From: Herbert Poetzl (herbert_at_13thfloor.at)
Date: Wed 07 Sep 2005 - 02:19:07 BST
On Tue, Sep 06, 2005 at 11:42:27AM -0500, Paul Haddad wrote:
> Hi All,
> Before someone tells me to google or RTM, I did look through through
> all the previous postings on iproute, etc.. I just can't get things
> working so any help would be appreciated
> The below is all for 184.108.40.206-vs2.0
> I setup my vserver box as the router for the network (fios pppoe).
> eth0 is the internal network, ppp0 obviously the ppp connection and
> eth1 is the device for the pppoe connection.
> The host server's IP is 10.0.0.1
> The vserver's IP is 10.0.0.5
> The default gateway/PtP link is 10.33.3.1
> I can connect from the host to the vserver and vice versa without any
> problems. I can connect from any other machine on the 10.0.0.0 subnet
> to the vserver and/or host again no problems. Either the host or any
> real machine on the subnet can connect up to the inet via nat-ppp,
> The problem is the vserver can't connect up to the inet.
which is expected ... here is a simple test to see/check
what happens ...
(on the host do)
ping -c 1 www.google.com
ping -c 1 -I 10.0.0.1 www.google.com
ping -c 1 -I 10.0.0.5 www.google.com
> I think the issue is that the vserver's default gateway should be
> 10.0.0.1 not 10.33.3.1 but I don't see how to force this without
> sticking the vserver into a separate subnet.
the issue is that the hosts on the 10.0.0.x subnet are
masquereaded by your box, not the 10.0.0.1 though, because
it directly uses the ppp IP for outgoing packets (use
tcpdump to verify that) but this isn't an option for the
guest, which is locked to the 10.0.0.5 ip, so you have
to SNAT this (and maybe other guest IPs) to the ppp IP
with something like this:
iptables -t nat -I POSTROUTING -s 10.0.0.5 -j SNAT --to 10.33.x.y
> Can someone provide a quick sample of ip route commands and/or
> suggestions on how to get this fixed?
hope the above is conclusive and helps,
> Paul Haddad (paul.haddad_at_gmail.com paul_at_pth.com)
> Vserver mailing list
Vserver mailing list