[Users] routing from external through HN to loopback on CT

[Christopher McCrory]

Hello...

The setup:
 x.y.1.1/24   Cisco router
 x.y.1.2/24   OpenVZ Hardware Node on CentOS 5 with all updates
 x.y.1.3/24   OpenVZ container CT103 using veth
 x.y.42.42/32 IP address on container's loopback interface
 iptables off on all hosts, ip forwarding enabled everywhere
 the router/external host has a route for x.y.42.42/32 via x.y.1.3
 
 I cannot get packets from external hosts to route to the loopback on
CT103.  packets leave the router, enter the HN, but never exit any
interface.  This should be working but isn't and the same setup not on a
container works.  What am I missing?



in the openvz/103.conf file this works
IP_ADDRESS="x.y.1.3 x.y.42.42"

but will not work as I need x.y.42.42 to be on several containers
(anycast DNS) and advertised via BGP.  I also need to create more CTs
that will have a hundreds of IP addresses on loopbacks and putting them
in the openvz config will not scale.

Again, what am I missing?

thanks

-- 
Christopher McCrory
To the optimist, the glass is half full.
To the pessimist, the glass is half empty.
To the engineer, the glass is twice as big as it needs to be.