OpenVZ Forum


Home » General » Support » Using the same IP as VPS0 (HOST)
Using the same IP as VPS0 (HOST) [message #2254] Mon, 27 March 2006 19:43 Go to next message
dearaujo is currently offline  dearaujo
Messages: 6
Registered: March 2006
Junior Member
After playing with Vservers, I know that I can assign a guest the same IP address as the host. Can you do the same with an OpenVZ VPS?

If so, how do I go about it? I can't seem to get it to work (which makes me believe a VPS _really_ can't have the same IP address as the host) Smile

Thanks for the help.

Report message to a moderator

Re: Using the same IP as VPS0 (HOST) [message #2255 is a reply to message #2254] Mon, 27 March 2006 19:48 Go to previous messageGo to next message
kir is currently offline  kir
Messages: 1645
Registered: August 2005
Location: Moscow, Russia
Senior Member
In OpenVZ you can not really have a VPS with the same IP as the host system. There is a virtual network device in each VPS and it should have an address assigned.

But it doesn't have to be a public IP address. So I believe the way to go for you is to assign a private IP to a VPS and achieve your goal with NAT and redirection (i.e. redirect such and such ports into a VPS).

Kir Kolyshkin
http://static.openvz.org/userbars/openvz-developer.png

Report message to a moderator

Re: Using the same IP as VPS0 (HOST) [message #2257 is a reply to message #2255] Mon, 27 March 2006 21:19 Go to previous messageGo to next message
dearaujo is currently offline  dearaujo
Messages: 6
Registered: March 2006
Junior Member
Ok - I tried your suggestion, but I can't seem to get it to work. Here's my configuration:

Hardware Node public IP - w.x.y.z (keeping it to myself atm) Wink
VPS private IP - 192.168.0.1

IP route commands - (trying to run a web server - port 80):

iptables -t nat -A PREROUTING -p tcp -d w.x.y.z --dport 80 -j DNAT --to-destination 192.168.0.1

iptables -t nat -A POSTROUTING -s 192.168.0.1 -j SNAT --to-source w.x.y.z

# iptables -nvL -t nat
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 SNAT all -- * * 192.168.0.1 0.0.0.0/0 to:w.x.y.z

Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DNAT tcp -- * * 0.0.0.0/0 w.x.y.z tcp dpt:80 to:192.168.0.1

Also, my nameserver in my VPS matches my Hardware Nodes' nameserver.

I can ping w.x.y.z from inside my VPS. I can ping my VPS from my hardware node. However, I _cannot_ ping anything other than my hardware node nor can I access the test webpage from outside the VPS.

Any suggestions?

[Updated on: Mon, 27 March 2006 21:24]

Report message to a moderator

Re: Using the same IP as VPS0 (HOST) [message #2258 is a reply to message #2257] Mon, 27 March 2006 21:34 Go to previous messageGo to next message
kir is currently offline  kir
Messages: 1645
Registered: August 2005
Location: Moscow, Russia
Senior Member
Hmm...I am actually not a big iptables expert; your setup looks OK with me from the first glance. Try finding some real iptables docs, or keep hammering your setup, use tcpdump etc.

The problem is in no way OpenVZ-specific; you can run httpd bound to a specific (private) IP on a normal Linux system and use DNAT/SNAT to do the same trick.

Kir Kolyshkin
http://static.openvz.org/userbars/openvz-developer.png

Report message to a moderator

Re: Using the same IP as VPS0 (HOST) [message #2319 is a reply to message #2257] Tue, 28 March 2006 23:46 Go to previous messageGo to next message
dev is currently offline  dev
Messages: 1693
Registered: September 2005
Location: Moscow
Senior Member
which kernel do you use?
have you enabled conntracks in host system if it is 2.6.8?

http://static.openvz.org/userbars/openvz-developer.png

Report message to a moderator

Re: Using the same IP as VPS0 (HOST) [message #2530 is a reply to message #2257] Sun, 09 April 2006 01:16 Go to previous messageGo to next message
_akw_ is currently offline  _akw_
Messages: 3
Registered: April 2006
Junior Member
I have exactly the same problem.

I have a hardware node with a static & public ip and a VPS node with the ip 192.168.1.101.

The VPS has the strange routing:
191.255.255.1 0.0.0.0 255.255.255.255 UH 0 0 0 venet0
0.0.0.0 191.255.255.1 0.0.0.0 UG 0 0 0 venet0

I can ping my public ip from the VPS and I can ping the 192.168.1.101 from the hardware node.

But I cannot reach anything else from the VPS.

I use folling rule on the hardware node:
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j SNAT --to xyz

What is wrong?

akw

Report message to a moderator

Re: Using the same IP as VPS0 (HOST) [message #2534 is a reply to message #2530] Sun, 09 April 2006 05:59 Go to previous messageGo to next message
dev is currently offline  dev
Messages: 1693
Registered: September 2005
Location: Moscow
Senior Member
then the same question for you:
which kernel do you use?
have you enabled conntracks in host system if it is 2.6.8?

I will ask someone to test it locally and create a small HOWTO then.

http://static.openvz.org/userbars/openvz-developer.png

Report message to a moderator

Re: Using the same IP as VPS0 (HOST) [message #2537 is a reply to message #2534] Sun, 09 April 2006 09:10 Go to previous messageGo to next message
_akw_ is currently offline  _akw_
Messages: 3
Registered: April 2006
Junior Member

I use kernel 2.6.16.1 patched with patch-026test007-combined.gz from openvz.org.

How do I activate connection tracking?
Does loading the kernel module ip_conntrack suffice?

The host system is Debian Sarge/Etch. The VPS node is build via the template debian-3.1-i386-minimal.tar.gz.


Ciao, akw

Report message to a moderator

Re: Using the same IP as VPS0 (HOST) [message #2550 is a reply to message #2537] Mon, 10 April 2006 03:32 Go to previous messageGo to next message
zoom is currently offline  zoom
Messages: 19
Registered: March 2006
Location: Regina, Saskatchewan Cana...
Junior Member
Check the FORWARD chain.. I have a similar setup ( Host has 1 public IP address, VPSes use 192.168.0.0/24 subnet).. Try the following..

iptables -A FORWARD -s 0/0 -d 0/0 -p tcp -j ACCEPT
iptables -A FORWARD -s 0/0 -d 0/0 -p udp -j ACCEPT

Report message to a moderator

icon12.gif  Re: Using the same IP as VPS0 (HOST) [message #2551 is a reply to message #2550] Mon, 10 April 2006 04:26 Go to previous messageGo to next message
dev is currently offline  dev
Messages: 1693
Registered: September 2005
Location: Moscow
Senior Member
Zoom, maybe you can create a small HOWTO in HOWTO forum for this?
Will be very obliged Rolling Eyes


http://static.openvz.org/userbars/openvz-developer.png

Report message to a moderator

Re: Using the same IP as VPS0 (HOST) [message #2553 is a reply to message #2550] Mon, 10 April 2006 05:27 Go to previous messageGo to next message
_akw_ is currently offline  _akw_
Messages: 3
Registered: April 2006
Junior Member
Hi!

Thanks, zoom.
My forward chains was indeed too restrictive.

iptables -A FORWARD -i venet0 -o eth0 -s 192.168.1.0/24 -j ACCEPT
iptables -A FORWARD -i eth0 -o venet0 -d 192.168.1.0/24 -j ACCEPT

worked fine for me.

Ciao, akw

Report message to a moderator

Re: Using the same IP as VPS0 (HOST) [message #2557 is a reply to message #2553] Mon, 10 April 2006 06:37 Go to previous messageGo to next message
dev is currently offline  dev
Messages: 1693
Registered: September 2005
Location: Moscow
Senior Member
can you create a HOWTO? Smile

http://static.openvz.org/userbars/openvz-developer.png

Report message to a moderator

icon12.gif  Re: Using the same IP as VPS0 (HOST) [message #2639 is a reply to message #2257] Thu, 13 April 2006 03:52 Go to previous messageGo to next message
lkhost.com is currently offline  lkhost.com
Messages: 6
Registered: April 2006
Junior Member
Hello,

I have apf firewall in server, what s configuration to it?

Report message to a moderator

Re: Using the same IP as VPS0 (HOST) [message #2664 is a reply to message #2639] Fri, 14 April 2006 08:42 Go to previous messageGo to next message
dim is currently offline  dim
Messages: 344
Registered: August 2005
Senior Member
apf uses iptables as well. Just check that created by apf rules are not too restrictive.

http://static.openvz.org/openvz_userbar_en.gif

Report message to a moderator

Re: Using the same IP as VPS0 (HOST) [message #2669 is a reply to message #2551] Fri, 14 April 2006 16:53 Go to previous message
dev is currently offline  dev
Messages: 1693
Registered: September 2005
Location: Moscow
Senior Member
Ok, for reference: Dim updated SNAT/DNAT howto,
http://forum.openvz.org/index.php?t=tree&goto=13&#ms g_13

http://static.openvz.org/userbars/openvz-developer.png

Report message to a moderator

Previous Topic: Access ssh
Next Topic: Is NFS virtualized fully?
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Wed Jul 10 19:20:27 GMT 2024

Total time taken to generate the page: 0.02677 seconds
Powered by FUDforum Powered by Virtuozzo Containers