OpenVZ Forum: Users » VE using wrong IP for outgoing connections

Home » Mailing lists » Users » VE using wrong IP for outgoing connections

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

VE using wrong IP for outgoing connections [message #8732]

Mon, 04 December 2006 22:38

Jan Tomasek
Messages: 44
Registered: December 2006

Member

Hello,

I just realized that my VEs are is using IP address of HW node for
connections initiated from inside of VE, except of their own. For example:

On physical non-OpenVZ system (195.113.1xx.14) I'm pinging my VE
(195.113.2xx.253):

195.113.1xx.14:~# tcpdump -n icmp &
ldap3:~# ping -c 1 195.113.2xx.253
PING 195.113.2xx.253 (195.113.2xx.253) 56(84) bytes of data.
IP 195.113.1xx.14 > 195.113.2xx.253: icmp 64: echo request seq 1
IP 195.113.2xx.253 > 195.113.1xx.14: icmp 64: echo reply seq 1

tcp still running, now I'm pinging from VE (195.113.2xx.253) to physical
system (195.113.1xx.14):

IP 195.113.2xx.254 > 195.113.1xx.14: icmp 64: echo request seq 1
IP 195.113.1xx.14 > 195.113.2xx.254: icmp 64: echo reply seq 1

But instead of .253 I see there .254 - that is IP of HW node. It is same
with TCP and UDP connections. :(

Is there way how to fix this? I'm googling for a hour with no result,
maybe I'm asking wrong questions, networking isn't my strong area :)
Please can someone direct me to right docs? I'm sure this must be asked
many times in past...

Thanks for any help
--
-----------------------
Jan Tomasek aka Semik
http://www.tomasek.cz/

Report message to a moderator

Re: VE using wrong IP for outgoing connections [message #8733 is a reply to message #8732]

Mon, 04 December 2006 23:03

Jan Tomasek
Messages: 44
Registered: December 2006

Member

Jan Tomasek wrote:
> I just realized that my VEs are is using IP address of HW node for
> connections initiated from inside of VE, except of their own. For example:

My fault! I just realized it was because:

modprobe ipt_MASQUERADE
iptables -F; iptables -t nat -F; iptables -t mangle -F
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward

I added those directives to my FW startup script because of VE which is
using private IP range - it is supposed to have access to network but
should not be reachable on public IP (to save IP) because it provide no
services.

Sorry for meaningless mail on the list.

--
-----------------------
Jan Tomasek aka Semik
http://www.tomasek.cz/

Report message to a moderator

Previous Topic:	mount ext3 file system inside VE
Next Topic:	iptables are not working under 2.6.18-028test005.1 in VE

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Sun Aug 03 08:06:47 GMT 2025

Total time taken to generate the page: 1.44749 seconds