On Wed, Feb 18, 2015 at 08:40:58PM +0100, Romain Rivière wrote:
> Hi list,
Hello Romain!
> Today I had a first attempt at setting up a VServer with more
> than just 1 IP and 1 interface. For this particular experiment,
> I have:
> - 1 public IP, directly available to the guest on eth0
> - 1 RFC 1918 IP, assigned to dummy0
> - lo.
> The host also has dummy0 and its own private IP assigned to it.
> I intended to use dummy0 as a "local" network between the
> guests and the host.
Note: while you may have assigned your addresses to dummy0,
most likely neither the host nor the guest will use it, or
in case either does, you won't have much fun with it.
(the dummy interface just discards packets)
> The problem is that when the guest tries to connect to the
> host's dummy0 IP (eg. 192.168.0.1), instead of using its
> own dummy0 IP (eg. 192.168.0.42), it will use the public IP
> assigned to eth0.
> Is there a way around this issue?
This is caused by missing/improper routing/source IP setup/
> The reason why I need this is so that
> ACLs on the host can use 192.168.0.0/24, instead of
> manually listing a dozen individual IP addresses that
> are not part of a consistent range
> (that's what the ISP gave me, no way around it).
It is probably easier to classify "local" connections by
the fact that they will use the "lo" interface, but as
always YMMV.
All the best,
Herbert
> Cheers
> --
> Romain Rivière
> PS: kernel 3.14.27-vs2.3.6.13, in case it matters.
Received on Wed Feb 18 21:22:55 2015