From: Christian.Lang_at_bertelsmann.de
Date: Tue 05 Aug 2003 - 07:50:20 BST
Thanks, that helped!
Christian
> -----Ursprüngliche Nachricht-----
> Von: Herbert Pötzl [mailto:herbert_at_13thfloor.at]
> Gesendet: Freitag, 1. August 2003 13:26
> An: Christian.Lang_at_bertelsmann.de
> Cc: vserver_at_solucorp.qc.ca; Georg.Dierkes_at_bertelsmann.de
> Betreff: Re: [vserver] setting the default gateway
>
> On Fri, Aug 01, 2003 at 10:56:22AM +0200, Christian.Lang_at_bertelsmann.de
> wrote:
> > Thank for the response. Yes I understood that the routing needs to be
> setup
> > on the host server. But how? I tried to solve the problem with policy
> > routing setting an extra default gateway for the vservers running on a
> > vitual interface on eth1:
> >
> >
> > default route
> > eth1:VS1 (192.168.3.20) -----------------> eth1 (192.168.3.1)
> >
> > NAT
> > -------------> eth0 (145.228.83.129) -------> Internet
> >
> >
> > currently the default gateway of my box is 145.228.83.129. Therefore I
> > introduced a routing table 101 for the network 192.168.3.0/24 to be
> routed
> > through 192.168.3.1. But for some reason the rule
> >
> > rule add from 192.168.3.20 table 101 prio 20
> >
> > does not match. I presumed that it might not recognize virtual devices?
>
> I use a setup like the following
> (for one maintainance access, and two other nics, for
> the virtual servers, all have their own default gateway)
>
>
> ip route delete $INTNET
> ip route add $INTNET dev $INTDEV src $INTIP table intern
> ip route add $INTNET dev $INTDEV src $INTIP
> ip route add default via $INTDG dev $INTDEV src $INTIP table intern
> ip rule add from $INTIP table intern
>
> ip route add $EXTNET1 dev $EXTDEV1 table extern1
> ip route add default via $EXTDG1 dev $EXTDEV1 table extern1
> ip rule add from $EXTNET1 table extern1
>
> ip route add $EXTNET2 dev $EXTDEV2 table extern2
> ip route add default via $EXTDG2 dev $EXTDEV2 table extern2
> ip rule add from $EXTNET2 table extern2
>
> NET .. network
> DEV .. (base) device
>
> IP .. master source ip
> DG .. default gateway
>
> HTH,
> Herbert
>
> >
> > Christian
> >
> >
> >
> > > -----Ursprüngliche Nachricht-----
> > > Von: Dan Hrabarchuk [mailto:dan_at_findatradenow.com]
> > > Gesendet: Donnerstag, 31. Juli 2003 17:15
> > > An: VServer Mailing List
> > > Betreff: Re: [vserver] setting the default gateway
> > >
> > > Below is my routing table. This is the same on the main server and
> each
> > > vserver running on my firewall. I NAT 100% properly and my vservers
> are
> > > accessable over my VPN with out issues. Basically get your host
> servers
> > > routing set up. VServers do not need their *own* routing.
> > >
> > > Dan
> > >
> > > Kernel IP routing table
> > > Destination Gateway Genmask Flags MSS Window
> irtt
> > > Iface
> > > 192.168.1.0 0.0.0.0 255.255.255.0 U 40 0
> 0
> > > eth1
> > > 142.179.x.0 0.0.0.0 255.255.248.0 U 40 0
> 0
> > > eth0
> > > 142.179.x.0 0.0.0.0 255.255.248.0 U 40 0
> 0
> > > ipsec0
> > > 192.168.0.0 0.0.0.0 255.255.248.0 U 40 0
> 0
> > > eth0
> > > 172.16.0.0 142.179.x.254 255.255.0.0 UG 40 0
> 0
> > > ipsec0
> > > 10.0.0.0 142.179.x.254 255.0.0.0 UG 40 0
> 0
> > > ipsec0
> > > 127.0.0.0 0.0.0.0 255.0.0.0 U 40 0
> 0
> > > lo
> > > 0.0.0.0 142.179.x.254 0.0.0.0 UG 40 0
> 0
> > > eth0
> > >
> > > On Thu, 2003-07-31 at 04:24, Christian.Lang_at_bertelsmann.de wrote:
> > > > Hi,
> > > >
> > > >
> > > >
> > > > I'm using vserver on a box with 2 ethernet devices, eth0 and eth1:
> > > >
> > > >
> > > >
> > > > eth0 Link encap:Ethernet HWaddr
> > > >
> > > > inet addr:145.228.83.129 Bcast:145.228.83.255
> > > > Mask:255.255.255.0
> > > >
> > > > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> > > >
> > > > RX packets:21223 errors:0 dropped:0 overruns:0 frame:0
> > > >
> > > > TX packets:5770 errors:0 dropped:0 overruns:0 carrier:7
> > > >
> > > > collisions:20 txqueuelen:100
> > > >
> > > > RX bytes:2213696 (2.1 Mb) TX bytes:789266 (770.7 Kb)
> > > >
> > > > Interrupt:11 Base address:0x6000
> > > >
> > > >
> > > >
> > > > eth1 Link encap:Ethernet HWaddr
> > > >
> > > > inet addr:192.168.3.1 Bcast:192.168.3.255
> > > > Mask:255.255.255.0
> > > >
> > > > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> > > >
> > > > RX packets:0 errors:0 dropped:0 overruns:0 frame:0
> > > >
> > > > TX packets:154 errors:0 dropped:0 overruns:0 carrier:0
> > > >
> > > > collisions:0 txqueuelen:100
> > > >
> > > > RX bytes:0 (0.0 b) TX bytes:9240 (9.0 Kb)
> > > >
> > > > Interrupt:11 Base address:0xa000
> > > >
> > > >
> > > >
> > > > the vservers are bound to eth1 with IP's 192.168.3.XXX and should be
> > > > routed through 192.168.3.1 (and then NATed to 145.228.83.129).
> > > > Therefore I need to change the default route of the vservers from
> > > > 145.228.83.129 to 192.168.3.1. I did it according to a posting from
> > > > February 2002 (for the vserver-IP 192.168.3.20):
> > > >
> > > >
> > > >
> > > > ip rule add from 192.168.3.20 table 101 prio 20
> > > >
> > > > ip route add 192.168.0.0/24 dev eth1 table 101
> > > >
> > > > ip route add default via 192.168.3.1 dev eth1 table 101
> > > >
> > > > ip route flush cache
> > > >
> > > >
> > > >
> > > > the result is:
> > > >
> > > > --------------------------------------
> > > >
> > > > the global RULES:
> > > >
> > > > 0: from all lookup local
> > > >
> > > > 20: from 192.168.3.20 lookup 101
> > > >
> > > > 32766: from all lookup main
> > > >
> > > > 32767: from all lookup 253
> > > >
> > > >
> > > >
> > > > --------------------------------------
> > > >
> > > > the global ROUTES:
> > > >
> > > > 145.228.83.0/24 dev eth0 scope link
> > > >
> > > > 192.168.3.0/24 dev eth1 scope link
> > > >
> > > > 127.0.0.0/8 dev lo scope link
> > > >
> > > > default via 145.228.83.1 dev eth0
> > > >
> > > >
> > > >
> > > > --------------------------------------
> > > >
> > > > the ROUTES for table 101:
> > > >
> > > > 192.168.0.0/24 dev eth1 scope link
> > > >
> > > > default via 192.168.3.1 dev eth1
> > > >
> > > >
> > > >
> > > > --------------------------------------
> > > >
> > > > But for some reason, the default default route within the vservers
> is
> > > > not affected. Any ideas?
> > > >
> > > >
> > > >
> > > > Regards
> > > >
> > > > Christian
> > > >
> > > >
> > > >
> > > >
> > > --
> > > Dan
> > >
> > > Bridges.com - North America's leading provider of career and
> > > educational management solutions.