I'm attempting to use systemd's socket-proxyd to forward a static IP on a VPS,
over a VPN to a mailserver at a remote office location, listening at a NAT'd,
internal IP.
The mailserver listens @ IP = 10.2.2.12.
The staticIP at the VPS is IP = 111.222.333.444
The VPS's staticIP is pingable from the VPS
ping -c 1 111.222.333.444
PING 111.222.333.444 (111.222.333.444) 56(84) bytes of data.
64 bytes from 111.222.333.444: icmp_seq=1 ttl=64 time=0.060 ms
--- 111.222.333.444 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.060/0.060/0.060/0.000 ms
The office's mailserver is pingable over the VPN link
ping -c 1 10.2.2.12
PING 10.2.2.12 (10.2.2.12) 56(84) bytes of data.
64 bytes from 10.2.2.12: icmp_seq=1 ttl=63 time=46.8 ms
--- 10.2.2.12 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 46.817/46.817/46.817/0.000 ms
I can connect to the SMTP server from the VPS as well
telnet 10.2.2.12 25
Trying 10.2.2.12...
Connected to 10.2.2.12.
Escape character is '^]'.
220 mx.mydomain.com ESMTP . No UCE permitted.
^]
telnet> quit
Connection closed.
Cribbing from the nginx examples at
http://www.freedesktop.org/software/systemd/man/systemd-socket-proxyd.html
I've created a socket unit to listen on the staticIP
cat /etc/systemd/system/proxy-to-mailserver.socket
[Socket]
ListenStream=111.222.333.444:25
[Install]
WantedBy=sockets.target
and a service unit to forward the traffic to the mailserver listener
cat /etc/systemd/system/proxy-to-mailserver.service
[Unit]
Requires=openvpn.service
After=openvpn.service
[Service]
ExecStart=/usr/lib/systemd/systemd-socket-proxyd 10.2.2.12:25
PrivateTmp=yes
PrivateNetwork=yes
Enable/start of the socket works
systemctl enable proxy-to-mailserver.socket
systemctl start proxy-to-mailserver.socket
systemctl status proxy-to-mailserver.socket
proxy-to-mailserver.socket
Loaded: loaded (/etc/systemd/system/proxy-to-mailserver.socket;
enabled)
Active: active (listening) since Wed 2015-05-13 21:22:41 PDT; 2min
37s ago
Listen: 111.222.333.444:25 (Stream)
IIUC, at this point I should be able to connect to the mailserver @ the
forwarded staticIP.
But, at the VPS, the connection is immediately dropped
telnet 111.222.333.444 25
Trying 111.222.333.444...
Connected to 111.222.333.444.
Escape character is '^]'.
Connection closed by foreign host.
and @ `journalctl -f`,
May 13 21:36:57 edge.mydomain.com systemd-socket-proxyd[5291]: Failed
to connect to remote host: Network is unreachable
I'm not clear why I'm seeing "Network is unreachable" when the remote host is
clearly pingable and accessible via telnet.
I suspect 'PrivateNetwork' may have a hand in it, but I'm fuzzy on usage.
What's missing or incorrect about that ^^ scenario/usage?
Thanks.
pgnd
_______________________________________________
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
