Hello Sergej,
Thank you for answer,
> Plz read more carefully this link. It contain all info about setting up nat
> on the openvz HN.
> http://wiki.openvz.org/Using_NAT_for_VE_with_private_IPs
I read this guide very more count :(
> You just need to have next iptables rules
> iptables -t nat -A POSTROUTING -o eth0 -s 10.0.0.0/16 -j MASQUERADE
> or
> #iptables -t nat -A POSTROUTING -o eth0 -s 10.0.0.0/16 -j SNAT --to-source
> $FORWARDIP # internal containers
> if you want to have SNAT to specified source.
> In this samples 10.0.0.0/16 is my internal network for VEs.
It does'nt work for me :(
[r...@ovz-test2 ~]# iptables -t nat -A POSTROUTING -o eth0 -s
10.0.5.0/24 -j MASQUERADE
[r...@ovz-test2 ~]# vzlist
CTID NPROC STATUS IP_ADDR HOSTNAME
401 8 running 10.0.5.41 customer11.vps.local
402 12 running 10.0.5.42 customer12.vps.local
404 18 running 10.0.5.44 customer14.vps.local
406 12 running 10.0.5.46 customer16.vps.local
407 14 running 10.0.5.47 test-dns.local
[r...@ovz-test2 ~]# vzctl exec 407 ping -c 1 google.com
PING google.com (74.125.77.104) 56(84) bytes of data.
>From ovz-test2.local (10.0.5.128) icmp_seq=1 Destination Net Unreachable
--- google.com ping statistics ---
1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms
> Also you should have
> net.ipv4.ip_forward = 1
> which is default for openvz installations.
In my last message i wrote my sysctl:
[r...@ovz-test2 ~]# sysctl -p
net.ipv4.conf.default.forwarding = 1
net.ipv4.conf.default.proxy_arp = 0
net.ipv4.ip_forward = 1
net.ipv4.conf.all.rp_filter = 1
kernel.sysrq = 1
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0
[r...@ovz-test2 ~]#
--
Galina Lisovskaya
_______________________________________________
Users mailing list
Users@openvz.org
https://openvz.org/mailman/listinfo/users
