nslookup fails inside freebsd jail

I posted on the freebsd forums. I've been trying all night and I've made some progress but still I can't connect to the internet from my freebsd jail.

Please just give me a hint here.

I get the following inside the jail if I do nslookup www.google.com :

;; connection timed out; no servers could be reached

So, I can't seem to install stuff inside the jail. OR, is there any way I can install perl and starman on my host system and copy it into the jail?? In the end I just need this stuff installed and then I want my jail off the internet.

I tried various things, from the plain (1) jail command, (2) ezjail and finally (3) qjail. Also did a clean checkout of the freebsd source and did a buildworld.

This is my network config ifconfig -a:

lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
        inet 127.0.0.1 netmask 0xff000000
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
xn0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=503<RXCSUM,TXCSUM,TSO4,LRO>
        ether 12:31:39:1c:f0:bf
        inet 192.168.1.101 netmask 0xffffffff broadcast 192.168.1.101
        inet 192.168.1.102 netmask 0xffffffff broadcast 192.168.1.102
        inet 10.110.238.77 netmask 0xfffffe00 broadcast 10.110.239.255
        inet 10.0.0.1 netmask 0xffffffff broadcast 10.0.0.1
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
        media: Ethernet manual
        status: active

This is the rest of my system:

cat /etc/rc.conf gives me :

# EC2 uses DHCP; the network interface appears as xn0.
ifconfig_xn0="DHCP"

### Standard FreeBSD configuration from here onwards.
sshd_enable="YES"
ezjail_enable="YES"

#for custom configs I hand made
ifconfig_xn0_alias0="inet 192.168.1.101/32"
ifconfig_xn0_alias1="inet 192.168.1.102/32"

pf_enable="YES"

cat /etc/pf.conf gives me:

ext_if="xn0" ##my network interface
MY_JAIL="10.0.0.1"
#redirect http traffic to daltons jail
rdr pass on $ext_if inet proto tcp to port http -> $MY_JAIL port http
#enable outgoing traffic from jail to the internet via NAT
nat on $ext_if from $MY_JAIL to any -> $ext_if

Any ideas, clues or hints?!

Sorry, got hung up on the connectivity issue and didn't realize you just want to install ports.

On the host system install PortUpgrade, it's much easier than fetching package deficiencies manually:

pkg_add -r portupgrade

Then use it to fetch the packages:

portupgrade -NRFPP $PKG_NAME
ie.
portupgrade -NRFPP lang/perl5.14

The package files will be dumped in the hosts /usr/ports/packages/All. Copy them to the jail(s). Install from jail:

pkg_add /path/to/file/downloaded/perl5.14.tgz

And Bob's your uncle.

I sometimes use unionfs so that the jails have the Package directory of the host; removes the copy step. UnionFS doesn't work on ZFS however (ZFS doesn't have Whiteout). And ZFS's snapshot/clone feature makes jails easier.