From: Gerald Leier (gl_at_revolto.at)
Date: Thu 18 Sep 2003 - 16:52:04 BST
On Thu, 18 Sep 2003 14:55:02 +0200, Herbert Poetzl wrote
> On Thu, Sep 18, 2003 at 04:30:30PM +0200, Gerald Leier wrote:
> > hi folks
> > i only got one official internet routeable ip address and want to setup
> > a few servers in a vserver security context.
> > what i did now was:
> > create an dummy device (dummy0) and give it a privatipaddress.
> > then i added a vserver with the following settings:
> > IPROOT="10.0.0.3"
> > IPROOTDEV="dummy0"
> should be no problem, if you stop using the dummy
> device (which is no real network device as the
> name suggests)
i changed the device to eth0, same situation. i can ping around
but except icmp nothing seems to work.
any hint on a vserver networking howto/docu/faq or may i copy the
whole maillinglistarchive from somewhere for local searching ?
> > then i did:
> > iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
> > but all i can is ping around, the rest doesnt work at all.
> > also want to use real dest/source nat instead of masquerade.
> > i recognized that i cant change routing within a vserver so
> > my thoughts might all be senseless crap.
> > how should networking be done with vserver ?
> > i thought i build something like this:
> > realserver: REALADDRESS
> > vserver1: 10.0.0.1
> > apache on :80,:443 (namebased virtualhosts, as a reverseproxy)
> > vserver2: 10.0.0.2
> > apache on any port (the realcontentserver, requests get forwarded
> > to this one)
> > anyone a hint on vserver networking ?
> > sorry couldnt find any documentation on this also i didnt find a searchable
> > maillinglist.
> > thanks
> > gerald
====================== www.revolto.at =======================
=================== mailto: gl_at_revolto.at ===================