OpenVZ Forum: Support » Can't get outside of host from container

Home » General » Support » Can't get outside of host from container (New install - trying to get to second base)

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

Can't get outside of host from container [message #45463]

Sun, 11 March 2012 19:36

dgardner
Messages: 1
Registered: March 2012
Location: Mesa, AZ USA

Junior Member

Ok, so I'm new to this and although things seem to make sense I just can't get it to work - so I am hopeful someone can point me in the right direction. Here's the info:

1. Brand new install of CentOS 6.2

2. Vanilla install of OpenVZ

3. Did all of the standard /etc/sysctl.conf modes (re-checked 10 times)

4. Server has Eth0 setup as 192.168.15.30/24

5. Container has IP address of 192.168.15.13

6. Executed these commands:
brctl addbr br0
ifconfig eth0 0
brctl addif br0 eth0
ifconfig br0 192.168.15.30/24
ip route add default via 192.168.15.30 dev br0
7. Everything from the host works just fine

8. Did the following on the host AND the container just to eliminate possibilities:
iptables -A INPUT -j ACCEPT
iptables -A OUTPUT -j ACCEPT
iptables -A FORWARD -j ACCEPT

9. When I connect to the container I can ping to the host (192.168.15.30) but not to anything else. For example, when I try to ping my router:
> ping 192.168.15.1
PING 192.168.15.1 (192.168.15.1) 56(84) bytes of data.
From 192.168.15.30 icmp_seq=1 Destination Host Prohibited

Here is some more info:

Route from the host:
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.15.13 * 255.255.255.255 UH 0 0 0 venet0
192.168.15.0 * 255.255.255.0 U 0 0 0 br0
192.168.15.0 * 255.255.255.0 U 0 0 0 eth0
link-local * 255.255.0.0 U 1002 0 0 eth0
default 192.168.15.1 0.0.0.0 UG 0 0 0 br0

Route from inside the container:
Destination Gateway Genmask Flags Metric Ref Use Iface
link-local * 255.255.0.0 U 1002 0 0 venet0
default * 0.0.0.0 U 0 0 0 venet0

brctl show from the host:
bridge name bridge id STP enabled interfaces
br0 8000.0030486761e8 no eth0

What I'd like to have (in addition proper connectivity out), is that the address 192.168.15.30 would be to my host (as it is now), and from the outside, 192.168.15.13 would route entirely to my container. So if I ssh from the outside to teh .13 address I would be connected to my container.

I have read every doc and sample and have tried what I perceive to be everything with no progress. I'm guessing it's some little stupid thing but what? Any help is appreciated.

Report message to a moderator

Re: Can't get outside of host from container [message #45516 is a reply to message #45463]

Tue, 13 March 2012 22:04

Ales
Messages: 330
Registered: May 2009

Senior Member

Is there a special reason you're using bridged networking? OpenVZ doesn't need bridges.

Just asking... because if you don't need a bridge for something else, I'd advise you to revert this part of your setup.

Simply assign 192.168.15.13 to a container (using vzctl / openvz config files) and you should be good to go.

Report message to a moderator

Previous Topic:	Failed to set upstart as init
Next Topic:	vbox on openvz with node kernel

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Thu Apr 09 12:41:50 GMT 2026

Total time taken to generate the page: 0.54500 seconds