From: Christian.Lang_at_bertelsmann.de
Date: Fri 01 Aug 2003 - 09:56:22 BST
Thank for the response. Yes I understood that the routing needs to be setup
on the host server. But how? I tried to solve the problem with policy
routing setting an extra default gateway for the vservers running on a
vitual interface on eth1:
default route
eth1:VS1 (192.168.3.20) -----------------> eth1 (192.168.3.1)
NAT
-------------> eth0 (145.228.83.129) -------> Internet
currently the default gateway of my box is 145.228.83.129. Therefore I
introduced a routing table 101 for the network 192.168.3.0/24 to be routed
through 192.168.3.1. But for some reason the rule
rule add from 192.168.3.20 table 101 prio 20
does not match. I presumed that it might not recognize virtual devices?
Christian
> -----Ursprüngliche Nachricht-----
> Von: Dan Hrabarchuk [mailto:dan_at_findatradenow.com]
> Gesendet: Donnerstag, 31. Juli 2003 17:15
> An: VServer Mailing List
> Betreff: Re: [vserver] setting the default gateway
>
> Below is my routing table. This is the same on the main server and each
> vserver running on my firewall. I NAT 100% properly and my vservers are
> accessable over my VPN with out issues. Basically get your host servers
> routing set up. VServers do not need their *own* routing.
>
> Dan
>
> Kernel IP routing table
> Destination Gateway Genmask Flags MSS Window irtt
> Iface
> 192.168.1.0 0.0.0.0 255.255.255.0 U 40 0 0
> eth1
> 142.179.x.0 0.0.0.0 255.255.248.0 U 40 0 0
> eth0
> 142.179.x.0 0.0.0.0 255.255.248.0 U 40 0 0
> ipsec0
> 192.168.0.0 0.0.0.0 255.255.248.0 U 40 0 0
> eth0
> 172.16.0.0 142.179.x.254 255.255.0.0 UG 40 0 0
> ipsec0
> 10.0.0.0 142.179.x.254 255.0.0.0 UG 40 0 0
> ipsec0
> 127.0.0.0 0.0.0.0 255.0.0.0 U 40 0 0
> lo
> 0.0.0.0 142.179.x.254 0.0.0.0 UG 40 0 0
> eth0
>
> On Thu, 2003-07-31 at 04:24, Christian.Lang_at_bertelsmann.de wrote:
> > Hi,
> >
> >
> >
> > I'm using vserver on a box with 2 ethernet devices, eth0 and eth1:
> >
> >
> >
> > eth0 Link encap:Ethernet HWaddr
> >
> > inet addr:145.228.83.129 Bcast:145.228.83.255
> > Mask:255.255.255.0
> >
> > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> >
> > RX packets:21223 errors:0 dropped:0 overruns:0 frame:0
> >
> > TX packets:5770 errors:0 dropped:0 overruns:0 carrier:7
> >
> > collisions:20 txqueuelen:100
> >
> > RX bytes:2213696 (2.1 Mb) TX bytes:789266 (770.7 Kb)
> >
> > Interrupt:11 Base address:0x6000
> >
> >
> >
> > eth1 Link encap:Ethernet HWaddr
> >
> > inet addr:192.168.3.1 Bcast:192.168.3.255
> > Mask:255.255.255.0
> >
> > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> >
> > RX packets:0 errors:0 dropped:0 overruns:0 frame:0
> >
> > TX packets:154 errors:0 dropped:0 overruns:0 carrier:0
> >
> > collisions:0 txqueuelen:100
> >
> > RX bytes:0 (0.0 b) TX bytes:9240 (9.0 Kb)
> >
> > Interrupt:11 Base address:0xa000
> >
> >
> >
> > the vservers are bound to eth1 with IP's 192.168.3.XXX and should be
> > routed through 192.168.3.1 (and then NATed to 145.228.83.129).
> > Therefore I need to change the default route of the vservers from
> > 145.228.83.129 to 192.168.3.1. I did it according to a posting from
> > February 2002 (for the vserver-IP 192.168.3.20):
> >
> >
> >
> > ip rule add from 192.168.3.20 table 101 prio 20
> >
> > ip route add 192.168.0.0/24 dev eth1 table 101
> >
> > ip route add default via 192.168.3.1 dev eth1 table 101
> >
> > ip route flush cache
> >
> >
> >
> > the result is:
> >
> > --------------------------------------
> >
> > the global RULES:
> >
> > 0: from all lookup local
> >
> > 20: from 192.168.3.20 lookup 101
> >
> > 32766: from all lookup main
> >
> > 32767: from all lookup 253
> >
> >
> >
> > --------------------------------------
> >
> > the global ROUTES:
> >
> > 145.228.83.0/24 dev eth0 scope link
> >
> > 192.168.3.0/24 dev eth1 scope link
> >
> > 127.0.0.0/8 dev lo scope link
> >
> > default via 145.228.83.1 dev eth0
> >
> >
> >
> > --------------------------------------
> >
> > the ROUTES for table 101:
> >
> > 192.168.0.0/24 dev eth1 scope link
> >
> > default via 192.168.3.1 dev eth1
> >
> >
> >
> > --------------------------------------
> >
> > But for some reason, the default default route within the vservers is
> > not affected. Any ideas?
> >
> >
> >
> > Regards
> >
> > Christian
> >
> >
> >
> >
> --
> Dan
>
> Bridges.com - North America's leading provider of career and
> educational management solutions.