[Users] problems with SNAT/MASQUERADE
Sergej Kandyla
sk.paix at gmail.com
Sun Dec 20 06:37:42 EST 2009
Galia Lisovskaya пишет:
> Hi all!
>
> I have stupid quation :(
> Don't work SNAT/MASQUERADE for VEs. Please help me get knowlege, how
> make work configuration.
>
> I read this guide now, and in the past. And, in the past, as i
> remeber, i had means it's doe'snt work for me:
>
> http://wiki.openvz.org/Using_NAT_for_VE_with_private_IPs
>
Plz read more carefully this link. It contain all info about setting up
nat on the openvz HN.
http://wiki.openvz.org/Using_NAT_for_VE_with_private_IPs
You just need to have next iptables rules
iptables -t nat -A POSTROUTING -o eth0 -s 10.0.0.0/16 -j MASQUERADE
or
#iptables -t nat -A POSTROUTING -o eth0 -s 10.0.0.0/16 -j SNAT
--to-source $FORWARDIP # internal containers
if you want to have SNAT to specified source.
In this samples 10.0.0.0/16 is my internal network for VEs.
Also you should have
net.ipv4.ip_forward = 1
which is default for openvz installations.
More information about the Users
mailing list