From: Wray Cason (wrayman_at_auxiliumcomputing.com)
Date: Thu 28 Feb 2002 - 00:29:25 GMT
> On Wed, 27 Feb 2002, Wray Cason wrote:
> > Thank you very much. This was very helpful to me. I have a related
> > question. Please confirm or refute that this is true:
> > A vserver can never, under any circumstances be aware of networks and
> > interfaces in the base computer other than the one it is bound to. As
> > if all base interfaces are addressed with private unroutable addresses,
> > only the vserver has the public address, it is impossible to route all
> > server traffic out through the public address.
> hmm not entirely sure what you mean...
> the base server has private addresses and only the vserver
> has a public ip. that part I think I got but the "impossible
> to route all server traffic out through the public address"
> part I don't really get, do you mean all traffic from this
> vserver? from the base server? or everything (base + all vservers)?
> Never argue with an idiot. They drag you down to their level,
That latter is exactly what I meant, base + all vservers. I was looking
into the possibility of isolating the base system that much more by not
putting a public address on it. I would still want to make use of the
public network on the vserver for routing purposes. A little more detail
might help to clarify.
I have 2 servers connected to the my private network as well as the public
network. The interfaces on the public network were assigned private
addresses. This way they could communicate freely between the two of them
without using bandwidth on the private network. Also, they could not be
touched from the internet. I then put the public address on a vserver bound
to the outside interface and tried to create default routes for everything
through that vserver. At this point, I am inclined to believe that this
arrangement won't work.
-- Wray Cason "Wrayman" Auxilium Computing www.auxiliumcomputing.com wrayman_at_auxiliumcomputing.com main: 206-595-2080 fax: 425-895-9825