| View previous topic :: View next topic |
| Author |
Message |
nonamesir
n00b
Joined: 14 Feb 2007
Posts: 1
|
 Posted: Wed Feb 14, 2007 3:15 am Post subject: nat troupbles |
 |
|
I'm trying to get the openvz to communicate with the outside world. here is the vm's info:
| Code: |
root@vm101:~# ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
venet0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:127.0.0.1 P-t-P:127.0.0.1 Bcast:0.0.0.0 Mask:255.255.255.255
UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1
RX packets:404 errors:0 dropped:0 overruns:0 frame:0
TX packets:318 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:33172 (32.3 KiB) TX bytes:44637 (43.5 KiB)
venet0:0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:192.168.2.10 P-t-P:192.168.2.10 Bcast:0.0.0.0 Mask:255.255.255.255
UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1
root@vm101:~# route -N
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.0.2.1 0.0.0.0 255.255.255.255 UH 0 0 0 venet0
0.0.0.0 192.0.2.1 0.0.0.0 UG 0 0 0 venet0
|
The host is actually running Fedora Core 6, but i'm hoping somebody can help me. And, on the Host's side, the information is:
| Code: |
[root@MyTestBox ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:91:38:FB
inet addr:192.168.0.127 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:53056 errors:0 dropped:0 overruns:0 frame:0
TX packets:34999 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:68221259 (65.0 MiB) TX bytes:3327550 (3.1 MiB)
Interrupt:17 Base address:0x1400
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
venet0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1
RX packets:366 errors:0 dropped:0 overruns:0 frame:0
TX packets:460 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:50701 (49.5 KiB) TX bytes:36884 (36.0 KiB)
|
i research the docs and ran this on the host
| Code: |
[root@MyTestBox ~]# iptables -t nat -A POSTROUTING -s 192.168.0.127 -o eth0 -j SNAT --to 192.168.2.10
[root@MyTestBox ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
|
The VE can ping the host machine, the host machine can ping google, however the VE can't ping any outside IPs or domain names. |
|
| Back to top |
|
 |
nielchiano
Veteran
Joined: 11 Nov 2003
Posts: 1287
Location: 50N 3E
|
| Posted: Thu Feb 15, 2007 4:38 pm Post subject: |
|
|
that iptables-rule seems unneeded to me.
the problem might be that the host isn't routing the traffic; is net.ipv4.ip_forward activated? | Code: | | cat /proc/sys/net/ipv4/ip_forward |
Else you need to set it in /etc/sysctl.conf (on gentoo at least) |
|
| Back to top |
|
|
|
Networking & Security
