2 nics, 1st nic is private lan - I can't connect to the internet from VEs [message #10396] |
Sat, 17 February 2007 21:21 |
Karateka
Messages: 3 Registered: February 2007
|
Junior Member |
|
|
Hello,
I have 1 private lan and 1 public internet nic, my ISP gave me the following details:
- eth0 (Private) Server address: 10.10.156.194
Gateway: N/A
Netmask: 255.255.255.192
- eth1 (Public) Server address:X.Y.151.90
Gateway: X.Y.151.89
Netmask: 255.255.255.248
Secondary address: X.Y.152.160
- My ISP told me that the DNS resolvers are on the private lan only (10.0.80.11 and 10.0.80.12)
My goal is to get internet access from a VE.
I run an out of the box Centos 4.4 installation, installed OpenVZ as per your wiki guide and added X.Y.152.160 to my VE.
I can ping from outside and the HN to X.Y.152.160.
I can only ping the own public IP of the VE from the VE. I can't ping the private lan or the public net.
I was advised by the ISP to use public resolvers, so I used these resolvers (by Cisco):
NAMESERVER="128.107.241.185 192.135.250.69"
That didn't help.
Here is some data for diagnostics:
On HN:
# ip r
X.Y.152.160 dev venet0 scope link
X.Y.151.88/29 dev eth1 proto kernel scope link src X.Y.151.90
10.10.156.192/26 dev eth0 proto kernel scope link src 10.10.156.194
X.Y.152.0/24 dev eth1 proto kernel scope link src X.Y.152.160
169.254.0.0/16 dev eth1 scope link
10.0.0.0/8 via 10.10.156.193 dev eth0
default via 75.126.151.89 dev eth1
# ifconfig
eth0 Link encap:Ethernet HWaddr 00:30:48:32:2C:D0
inet addr:10.10.156.194 Bcast:10.10.156.255 Mask:255.255.255.192
inet6 addr: fe80::230:48ff:fe32:2cd0/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:207 errors:0 dropped:0 overruns:0 frame:0
TX packets:691 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:29936 (29.2 KiB) TX bytes:48253 (47.1 KiB)
Base address:0x2000 Memory:d8000000-d8020000
eth1 Link encap:Ethernet HWaddr 00:30:48:32:2C:D1
inet addr:X.Y.151.90 Bcast:X.Y.151.95 Mask:255.255.255.248
inet6 addr: fe80::230:48ff:fe32:2cd1/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:168074 errors:0 dropped:0 overruns:0 frame:0
TX packets:107415 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:242067188 (230.8 MiB) TX bytes:9050879 (8.6 MiB)
Base address:0x2020 Memory:d8020000-d8040000
eth1:0 Link encap:Ethernet HWaddr 00:30:48:32:2C:D1
inet addr:X.Y.152.160 Bcast:X.Y.152.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Base address:0x2020 Memory:d8020000-d8040000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:14 errors:0 dropped:0 overruns:0 frame:0
TX packets:14 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1064 (1.0 KiB) TX bytes:1064 (1.0 KiB)
venet0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1
RX packets:421 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:31046 (30.3 KiB) TX bytes:0 (0.0 b)
On VE:
# ip r
192.0.2.0/24 dev venet0 scope host
169.254.0.0/16 dev venet0 scope link
default via 192.0.2.1 dev venet0
# ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
venet0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:127.0.0.1 P-t-P:127.0.0.1 Bcast:0.0.0.0 Mask:255.255.255.255
UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:60 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:4506 (4.4 KiB)
venet0:0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:X.Y.152.160 P-t-P:X.Y.152.160 Bcast:X.Y.152.160 Mask:255.255.255.255
UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1
|
|
|
|
|
|
Re: 2 nics, 1st nic is private lan - I can't connect to the internet from VEs [message #10445 is a reply to message #10396] |
Mon, 19 February 2007 11:14 |
Vasily Tarasov
Messages: 1345 Registered: January 2006
|
Senior Member |
|
|
Hello,
At first, to avoid problems with DNS, we will ping by IP addresses, but not by server names. For example, yahoo.com have IP address 66.94.234.13, and we will use at first step.
I can see, that IP address X.Y.152.160 is ascribed to eth1:0 and to VEs venet0:0 interface. It is not right, you should delete it from eth1:0
After that, if it still not work, please, do the following and post the output here:
in VE:
# ping 66.94.234.13
# ip r get 66.94.234.13
# iptables -L -nv
# iptables -t nat -L -nv
on HN:
# ping X.Y.151.90
# ping 66.94.234.13
# ip r get 66.94.234.13
# ip r get X.Y.152.160
# iptables -L -nv
# iptables -t nat -L -nv
Thanks.
[Updated on: Mon, 19 February 2007 11:15] Report message to a moderator
|
|
|
|