| Help needed w/ vz networking: What terminology am I looking for? [message #14707] |
Fri, 06 July 2007 18:08  |
cheuschober
Messages: 5
Registered: April 2007
Location: NY,NY
|
Junior Member |
|
|
Hi. Complete and under networking administration 'newb' but I do want to learn. Problem is, sometimes I don't know what the proper terms to google are...
Here's the situation:
I have a machine with two interfaces (eth0,eth1). eth0 is reserved for non-ve traffic, eth1 is reserved for ve traffic only. (I followed http://wiki.openvz.org/Multiple_Network_Interfaces_And_ARP_F lux regarding that)
The lan domain is 'sleepy' (172.16.192.0/24) behind a pfsense firewall/router.
I would like the ve's to have their own domain 'dopey' (172.16.91.0/24) but be able to have dns resolution across the whole network in both directions. (eg .sleepy machines can ping dns names of .dopey machines and visa versa)
Right now I cannot, for the life of me, figure out how to get traffic routed across much less set up dns resolution unless I set up the ve's on the primary lan domain in which case everything works without the need for configuration. I'm going to guess this has to do with iptables but beyond that I'm lost. Is this SNAT? DNAT? Both? Something else entirely?
First, I guess I should ask if this is even possible. If it is what specifically do I need to research to get this working?
Many thanks and regards.
|
|
|
|
|
|
| Re: Help needed w/ vz networking: What terminology am I looking for? [message #14712 is a reply to message #14709] |
Sat, 07 July 2007 03:24  |
cheuschober
Messages: 5
Registered: April 2007
Location: NY,NY
|
Junior Member |
|
|
Hi Dim.
Thank you for the response.
I ran the commands from inside the ve, as you suggested, but I guess I'm not certain what I'm supposed to be looking for.
root@test:~# ip a l
1: lo: <LOOPBACK,UP,10000> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
3: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,10000> mtu 1500 qdisc noqueue
link/void
inet 127.0.0.1/32 scope host venet0
inet 172.16.91.102/32 scope global venet0:0
root@test:~# ip r l
192.0.2.1 dev venet0 scope link
default via 192.0.2.1 dev venet0
root@test:~# iptables-save
# Generated by iptables-save v1.3.6 on Sat Jul 7 03:27:47 2007
*mangle
:PREROUTING ACCEPT [178:16453]
:INPUT ACCEPT [178:16453]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [126:17277]
:POSTROUTING ACCEPT [126:17277]
COMMIT
# Completed on Sat Jul 7 03:27:47 2007
# Generated by iptables-save v1.3.6 on Sat Jul 7 03:27:47 2007
*filter
:INPUT ACCEPT [186:16869]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [135:18385]
COMMIT
# Completed on Sat Jul 7 03:27:47 2007
Is it the ve or the hn I should be concerned with?
Regards and thanks.
|
|
|
|
|
|
|
|
OpenVZ Forum
Members
Search
Help
Register
Login
Home
