# question regarding Jails, multiple ip's and mysql



## wonslung (Nov 9, 2009)

is there a way to make mysql use a specific ip between jails for a jail which has multiple ips?


Let's say you have 3 or 4 jails.  You have a cloned loopback device, lo1 set up with the 10.0.0.1/24 subnet and you give the mysql jail 10.0.0.1

another jail, say running a webserver, it has a public ip and also an ip on the lo1 device, 10.0.0.2

is there a way to force the webjail to use the lo1 device instead of the public ip?


----------



## SirDice (Nov 9, 2009)

Bind the jail to a specific interface. Bind the service to a specific IP address.


----------



## wonslung (Nov 10, 2009)

ok..i think theres a missunderstanding here...at least on my part.

mysql is bound to a single interface....the jail doesn't even have a public ip.  It's bound to 10.0.0.1  The other jails have 2 ip's
One for public traffic and the second one is also on this cloned loopback device.  how do i make THIS SECOND jail only use the cloned loopback ip for mysql traffic.


Either way, mysql is on the 10.0.0.1 IP, but when i set up the mysql database users, they won't work unless i set them on the public ip.  I'd like to force the jail to use the loopback ip. 

When i connect to the mysql jail, it should show the connection as comming from 10.0.0.2, not the public ip.


----------



## SirDice (Nov 10, 2009)

wonslung said:
			
		

> mysql is bound to a single interface....


No, MySQL is bound to an IP address.


----------



## wonslung (Nov 10, 2009)

SirDice said:
			
		

> No, MySQL is bound to an IP address.




That's what i meant, i was tired..
anyways, it doesnt' change the questions


2 jails

one jails has 1 ip

10.0.0.1
mysql is running in this jail




second jail

has 2 ip's
10.0.0.2
some.public.ip


how do you force the second jail to only use the private ip when communicating with mysql in the first jail?


----------



## SirDice (Nov 10, 2009)

Bind both jails to lo1. Bind the webserver to 10.0.0.2. Bind the external (public) IP address to your external NIC. Setup NAT and forward port 80 on the external nic to lo1;10.0.0.2:80.


----------



## wonslung (Nov 10, 2009)

SirDice said:
			
		

> Bind both jails to lo1. Bind the webserver to 10.0.0.2. Bind the external (public) IP address to your external NIC. Setup NAT and forward port 80 on the external nic to lo1;10.0.0.2:80.





ok, yah, i've done this with machines which only had a single public ip....but machines which have multiple public ip'd i haven't set up nat.  Ok, i guess that makes sense...i was wondering if there was a setting for this that i didnt' know about.  It seems that with jails having multiple ip's now it would be nice to force jail=>jail stuff over a local address while still allowing everything else  to go over the public ip.

Thanks.

I'm mainly interested for when you have multiple jails running webservers for different sites.

I guess for these situations i can use pound or squid to keep everything working.


----------

