Re: [vserver] Three network configuration

From: Roderick A. Anderson <raanders_at_acm.org>
Date: Thu 03 Jan 2008 - 23:39:33 GMT
Message-ID: <477D7235.3060304@acm.org>

Oliver Welter wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi Rod,
>
>> Has anyone configured a Linux-Vserver with three NICs to three different
>> networks?
>>
>> Two WANs and one LAN. The guests will need to access at least one and
>> possibly two or three of the networks. All traffic needs to go back out
>> the same interface it came in on.
>>
> I am successfully running such a setup. The only issue you have to care
> about is routing of outgoing connections if your default gateway of the
> host is not reachable from inside the guest.
> You can use "ip" tools to set source based routing rules, here is an
> excerpt of mine:
>
> $IP route add 82.x.x.0/25 dev vlan3 table 103
> $IP route add default via 82.x.x.1 dev vlan3 table 103
> $IP rule add from 82.x.x.0/25 table 103
>
> I put this into an init script.

Thanks. I _have_ been down this path but never with a good map or
directions. :-)

Redhat/Fedora/CentOS all have a ifup-/ifdown-routes scripts. Problem is
they are poorly documented. Looking at the one on my CentOS 5 system
there are labels; ADDRESS, GATEWAY, NETMASK; and code blocks for route,
rule, etc. but no documentation.

This all looks familiar (he types with eyes downcast) from a list thread
in September 2006.

I'm going hunting for the Redhat (CentOS) pages on this and try again.

Thanks for the hint.

Rod

-- 
> 
> Oliver
> 
> - --
> Protect your environment -  close windows and adopt a penguin!
> PGP-Key: 3B2C 8095 A7DF 8BB5 2CFF  8168 CAB7 B0DD 3985 1721
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.7 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> 
> iD8DBQFHe7y4yrew3TmFFyERAmFpAJ4mKxf69copX417CQoSw29s3chaMACffHzV
> Z7YZ8j/uX5Z6DbFloWgnvc0=
> =WgyN
> -----END PGP SIGNATURE-----
Received on Thu Jan 3 23:39:21 2008
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Thu 03 Jan 2008 - 23:39:26 GMT by hypermail 2.1.8