On Sun, May 22, 2005 at 12:04:37AM +0200, Gilles wrote: > > Further information. > > > > > # route -n > > Kernel IP routing table > > Destination Gateway Genmask Flags Metric Ref Use > > Iface > > 192.168.83.0 0.0.0.0 255.255.255.0 U 0 0 0 > > eth0.2 > > 192.168.79.0 0.0.0.0 255.255.255.0 U 0 0 0 > > eth0.3 > > 192.168.107.0 0.0.0.0 255.255.255.0 U 0 0 0 > > eth0.4 > > 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 > > eth0.2 > > 0.0.0.0 192.168.107.20 0.0.0.0 UG 0 0 0 > > eth0.4 > > > > > > I can log into Vs1 from Host1. > > But from inside Vs1 I cannot reach neither Host2 nor the Internet. > > I assume it is a matter of adding the right routing information... but I > > don't > > know what it is :-/ > > > > I added "network" and "gateway" lines in the "/etc/network/interfaces" file > (Debian) for each of the VLAN interfaces. And now I can, from Vs1, log into > Host2, e.g. using > > # ssh 192.168.83.2 > > I still can't connect to the outside, and also not to another address of Host2 > e.g. with > > # ssh 192.168.107.20 > > > This is the routing table on Host1: > > # route -n > Kernel IP routing table > Destination Gateway Genmask Flags Metric Ref Use Iface > 192.168.83.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0.2 > 192.168.79.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0.3 > 192.168.107.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0.4 > 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 eth0.2 > 0.0.0.0 192.168.107.20 0.0.0.0 UG 0 0 0 eth0.4 > 0.0.0.0 192.168.79.2 0.0.0.0 UG 0 0 0 eth0.3 > 0.0.0.0 192.168.83.2 0.0.0.0 UG 0 0 0 eth0.2 > > > And this is inside Vs1: > > # route -n > Kernel IP routing table > Destination Gateway Genmask Flags Metric Ref Use Iface > 192.168.83.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0.2 > 192.168.79.0 0.0.0.0 255.255.255.0 U 0 0 0 * > 192.168.107.0 0.0.0.0 255.255.255.0 U 0 0 0 * > 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 eth0.2 > 0.0.0.0 0.0.0.0 0.0.0.0 UG 0 0 0 * > 0.0.0.0 0.0.0.0 0.0.0.0 UG 0 0 0 * > 0.0.0.0 192.168.83.2 0.0.0.0 UG 0 0 0 eth0.2 > > > What do those "*" mean, in the "Iface" column?
it means that the interface used for that route isn't available inside the vservers (i.e. no information could be retrieved) > Is it OK to have several "default" routes. yes, it _is_ okay, as long as they are bound to a source address, otherwise they do not make too much sense ... see http://archives.linux-vserver.org/200311/0470.html (solution a) was implemented and b) is still? planned but might be superceeded by ngnet ...) > Those are automatically created from > the "gateway" lines in file "/etc/network/interfaces")? which are simply false, you should, btw, let the tools create those interfaces and focus on setting up the routing ... might be interesting to add an /etc/vservers/*/interfaces/*/gateway to the config and set up table based routing if compiled into the kernel, etc ... (any volunteers?) HTH, Herbert > Gilles > _______________________________________________ > Vserver mailing list > [email protected] > http://list.linux-vserver.org/mailman/listinfo/vserver _______________________________________________ Vserver mailing list [email protected] http://list.linux-vserver.org/mailman/listinfo/vserver
