From: Gerald Leier (gl_at_revolto.at)
Date: Thu 18 Sep 2003 - 15:30:30 BST
hi folks
i only got one official internet routeable ip address and want to setup
a few servers in a vserver security context.
what i did now was:
create an dummy device (dummy0) and give it a privatipaddress.
then i added a vserver with the following settings:
IPROOT="10.0.0.3"
IPROOTDEV="dummy0"
then i did:
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
but all i can is ping around, the rest doesnt work at all.
also want to use real dest/source nat instead of masquerade.
i recognized that i cant change routing within a vserver so
my thoughts might all be senseless crap.
how should networking be done with vserver ?
i thought i build something like this:
realserver: REALADDRESS
vserver1: 10.0.0.1
apache on :80,:443 (namebased virtualhosts, as a reverseproxy)
vserver2: 10.0.0.2
apache on any port (the realcontentserver, requests get forwarded
to this one)
anyone a hint on vserver networking ?
sorry couldnt find any documentation on this also i didnt find a searchable
maillinglist.
thanks
gerald