OpenVZ Forum


Home » General » Support » *SOLVED* What I am mistaking. Help please
*SOLVED* What I am mistaking. Help please [message #37198] Wed, 26 August 2009 09:23 Go to next message
dragos2 is currently offline  dragos2
Messages: 15
Registered: August 2009
Junior Member
I have a fresh Ubuntu server 8.04 64 bit LTS installed,
then I installed the openvz kernel from repositories,
booted into it.

The server has a static ip and a domain assigned.

Then downloaded most of the precreated templates and created
containers from them and started them, but I did not had
internet access from then ouside and vice-versa.

Then I assigned them the same IP public static ip and nameservers
and the same domain. This did not worked too.

What am I missing ?

My /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth1
iface eth1 inet static
address 193.19.*.*
netmask 255.255.255.0
network 193.19.*.*
broadcast 193.19.*.*
gateway 193.19.*.*
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 193.19.*.*
dns-search mydomain.com


[Updated on: Thu, 27 August 2009 07:54] by Moderator

Report message to a moderator

Re: What I am mistaking. Help please [message #37199 is a reply to message #37198] Wed, 26 August 2009 09:42 Go to previous messageGo to next message
kir is currently offline  kir
Messages: 1645
Registered: August 2005
Location: Moscow, Russia
Senior Member

Each container should have its own IP address. Either public or private, in the latter case see http://wiki.openvz.org/Using_NAT_for_container_with_private_ IPs

Kir Kolyshkin
http://static.openvz.org/userbars/openvz-developer.png
Re: What I am mistaking. Help please [message #37201 is a reply to message #37199] Wed, 26 August 2009 11:03 Go to previous messageGo to next message
dragos2 is currently offline  dragos2
Messages: 15
Registered: August 2009
Junior Member
Thank you.

This is my scenario(public ip is 193.19.x.y):

root@ubu01:~# hostname
ubu01.domain.com

root@deb01:~# vzctl set 777 --nameserver 193.19.*.* --ip 192.168.1.1 --save

root@ubu01:~# vzlist -a
      VEID      NPROC STATUS  IP_ADDR         HOSTNAME
       777          8 running 192.168.1.1     vps.ubu01.domain.com



Allow access from outside to inside vps port 80
iptables -t nat -A PREROUTING -p tcp -d 193.19.x.y  --dport port_num -i eth0 -j DNAT --to-destination 192.168.1.1:80 


Allow access from inside the vps to the outside internet
iptables -t nat -A POSTROUTING -s 192.168.1.1 -o eth0 -j SNAT --to 193.19.x.y


But it is not working. I don't have internet to/from container.

I did something wrong ?

[Updated on: Wed, 26 August 2009 11:04]

Report message to a moderator

Re: What I am mistaking. Help please [message #37202 is a reply to message #37201] Wed, 26 August 2009 11:15 Go to previous messageGo to next message
kir is currently offline  kir
Messages: 1645
Registered: August 2005
Location: Moscow, Russia
Senior Member

Any other iptables rules that you have?

Kir Kolyshkin
http://static.openvz.org/userbars/openvz-developer.png
Re: What I am mistaking. Help please [message #37203 is a reply to message #37201] Wed, 26 August 2009 11:15 Go to previous messageGo to next message
kir is currently offline  kir
Messages: 1645
Registered: August 2005
Location: Moscow, Russia
Senior Member

Also, do you have ip forwarding enabled?

Kir Kolyshkin
http://static.openvz.org/userbars/openvz-developer.png
Re: What I am mistaking. Help please [message #37204 is a reply to message #37203] Wed, 26 August 2009 11:20 Go to previous messageGo to next message
dragos2 is currently offline  dragos2
Messages: 15
Registered: August 2009
Junior Member
This is at the end of my sysctl.conf

 # On Hardware Node we generally need
 # packet forwarding enabled and proxy arp disabled

 net.ipv4.conf.default.forwarding=1
 net.ipv4.conf.default.proxy_arp=1
 net.ipv4.ip_forward=1
 net.ipv4.conf.all.forwarding=1

 # Enables source route verification
 net.ipv4.conf.all.rp_filter = 1

 # Enables the magic-sysrq key
 kernel.sysrq = 1

 # TCP Explict Congestion Notification
 #net.ipv4.tcp_ecn = 0

 # we do not want all our interfaces to send redirects
 net.ipv4.conf.default.send_redirects = 1
 net.ipv4.conf.all.send_redirects = 0


No, there are no other iptables rules. Also ufw
is disabled.

Any other details that you need ?
Re: What I am mistaking. Help please [message #37205 is a reply to message #37204] Wed, 26 August 2009 11:25 Go to previous messageGo to next message
kir is currently offline  kir
Messages: 1645
Registered: August 2005
Location: Moscow, Russia
Senior Member

Are those sysctl.conf rules applied? i.e. show me your /proc/sys/net/ipv4/ip_forward

Show me your "iptables -L -n -v" output.

Show me the result of pings
- from host system to container
- from container to the host system
- from host system to your gateway
- from container to your gateway


Kir Kolyshkin
http://static.openvz.org/userbars/openvz-developer.png
Re: What I am mistaking. Help please [message #37208 is a reply to message #37205] Wed, 26 August 2009 11:30 Go to previous message
dragos2 is currently offline  dragos2
Messages: 15
Registered: August 2009
Junior Member
Thank you very much for your help.

Your NAT suggestion worked. My mistake what that in the iptables
rules I was using eth0 but my external interface is eth1.

Now is working. I was that close to quit.

Thank you very much Smile
Previous Topic: Linux kernel null pointer bug
Next Topic: RSYNC problem in migration
Goto Forum:
  


Current Time: Sun Apr 21 22:36:49 GMT 2024

Total time taken to generate the page: 0.01297 seconds