Víctor Román Archidona wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi,
>
> I'm using several VPS on the same machine with multiple public IP
> addresses. Both host and VPS machines has network conectivity and reachs
> the public Internet via eth0, which has all the public IPs.
>
> Now I'm building "private" VPS on 172.16.1.0/24 network segment. If I
> give 172.16.1.1 to HOST and 172.16.1.10 to a private VPS, they both can
> see each other.
>
> The problem comes when I try to reach the public internet from the
> private VPS on the private subnet. I also enabled forwarding and
> postrouting on the host:
>
> echo 1 > /proc/sys/net/ipv4/ip_forward
This is not needed. Guests aren't routed /through/ the host, they're
routed /by/ the host.
> iptables -t nat -A POSTROUTING -s 172.16.1.0/24 ! -d 172.16.1.0/24 -j
> SNAT --to A.B.C.D
>
> (being A.B.C.D the public IP address).
>
> The VPS has the following interfaces configuration:
> ~ /etc/vservers/private/interfaces/0/dev > lo
> ~ /etc/vservers/private/interfaces/0/prefix > 8
> ~ /etc/vservers/private/interfaces/0/ip > 127.0.0.1
I hope you only have this for one guest... but even then it shouldn't be
needed with a properly configured kernel and non-retarded applications.
> ~ /etc/vservers/private/interfaces/1/dev > eth0
> ~ /etc/vservers/private/interfaces/1/prefix > 24
> ~ /etc/vservers/private/interfaces/1/ip > 171.16.1.10
>
> Can anyone help me or give some hint about why I cannot reach the public
> Internet?
What kernel? Using a private address for the first interface is a possible
reason if you're using an old kernel.
> Regards,
> - --
> Victor Roman Archidoan
> http://blog.daijo.org
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.8 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iEYEARECAAYFAkfrbHMACgkQQ/ddYKMfqaDTuQCbBeV9u+4aqxa2R7jQZh9QMpOP
> AYgAmwTY/wPpucNBaVrPIc5O/K2BrM/q
> =exn5
> -----END PGP SIGNATURE-----
>
-- Daniel Hokka ZakrissonReceived on Fri Mar 28 20:31:44 2008