> -----Ursprüngliche Nachricht-----
> Von: Gordan Bobic [mailto:gordan@bobich.net]
>
> Fiedler Roman wrote:
>>> -----Ursprüngliche Nachricht-----
>>> Von: Gordan Bobic [mailto:gordan@bobich.net]
>>>
>>>> Fiedler Roman wrote:
>>>> ....
>>>> I'm trying to configure networking on a machine, where we cannot use any
>>>> private network for internal communication because I might need to receive
>>>> traffic from that network. So I can only use loopback, one private IP-Range IP
>>>> (server external IP) and I do not want to grab one public IP-range for internal
>>>> communication if avoidable.
> ....
> > Connect from guest to 127.0.1.1:80 is still remapped to 127.0.2.1, which is
> > guest itself. So no connection to host via lo possible.
>
> You are using 127/8 subnet on the dummy device - that won't work. You
> need a non-loopback IP range on the dummy interface, e.g. 192.168/16.
Thanks for your reply. I already used configuration with non-127 dummy interface and they are working. In current use case (description above), I have the problem, that organization cannot tell me, which private network is not in use at their location. Since I cannot handle requests from their network if I bind IPs to local interface, I was trying to do it without need of any other IPs than from range 127.0.0.0/8.
Things I could try:
* Convince organization to find a free private IPv4-Net because vserver needs it
* Try to live without remap, doing the 127/8 splitting by hand, fixing hardcoded 127.0.0.1 programs manually.
* Use some other range, e.g. 0.0.0.0/24, and hope not running into problems
* Modify local routing table to try to get it working though
* Use IPv6 private net on dummy and IPv4 for external traffic.
* Use iptables mangle or nat and mark to remap external requests from IP-Range also bound to local interface.
Thanks,
Roman
Received on Wed Feb 29 12:40:11 2012