On Fri February 10 2006 02:50, Herbert Poetzl wrote:
> On Fri, Feb 10, 2006 at 08:58:05AM +0100, Oliver Welter wrote:
> > Hi Folks,
> >
> > I encounter several problems regarding routing with a vServer host that
> > has mutliple networks.
> >
- - - - snip
>
> if you want a shizophrenic host which can handle separate
> networks, you simply have to configure that properly, in
> your case that means to create two tables which contain
> the separate network entries and only put the 'shared' net
> in the main table, then have appropriate rules decide which
> table to choose from, based on the source ip
>
> this is nothing Linux-VServer specific, it is the way how
> linux networking works and it will not change without some
> kind of network stack virtualization, which will be done
> in the upcoming ngnet ...
>
> best,
> Herbert
>
Warning - - not tried in real operation - -
Enable the bridging code in your kernel config...
Add all of your nics to the bridge...
Set up your IP tables to send anything 'out of box' to the bridge...
Use the bridge rules to block/route/whatever things to proper nic.
Last time I used the bridging rules (before adopted in stock kernel),
there was not a 'drop on the floor' target...
So configure the 'dummy network device' into your kernel - you can
use that as a '/dev/null' in the bridge rules.
Careful - such a setup can become incomprehensible in a hurry.
Mike
_______________________________________________
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
Received on Fri Feb 10 12:54:33 2006