expected 127.0.0.1#53

Second question: what's wrong? Why BIND tries to answer from
vserver IP address, but NOT from localhost which I used?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I have also tried PowerDNS instead of BIND - absolutely same
effect.

I do not want to write 213.248.62.106 in my resolv.conf, because
this IP may be changed one fine day, or vserver will be moved to
another machine.

Seems networking stack isolation in linux-vserver is not finished
yet? 

-- 
B.r,
  Dmitry Koteroff
  Chief programmer, http://host-ing.ru
_______________________________________________
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
Received on Tue Nov 15 14:20:08 2005
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Tue 15 Nov 2005 - 14:20:14 GMT by hypermail 2.1.8