[Users] problems with SNAT/MASQUERADE
Dan Rossi
electroteque at gmail.com
Sun Dec 20 08:45:48 EST 2009
Hey I am also having NAT issues. For instance I'm routing port 80 to squid which reverse proxies to instances. However when I tried to get instances to view sites on the same server, its not going directly out and back in if you know what I mean by it gets directed through squid but squid isnt setup for proxying a connection for the containers ! What do I do here I get failed connections. The containers are able to access to external sites though.
On 20/12/2009, at 10:37 PM, Sergej Kandyla wrote:
> Galia Lisovskaya пишет:
>> Hi all!
>>
>> I have stupid quation :(
>> Don't work SNAT/MASQUERADE for VEs. Please help me get knowlege, how
>> make work configuration.
>> I read this guide now, and in the past. And, in the past, as i
>> remeber, i had means it's doe'snt work for me:
>>
>> http://wiki.openvz.org/Using_NAT_for_VE_with_private_IPs
>>
> Plz read more carefully this link. It contain all info about setting up nat on the openvz HN.
> http://wiki.openvz.org/Using_NAT_for_VE_with_private_IPs
>
> You just need to have next iptables rules
> iptables -t nat -A POSTROUTING -o eth0 -s 10.0.0.0/16 -j MASQUERADE
> or
> #iptables -t nat -A POSTROUTING -o eth0 -s 10.0.0.0/16 -j SNAT --to-source $FORWARDIP # internal containers
> if you want to have SNAT to specified source.
> In this samples 10.0.0.0/16 is my internal network for VEs.
>
>
> Also you should have
> net.ipv4.ip_forward = 1
> which is default for openvz installations.
>
> _______________________________________________
> Users mailing list
> Users at openvz.org
> https://openvz.org/mailman/listinfo/users
More information about the Users
mailing list