Re: [Vserver] Confused by routing:
 vserver development mailing list 
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
About this list Date view Thread view Subject view Author view Attachment view

From: Herbert Poetzl (herbert_at_13thfloor.at)
Date: Fri 27 May 2005 - 11:24:12 BST

Hi Gilles!

here is an example setup how to accomplish your 'funny'
routing scenario ... enjoy!

 +---------------------+
 | |
 | Host 1 |
 | | +-------------------+
 | 192.168.0.1/24 | | |
 | | | Host2 (FW) |
 | 172.16.0.2/16 | | |
 | 172.17.0.2/16 | | 192.168.0.2/24 |
 | | | |
 | +-----------------+ | | 172.16.0.2/16 |
 | | | | eth0.2 | 172.17.0.2/16 |
 | | Guest 1 | | 172.16.0.0/16 | |
 | | +----------------------+ |
 | | 172.16.0.1/16 | | | ` |
 | | | | | ¦ |
 | +-----------------+ | | ¦ |
 | | | ¦ rules |
 | +-----------------+ | | ¦ |
 | | | | eth0.3 | ¦ |
 | | Guest 2 | | 172.17.0.0/16 | , |
 | | +----------------------+ |
 | | 172.17.0.1/16 | | | |
 | | | | +-------------------+
 | +-----------------+ |
 | |
 +---------------------+

Tested as two QEMU instances connected via a simple
bridging setup on the real machine ...

Bridge on Real:
===============

 ifconfig tun0 0.0.0.0 up
 ifconfig tun1 0.0.0.0 up

 brctl addbr br0
 brctl addif br0 tun0
 brctl addif br0 tun1

Host 1 Setup:
=============

 /* basic network setup for QEMU */
 ifconfig lo 127.0.0.1
 ifconfig eth0 hw ether 00:00:00:00:00:01
 ifconfig eth0 192.168.0.1

 /* create VLAN taggings */
 vconfig add eth0 2
 vconfig add eth0 3
 
 /* configure interfaces */
 ifconfig eth0.2 172.16.0.1
 ifconfig eth0.3 172.17.0.1

Host 2 Setup:
=============

 /* basic network setup for QEMU */
 ifconfig lo 127.0.0.1
 ifconfig eth0 hw ether 00:00:00:00:00:02
 ifconfig eth0 192.168.0.2

 /* create VLAN taggings */
 vconfig add eth0 2
 vconfig add eth0 3

 /* configure interfaces */
 ifconfig eth0.2 172.16.0.2
 ifconfig eth0.3 172.17.0.2

Host 1 Magic:
=============

 /* default gw for Guest 1 */
 ip rule add from 172.16.0.1 table 16
 ip route add default via 172.16.0.2 table 16
 ip route del 172.16.0.0/16

 /* default gw for Guest 2 */
 ip rule add from 172.17.0.1 table 17
 ip route add default via 172.17.0.2 table 17
 ip route del 172.17.0.0/16
 
 /* nat to avoid local table */
 iptables -t nat -A OUTPUT -d 172.17.0.1 -j DNAT --to 172.17.1.1
 iptables -t nat -A OUTPUT -d 172.16.0.1 -j DNAT --to 172.16.1.1

Host 2 Magic:
=============

 /* enable forwarding */
 echo 1 >/proc/sys/net/ipv4/ip_forward

 /* nat between 172.16.1.1 and 172.16.0.1 */
 iptables -t nat -A PREROUTING -d 172.16.1.1 -j DNAT --to 172.16.0.1
 iptables -t nat -A POSTROUTING -s 172.16.0.1 -j SNAT --to 172.16.1.1

 /* nat between 172.17.1.1 and 172.17.0.1 */
 iptables -t nat -A PREROUTING -d 172.17.1.1 -j DNAT --to 172.17.0.1
 iptables -t nat -A POSTROUTING -s 172.17.0.1 -j SNAT --to 172.17.1.1

_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver

About this list Date view Thread view Subject view Author view Attachment view
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Fri 27 May 2005 - 11:24:37 BST by hypermail 2.1.3