OpenVZ Forum: Support » Internet access from VE (again)

Home » General » Support » Internet access from VE (again)

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

Re: Internet access from VE (again) [message #27315 is a reply to message #27285]

Thu, 14 February 2008 12:09

maratrus
Messages: 1495
Registered: August 2007
Location: Moscow

Senior Member

Hi,

1. I suppose that the problem is in your PREROUTING rules

Quote:

Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination
DNAT       tcp  --  anywhere             anywhere            tcp dpt:search to:10.0.20.10:22
DNAT       tcp  --  anywhere             anywhere            tcp dpt:domain to:10.0.20.10:53
DNAT       udp  --  anywhere             anywhere            udp dpt:domain to:10.0.20.10:53
DNAT       tcp  --  anywhere             anywhere            tcp dpt:xinupageserver to:10.0.20.20:22
DNAT       tcp  --  anywhere             anywhere            tcp dpt:samsung-unidex to:10.0.40.10:22
DNAT       tcp  --  anywhere             anywhere            tcp dpt:trap to:10.0.40.20:22
DNAT       tcp  --  anywhere             anywhere            tcp dpt:imap to:10.0.40.20:143
DNAT       tcp  --  anywhere             anywhere            tcp dpt:smtp to:10.0.40.20:25
DNAT       tcp  --  anywhere             anywhere            tcp dpt:yo-main to:10.0.40.40:22
DNAT       tcp  --  anywhere             anywhere            tcp dpt:4080 to:10.0.40.80:22
DNAT       tcp  --  anywhere             anywhere            tcp dpt:x11-ssh-offset to:10.0.60.10:22
DNAT       tcp  --  anywhere             anywhere            tcp dpt:6020 to:10.0.60.20:22
DNAT       tcp  --  anywhere             anywhere            tcp dpt:6040 to:10.0.60.40:22
DNAT       tcp  --  anywhere             anywhere            tcp dpt:6080 to:10.0.60.80:22
DNAT       tcp  --  anywhere             anywhere            tcp dpt:8010 to:10.0.80.10:22

Can you please explain what do these rules mean? Especially

Quote:

DNAT       tcp  --  anywhere             anywhere            tcp dpt:domain to:10.0.20.10:53
DNAT       udp  --  anywhere             anywhere            udp dpt:domain to:10.0.20.10:53

Try to remove all these rules.

2. If it doesn't help can you please answer some questions?
Is it possible to ping yahoo.com from HN?
Can you please provide us with the tcpdump output when you ping yahoo.com from HN?
Can you please use for example 4.2.2.4 as a nameserver on HN and inside VPS?

Thank You!

Report message to a moderator

[Message index]

		Internet access from VE (again) By: Thomasd on Wed, 13 February 2008 20:51
		Re: Internet access from VE (again) By: Thomasd on Wed, 13 February 2008 21:06
		Re: Internet access from VE (again) By: maratrus on Thu, 14 February 2008 12:09
		Re: Internet access from VE (again) By: Thomasd on Tue, 04 March 2008 00:35
		Re: Internet access from VE (again) By: maratrus on Tue, 04 March 2008 09:58
		Re: Internet access from VE (again) By: Thomasd on Wed, 05 March 2008 07:01

Previous Topic:	eth0 dies when using openVZ kernel.
Next Topic:	Error: Dropped Packet, Source wrong veid...

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Tue Apr 21 21:37:45 GMT 2026

Total time taken to generate the page: 0.13953 seconds