From: Herbert Poetzl (herbert_at_13thfloor.at)
Date: Thu 18 Sep 2003 - 13:55:02 BST
On Thu, Sep 18, 2003 at 04:30:30PM +0200, Gerald Leier wrote:
> hi folks
>
> i only got one official internet routeable ip address and want to setup
> a few servers in a vserver security context.
>
> what i did now was:
>
> create an dummy device (dummy0) and give it a privatipaddress.
> then i added a vserver with the following settings:
> IPROOT="10.0.0.3"
> IPROOTDEV="dummy0"
should be no problem, if you stop using the dummy
device (which is no real network device as the
name suggests)
best,
Herbert
> then i did:
> iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
>
> but all i can is ping around, the rest doesnt work at all.
> also want to use real dest/source nat instead of masquerade.
>
> i recognized that i cant change routing within a vserver so
> my thoughts might all be senseless crap.
>
> how should networking be done with vserver ?
>
>
> i thought i build something like this:
>
> realserver: REALADDRESS
>
> vserver1: 10.0.0.1
> apache on :80,:443 (namebased virtualhosts, as a reverseproxy)
>
> vserver2: 10.0.0.2
> apache on any port (the realcontentserver, requests get forwarded
> to this one)
>
>
> anyone a hint on vserver networking ?
>
> sorry couldnt find any documentation on this also i didnt find a searchable
> maillinglist.
>
> thanks
> gerald
>
>