OpenVZ Forum


Home » Mailing lists » Users » samba and openvz
samba and openvz [message #48606] Wed, 24 October 2012 19:20 Go to next message
maya is currently offline  maya
Messages: 4
Registered: October 2012
Location: vienna
Junior Member
From: *parallels.com
I need to use samba and ldap. I have one hardware NIC, one server. What is
the best way to do this? What should go into a VE, what on the host node?

I know I need veth instead of venet when I use samba to make broadcasts
work. But what about ldap? Does this run fine in a venet environment? Is
it possible to set up one VE with venet and the other with veth? e.g.
samba VE with veth and ladp VE with venet or would there be problems?

Do I need a bridge?

At the moment I have shorewall on the host system. Do I need to install it
also on VEs that use veth?

Recommendations on general setup and considerations about security are
highly appreciated :-)

pls note: DNS is on another server, static IPs are used, so no need for a
DHCP server.

Kind regards,
Birgit
Re: samba and openvz [message #48607 is a reply to message #48606] Wed, 24 October 2012 21:03 Go to previous message
David Brown is currently offline  David Brown
Messages: 5
Registered: March 2012
Junior Member
From: 172.21.20*
On 24/10/12 21:20, Birgit Berger (UV Wien) wrote:
> I need to use samba and ldap. I have one hardware NIC, one server. What
> is the best way to do this? What should go into a VE, what on the host node?
>
> I know I need veth instead of venet when I use samba to make broadcasts
> work. But what about ldap? Does this run fine in a venet environment? Is
> it possible to set up one VE with venet and the other with veth? e.g.
> samba VE with veth and ladp VE with venet or would there be problems?
>
> Do I need a bridge?
>
> At the moment I have shorewall on the host system. Do I need to install
> it also on VEs that use veth?
>
> Recommendations on general setup and considerations about security are
> highly appreciated :-)
>
> pls note: DNS is on another server, static IPs are used, so no need for
> a DHCP server.
>
> Kind regards,
> Birgit
>

If you don't need broadcasts, then you can use venet and route traffic
to the openvz server. It means windows clients won't see the server by
browsing the network (or using "net view"), but they can get access by
typing "\\server" (assuming you have DNS set up to point "server" at the
openvz server, and have all the routing and firewalling in place).
Previous Topic: VRF within containers
Next Topic: (no subject)
Goto Forum:
  


Current Time: Tue Dec 12 12:20:57 GMT 2017