OpenVZ Forum


Home » General » Support » NAT within 2 containers (Can you NAT via a container?)
NAT within 2 containers [message #41277] Tue, 21 December 2010 02:01 Go to next message
timmy is currently offline  timmy
Messages: 4
Registered: December 2010
Junior Member
Hi,

I have a container (call it ct1) with 2 veth network ports (which are bridged to 2 network ports on the host). One WAN (eth0) and one LAN (eth1).

I want to have another container (call it ct2) to have a single veth (eth1 - LAN) and for it to route/nat via ct1.

I have tried setting the default gateway on ct2 to ct1's LAN IP. note they can ping each other. I have tried lots of ways to try to get ct1 to masquerade the traffic but it just wont work!

What am I doing wrong? is this possible??

To masquerade I have tried... (note all defaults set to accept)


iptables -t nat -A POSTROUTING -s 10.0.1.0/24 -o eth0 -j SNAT --to 123.x.x.61

where 123.x.x.61 is the WAN ip on ct1

I also tried

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE


Thanks

Report message to a moderator

Re: NAT within 2 containers [message #41279 is a reply to message #41277] Tue, 21 December 2010 11:45 Go to previous messageGo to next message
timmy is currently offline  timmy
Messages: 4
Registered: December 2010
Junior Member
actually got it working finally.

Duno what I was doing wrong.

for the record,

iptables -t nat -A POSTROUTING -s 10.0.1.0/24 -o eth0 -j SNAT --to 123.x.x.x

did the job Smile

I have just managed to get transparent proxy working so that one node proxies to some other nodes but doesnt change the source ip and then the return is routed back via the proxy's ip too

Report message to a moderator

Re: NAT within 2 containers [message #41280 is a reply to message #41277] Tue, 21 December 2010 11:54 Go to previous messageGo to next message
timmy is currently offline  timmy
Messages: 4
Registered: December 2010
Junior Member
actually got it working finally.

Duno what I was doing wrong.

for the record,

iptables -t nat -A POSTROUTING -s 10.0.1.0/24 -o eth0 -j SNAT --to 123.x.x.x

did the job Smile

I have just managed to get transparent proxy working so that one node proxies to some other nodes but doesnt change the source ip and then the return is routed back via the proxy's ip too

Report message to a moderator

Re: NAT within 2 containers [message #41281 is a reply to message #41277] Tue, 21 December 2010 11:55 Go to previous message
timmy is currently offline  timmy
Messages: 4
Registered: December 2010
Junior Member
actually got it working finally.

Duno what I was doing wrong.

for the record,

iptables -t nat -A POSTROUTING -s 10.0.1.0/24 -o eth0 -j SNAT --to 123.x.x.x

did the job Smile

I have just managed to get transparent proxy working so that one node proxies to some other nodes but doesnt change the source ip and then the return is routed back via the proxy's ip too

Report message to a moderator

Previous Topic: Using tools like fail2ban
Next Topic: Monitoring disk IO order by CTID
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Fri Oct 31 04:26:56 GMT 2025

Total time taken to generate the page: 0.11099 seconds
Powered by FUDforum Powered by Virtuozzo Containers