vserver development mailing list: [Vserver] Confused by routing

[Vserver] Confused by routing:
vserver development mailing list
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]

About this list	Date view	Thread view	Subject view	Author view	Attachment view

From: Gilles (gilles_at_harfang.homelinux.org)
Date: Sat 21 May 2005 - 17:21:51 BST

Previous message: Herbert Poetzl: "Re: [Vserver] vs2.0-rc1 for 2.6.12-rc4"
Next in thread: Gilles: "Re: [Vserver] Confused by routing"
Reply: Gilles: "Re: [Vserver] Confused by routing"
Reply: Herbert Poetzl: "Re: [Vserver] Confused by routing"

Hello.

Here is the setup:

+--------------------+
| | +-----------------+
| Host1 | | |
| 192.168.107.10 | | Host2 (FW) |
| 192.167.83.1 | | 192.168.107.20 |
| 192.168.79.1 | eth0.2 | 192.168.83.2 |
| | 192.168.83.0 | 192.168.79.2 |
| |-------------------| | +-------+
| +--------------+ | | | eth1 | |
| | | | eth0.3 | |------| Modem |----> Internet
| | Vs1 | | 192.168.79.0 | | | |
| | 192.168.83.1 | |-------------------| | +-------+
| | | | | |
| +--------------+ | eth0.4 | |
| +--------------+ | 192.168.107.0 | |
| | | |-------------------| |
| | Vs2 | | | |
| | 192.168.79.1 | | +-----------------+
| | | |
| +--------------+ |
| |
+--------------------+

"eth0.2", "eth0.3", "eth0.4" are 3 VLANs (802.1q) on real ethernet
interface "eth0".

VLAN works as expected: e.g.
  I can log in from Host1 to Host2 (192.168.107.20)
  I can log in from Host1 to Host2 (192.168.83.2)
  I can reach the Internet from Host1

# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.83.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0.2
192.168.79.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0.3
192.168.107.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0.4
0.0.0.0 192.168.107.20 0.0.0.0 UG 0 0 0 eth0.4

Then I start Vs1.

First, there is the following error:
ERROR: trying to add VLAN #2 to IF -:eth0:- error: Invalid argument

Why (see also the new content of the routing table, below)?

I can log into Vs1 from Host1.
But from inside Vs1 I cannot reach neither Host2 nor the Internet.
I assume it is a matter of adding the right routing information... but I don't
know what it is :-/

[Then, ideally, all VLANs should be routed through the firewall, i.e. communication
between Vs1 and Vs2 should be subject to the firewalling rules set up on Host2.
Is this possible?]

Can someone help me?

Thanks and best regards.
Gilles
_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver

Previous message: Herbert Poetzl: "Re: [Vserver] vs2.0-rc1 for 2.6.12-rc4"
Next in thread: Gilles: "Re: [Vserver] Confused by routing"
Reply: Gilles: "Re: [Vserver] Confused by routing"
Reply: Herbert Poetzl: "Re: [Vserver] Confused by routing"

About this list	Date view	Thread view	Subject view	Author view	Attachment view

[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Sat 21 May 2005 - 17:22:58 BST by hypermail 2.1.3