From: Paul Sladen (vserver_at_paul.sladen.org)
Date: Fri 31 Jan 2003 - 20:37:23 GMT
On Fri, 31 Jan 2003, Brandon Hoult wrote:
> 1. Yes, and I can ping the nameserver addresses from inside the vserver
> with no problems.
Am I right in thinking that things like:
vserver$ dig example.com @nameserver.ip
just don't resolve/return?
> - ping to vserver also will not work from anywhere except vservers host
My initial thinking was that either the machine wasn't listening on the
external interface for traffic destined to the vserver's IPs, or that
routing wasn't getting the packets there in the first place.
However, connections going *out* from the box's vserver are working fine,
which means that packets must be coming back too.
Can you give me a dump of your network/LAN setup (off list if you would
prefer) and see what happens when you run `tcpdump' from the host server and
watch packets coming in.
alpha:~# tcpdump -i eth0 host beta
user_at_beta:~$ ping vserver
user_at_beta:~$ telnet vserver 22
What do you see in the packet dump--are the packets been seen by the host
box? `Beta' should be the machine that you can see from the vserver, but
that you can't see the other way around.
Make sure you check the TCP/UDP protocols are working--the ICMP echo reply
("ping") packets are answered at a much lower level by the kernel IP stack,
regardless of the vserver stuff.
Can you also do a dump of `ifconfig' and the various `/etc/vservers/*'
config files.
-Paul
-- Nottingham, GB