OpenVZ Forum


Home » General » Support » NAT within 2 containers (Can you NAT via a container?)
NAT within 2 containers [message #41277] Tue, 21 December 2010 02:01 Go to previous message
timmy is currently offline  timmy
Messages: 4
Registered: December 2010
Junior Member
Hi,

I have a container (call it ct1) with 2 veth network ports (which are bridged to 2 network ports on the host). One WAN (eth0) and one LAN (eth1).

I want to have another container (call it ct2) to have a single veth (eth1 - LAN) and for it to route/nat via ct1.

I have tried setting the default gateway on ct2 to ct1's LAN IP. note they can ping each other. I have tried lots of ways to try to get ct1 to masquerade the traffic but it just wont work!

What am I doing wrong? is this possible??

To masquerade I have tried... (note all defaults set to accept)


iptables -t nat -A POSTROUTING -s 10.0.1.0/24 -o eth0 -j SNAT --to 123.x.x.61

where 123.x.x.61 is the WAN ip on ct1

I also tried

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE


Thanks
 
Read Message
Read Message
Read Message
Read Message
Previous Topic: Using tools like fail2ban
Next Topic: Monitoring disk IO order by CTID
Goto Forum:
  


Current Time: Sun Oct 26 00:23:12 GMT 2025

Total time taken to generate the page: 0.08257 seconds