[Vserver] Re: Problem with vservers interfering with each other on port 25:
 vserver development mailing list 
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]

[Vserver] Re: Problem with vservers interfering with each other on port 25

From: Nicolas Costes <nicolas.costes_at_iut-laroche.univ-nantes.fr>
Date: Wed 12 Jul 2006 - 20:49:26 BST
Message-Id: <200607122149.29617.nicolas.costes@iut-laroche.univ-nantes.fr>

Le Mercredi 12 Juillet 2006 20:56, Kathy Kost a écrit :
> Has any one seen a problem similar to what I'm having? I have a webserver
> that is running 5 different vservers, one being the root server. They
> each have individual IP addresses as defined in
> /etc/vservers/<vserver>/interfaces. I'm seeing the problem where if I
> start postfix in the root server, it will keep the other vservers from
> starting their own postfix on port 25. If one tries to telnet to port 25
> you get a connection refused. However, if I shut down postfix in the root
> server, postfix in the other vservers start up fine. eth0 is defined with
> a unique IP address and all the other vservers (i.e. eth0:www, eth0:mysql,
> etc.) all have unique addresses as well as reported by ifconfig.
>
> Anyone have any ideas?

Hello !

This is a typical problem with vservers : The root server has the hability to
bind on all interfaces, unlike the guests that see only their own
interface(s).

So, when you start a service in the root server, it is likely to bind on all
interfaces, even those "belonging" to the guests. Then, the guests will never
be able to bind on the same ports. Moreover, if you try to access a service
on an ip/port that should run in a guest, it's the root server that
responds !

To prevent this, you've got to configure all services that run on the host to
bind to only one interface. Or, say, all the interfaces that belong to the
host and are not affected to a guest. For example, for Samba, the smb.conf
directive is :
  interfaces = eth0 192.168.2.10/24 192.168.3.10/255.255.255.0
(http://samba.org/samba/docs/man/manpages-3/smb.conf.5.html)

For Cups :
  Listen 1.2.3.4

Sshd :
  ListenAddress 1.2.3.4

...etc.

Anyway, NO service should run in the root server (apart from sshd)... ;-)

Good luck. 

-- 
<XunK> c'est quoi le meilleur client irc pour Linux ?
<Sam> mirc
<XunK> mirc ? le meme que sur PC ???
                                                 - #linuxfr

_______________________________________________
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver

Received on Wed Jul 12 20:55:10 2006
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Wed 12 Jul 2006 - 20:55:15 BST by hypermail 2.1.8