On Mon, Dec 19, 2005 at 01:00:48PM -0500, Jairo Enrique Serrano Castañeda wrote: > > > > > > not unexpected, unless your router (172.16.3.16) > > also masquerades private addresses like 192.168.1.2 > > > my unusual router are 172.16.3.16 > > > how do it? > > > > simple: > > > iptables -t nat -I POSTROUTING -s 192.168.1.2 -j SNAT --to 172.16.3.102 > > > i have a "real" network ip of my lan... 172.16.3.103, i do a ip alias > > # Original > iface eth0 inet static > address 172.16.3.102 > netmask 255.255.255.0 > network 172.16.3.0 > broadcast 172.16.3.255 > gateway 172.16.3.16 > # dns-* options are implemented by the resolvconf package, if > installed > dns-nameservers 200.106.128.4 > > #alias > iface eth0:1 inet static > address 172.16.3.103 > netmask 255.255.255.0 > network 172.16.3.0 > broadcast 172.16.3.255 > gateway 172.16.3.16
the second gateway is confusing ... at least it might give strange results for 'different' gateways/networks > dns-nameservers 200.106.128.4 > > > in the virtual server have: > [EMAIL PROTECTED]:/# route > Kernel IP routing table > Destination Gateway Genmask Flags Metric Ref Use > Iface > 172.16.3.0 * 255.255.255.0 U 0 0 0 eth0 > default 172.16.3.16 0.0.0.0 UG 0 0 0 eth0 > default 172.16.3.16 0.0.0.0 UG 0 0 0 eth0 > > in the Host server have: > [EMAIL PROTECTED]:~$ route > Kernel IP routing table > Destination Gateway Genmask Flags Metric Ref Use > Iface > localnet * 255.255.255.0 U 0 0 0 eth0 > default 172.16.3.16 0.0.0.0 UG 0 0 0 eth0 > default 172.16.3.16 0.0.0.0 UG 0 0 0 eth0 > > looks equal... yep, should be fine too, your last email contained a guest setup with 192.168.x.x though ... > the two ips are functional... > ------------------------------------------------------------------------------------------------ > > [EMAIL PROTECTED]:~$ ping 172.16.3.102 > PING 172.16.3.102 (172.16.3.102) 56(84) bytes of data. > 64 bytes from 172.16.3.102: icmp_seq=1 ttl=64 time=0.023 ms > 64 bytes from 172.16.3.102: icmp_seq=2 ttl=64 time=0.007 ms > --- 172.16.3.102 ping statistics --- as you see, this doesn't tell anything, it just contacts localhost, and the packet is transmitted via the loopback device (does not even hit the network or router) > 2 packets transmitted, 2 received, 0% packet loss, time 999ms > rtt min/avg/max/mdev = 0.007/0.015/0.023/0.008 ms > > ------------------------------------------------------------------------------------------------ > > [EMAIL PROTECTED]:~$ ping 172.16.3.103 > PING 172.16.3.103 (172.16.3.103) 56(84) bytes of data. > 64 bytes from 172.16.3.103: icmp_seq=1 ttl=64 time=0.018 ms > 64 bytes from 172.16.3.103: icmp_seq=2 ttl=64 time=0.008 ms > --- 172.16.3.103 ping statistics --- > 2 packets transmitted, 2 received, 0% packet loss, time 1000ms > rtt min/avg/max/mdev = 0.008/0.013/0.018/0.005 ms > > ------------------------------------------------------------------------------------------------ try the following (on the host) just to verify that your router is doing the proper stuff: ping -c 2 -I 172.16.3.102 www.google.com ping -c 2 -I 172.16.3.103 www.google.com if one of those fails (or both) then something is broken with your router > but not resolv functional... verify that /etc/resolv.conf has proper nameserver entries inside the guest (i.e. very likely the same ones you have on the host) HTH, Herbert > > any fault in the config??? > > > > no, looks fine, although I'd add a prefix (e.g. > > containing 24) to the interfaces/0 > > > > HTH, > > Herbert > > > > > -- > > > Jairo Enrique Serrano Castañeda > > > Ingeniero de Sistemas UTB > > > http://www.jsnat.com > > > http://www.drupal.org.es > > > > > _______________________________________________ > > > Vserver mailing list > > > [email protected] > > > http://list.linux-vserver.org/mailman/listinfo/vserver > > > > > > > -- > Jairo Enrique Serrano Castañeda > Ingeniero de Sistemas UTB > http://www.jsnat.com > http://www.drupal.org.es > _______________________________________________ > Vserver mailing list > [email protected] > http://list.linux-vserver.org/mailman/listinfo/vserver _______________________________________________ Vserver mailing list [email protected] http://list.linux-vserver.org/mailman/listinfo/vserver
