From: Herbert Poetzl (herbert_at_13thfloor.at)
Date: Sun 22 May 2005 - 00:23:08 BST
On Sun, May 22, 2005 at 12:04:37AM +0200, Gilles wrote:
>
> Further information.
>
> >
> > # route -n
> > Kernel IP routing table
> > Destination Gateway Genmask Flags Metric Ref Use Iface
> > 192.168.83.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0.2
> > 192.168.79.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0.3
> > 192.168.107.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0.4
> > 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 eth0.2
> > 0.0.0.0 192.168.107.20 0.0.0.0 UG 0 0 0 eth0.4
> >
> >
> > I can log into Vs1 from Host1.
> > But from inside Vs1 I cannot reach neither Host2 nor the Internet.
> > I assume it is a matter of adding the right routing information... but I don't
> > know what it is :-/
> >
>
> I added "network" and "gateway" lines in the "/etc/network/interfaces" file
> (Debian) for each of the VLAN interfaces. And now I can, from Vs1, log into
> Host2, e.g. using
>
> # ssh 192.168.83.2
>
> I still can't connect to the outside, and also not to another address of Host2
> e.g. with
>
> # ssh 192.168.107.20
>
>
> This is the routing table on Host1:
>
> # route -n
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref Use Iface
> 192.168.83.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0.2
> 192.168.79.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0.3
> 192.168.107.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0.4
> 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 eth0.2
> 0.0.0.0 192.168.107.20 0.0.0.0 UG 0 0 0 eth0.4
> 0.0.0.0 192.168.79.2 0.0.0.0 UG 0 0 0 eth0.3
> 0.0.0.0 192.168.83.2 0.0.0.0 UG 0 0 0 eth0.2
>
>
> And this is inside Vs1:
>
> # route -n
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref Use Iface
> 192.168.83.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0.2
> 192.168.79.0 0.0.0.0 255.255.255.0 U 0 0 0 *
> 192.168.107.0 0.0.0.0 255.255.255.0 U 0 0 0 *
> 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 eth0.2
> 0.0.0.0 0.0.0.0 0.0.0.0 UG 0 0 0 *
> 0.0.0.0 0.0.0.0 0.0.0.0 UG 0 0 0 *
> 0.0.0.0 192.168.83.2 0.0.0.0 UG 0 0 0 eth0.2
>
>
> What do those "*" mean, in the "Iface" column?
it means that the interface used for that route isn't available
inside the vservers (i.e. no information could be retrieved)
> Is it OK to have several "default" routes.
yes, it _is_ okay, as long as they are bound to a source address,
otherwise they do not make too much sense ...
see http://archives.linux-vserver.org/200311/0470.html
(solution a) was implemented and b) is still? planned but might
be superceeded by ngnet ...)
> Those are automatically created from
> the "gateway" lines in file "/etc/network/interfaces")?
which are simply false, you should, btw, let the tools create
those interfaces and focus on setting up the routing ...
might be interesting to add an /etc/vservers/*/interfaces/*/gateway
to the config and set up table based routing if compiled into
the kernel, etc ... (any volunteers?)
HTH,
Herbert
> Gilles
> _______________________________________________
> Vserver mailing list
> Vserver_at_list.linux-vserver.org
> http://list.linux-vserver.org/mailman/listinfo/vserver
_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver