2005/12/19, Herbert Poetzl <[EMAIL PROTECTED]>:
sorry for the change... in not know to do... ;)
i try to see in the router (not work with that - the firewall administrator its other people...)
server:
[EMAIL PROTECTED]:/home/savio# cat /etc/resolv.conf
nameserver 200.106.128.4
vserver:
[EMAIL PROTECTED]:/# cat /etc/resolv.conf
nameserver 200.106.128.4
On Mon, Dec 19, 2005 at 01:00:48PM -0500, Jairo Enrique Serrano Castañeda wrote:
> >
> >
> > not unexpected, unless your router (172.16.3.16)
> > also masquerades private addresses like 192.168.1.2
>
>
> my unusual router are 172.16.3.16
>
> > how do it?
> >
> > simple:
> >
> iptables -t nat -I POSTROUTING -s 192.168.1.2 -j SNAT --to 172.16.3.102
>
>
> i have a "real" network ip of my lan... 172.16.3.103 , i do a ip alias
>
> # Original
> iface eth0 inet static
> address 172.16.3.102
> netmask 255.255.255.0
> network 172.16.3.0
> broadcast 172.16.3.255
> gateway 172.16.3.16
> # dns-* options are implemented by the resolvconf package, if
> installed
> dns-nameservers 200.106.128.4
>
> #alias
> iface eth0:1 inet static
> address 172.16.3.103
> netmask 255.255.255.0
> network 172.16.3.0
> broadcast 172.16.3.255
> gateway 172.16.3.16
the second gateway is confusing ... at least it might
give strange results for 'different' gateways/networks
> dns-nameservers 200.106.128.4
>
>
> in the virtual server have:
> [EMAIL PROTECTED]:/# route
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref Use
> Iface
> 172.16.3.0 * 255.255.255.0 U 0 0 0 eth0
> default 172.16.3.16 0.0.0.0 UG 0 0 0 eth0
> default 172.16.3.16 0.0.0.0 UG 0 0 0 eth0
>
> in the Host server have:
> [EMAIL PROTECTED]:~$ route
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref Use
> Iface
> localnet * 255.255.255.0 U 0 0 0 eth0
> default 172.16.3.16 0.0.0.0 UG 0 0 0 eth0
> default 172.16.3.16 0.0.0.0 UG 0 0 0 eth0
>
> looks equal...
yep, should be fine too, your last email contained
a guest setup with 192.168.x.x though ...
sorry for the change... in not know to do... ;)
> the two ips are functional...
> ------------------------------------------------------------------------------------------------
>
> [EMAIL PROTECTED]:~$ ping 172.16.3.102
> PING 172.16.3.102 (172.16.3.102) 56(84) bytes of data.
> 64 bytes from 172.16.3.102: icmp_seq=1 ttl=64 time= 0.023 ms
> 64 bytes from 172.16.3.102: icmp_seq=2 ttl=64 time=0.007 ms
> --- 172.16.3.102 ping statistics ---
as you see, this doesn't tell anything, it just
contacts localhost, and the packet is transmitted
via the loopback device (does not even hit the
network or router)
> 2 packets transmitted, 2 received, 0% packet loss, time 999ms
> rtt min/avg/max/mdev = 0.007/0.015/0.023/0.008 ms
>
> ------------------------------------------------------------------------------------------------
>
> [EMAIL PROTECTED]:~$ ping 172.16.3.103
> PING 172.16.3.103 (172.16.3.103) 56(84) bytes of data.
> 64 bytes from 172.16.3.103: icmp_seq=1 ttl=64 time= 0.018 ms
> 64 bytes from 172.16.3.103: icmp_seq=2 ttl=64 time=0.008 ms
> --- 172.16.3.103 ping statistics ---
> 2 packets transmitted, 2 received, 0% packet loss, time 1000ms
> rtt min/avg/max/mdev = 0.008/0.013/0.018/0.005 ms
>
> ------------------------------------------------------------------------------------------------
try the following (on the host) just to verify that
your router is doing the proper stuff:
ping -c 2 -I 172.16.3.102 www.google.com
----------------------------------------------------------------------------------------------------------------------
in the server..
[EMAIL PROTECTED]:/home/savio# ping -c 2 -I 172.16.3.102 www.google.com
PING www.l.google.com ( 64.233.187.104) from 172.16.3.102 : 56(84) bytes of data.
64 bytes from 64.233.187.104: icmp_seq=1 ttl=242 time=159 ms
64 bytes from 64.233.187.104: icmp_seq=2 ttl=242 time=213 ms
--- www.l.google.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1002ms
rtt min/avg/max/mdev = 159.191/186.328/213.466/27.140 ms
----------------------------------------------------------------------------------------------------------------------
in the vserver...
[EMAIL PROTECTED]:/home/savio# vserver sv1 enter
mesg: /dev/pts/0: Operation not permitted
[EMAIL PROTECTED]:/# ping -c 2 -I 172.16.3.102 www.google.com
ping: unknown host www.google.com
:( dont works...
----------------------------------------------------------------------------------------------------------------------
in the server..
[EMAIL PROTECTED]:/home/savio# ping -c 2 -I 172.16.3.102 www.google.com
PING www.l.google.com ( 64.233.187.104) from 172.16.3.102 : 56(84) bytes of data.
64 bytes from 64.233.187.104: icmp_seq=1 ttl=242 time=159 ms
64 bytes from 64.233.187.104: icmp_seq=2 ttl=242 time=213 ms
--- www.l.google.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1002ms
rtt min/avg/max/mdev = 159.191/186.328/213.466/27.140 ms
----------------------------------------------------------------------------------------------------------------------
in the vserver...
[EMAIL PROTECTED]:/home/savio# vserver sv1 enter
mesg: /dev/pts/0: Operation not permitted
[EMAIL PROTECTED]:/# ping -c 2 -I 172.16.3.102 www.google.com
ping: unknown host www.google.com
:( dont works...
----------------------------------------------------------------------------------------------------------------------
ping -c 2 -I 172.16.3.103 www.google.com
if one of those fails (or both) then something is
broken with your router
i try to see in the router (not work with that - the firewall administrator its other people...)
> but not resolv functional...
verify that /etc/resolv.conf has proper nameserver
entries inside the guest (i.e. very likely the same
ones you have on the host)
server:
[EMAIL PROTECTED]:/home/savio# cat /etc/resolv.conf
nameserver 200.106.128.4
vserver:
[EMAIL PROTECTED]:/# cat /etc/resolv.conf
nameserver 200.106.128.4
HTH,
Herbert
> > any fault in the config???
> >
> > no, looks fine, although I'd add a prefix (e.g.
> > containing 24) to the interfaces/0
> >
> > HTH,
> > Herbert
Thanks a lot for your help!
--
Jairo Enrique Serrano Castañeda
Ingeniero de Sistemas UTB
http://www.jsnat.com
http://www.drupal.org.es
_______________________________________________ Vserver mailing list [email protected] http://list.linux-vserver.org/mailman/listinfo/vserver
