sorry I have forgotten to explain how the connection fails, also have forgotten to inform my host system is installed with Debian Sarge stable.
I only have access to the host system, and also I don't understand how to access the vserver from outside is it right how I have configured the
vserver domainname vhost00.my.hostdomain.name?
Also have no idea how to make my vservers over dns reachable, because they are only local reachable.
Sorry I know I must learn more about networking.
Please give me some informations and I will make it
!I also wanted to know if it is necessary to create a vhost00.conf int the /etc/vservers dir, I have done it but it also failled.
Thanx for ur help.
Am Freitag, den 06.01.2006, 15:27 +0100 schrieb [EMAIL PROTECTED]:
Send Vserver mailing list submissions to [email protected] To subscribe or unsubscribe via the World Wide Web, visit http://list.linux-vserver.org/mailman/listinfo/vserver or, via email, send a message with subject or body 'help' to [EMAIL PROTECTED] You can reach the person managing the list at [EMAIL PROTECTED] When replying, please edit your Subject line so it is more specific than "Re: Contents of Vserver digest..." Today's Topics: 1. network config with VLANs (Oliver Welter) 2. can't access ssh (stefan julius) 3. Re: can't access ssh (Oliver Welter) ---------------------------------------------------------------------- Message: 1 Date: Fri, 06 Jan 2006 13:38:55 +0100 From: Oliver Welter <[EMAIL PROTECTED]> Subject: [Vserver] network config with VLANs To: [email protected] Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset="iso-8859-1" Hi Folks, I have some problems with "vlans" and vservers.. I have a box that has one physical Interface that hosts two VLANs, both are official Addresses and reachable from the Internet. The main host hast conectivity on both networks . 1) What should I but in "interfaces/0/dev" ? eth0 or vlan1 fails, I get a message: creation of VLAN_PLUS_VID_NO_PAD devices is not supported; please create them before starting the vserver and use the 'nodev' flag then When I put "nodev" in the "dev" file I get a warning - I put an empty file "nodev" in the interface directory - seems to work, is this correct? 2) I have a problem with routing - if the vserver guest has only addresses in one of the networks, I cannot ping across the networks because the hosts routing table show up in the guest, but the devices shonw there for routing dont exists. I am fiddling around with iptables and got some aspects to work, but not all....is there another trick ? I run everyting on gentoo with up to date tools Kernel: 2.6.14-vs2.0.1-gentoo VS-API: 0x00020001 util-vserver: 0.30.209; Jan 2 2006, 22:49:56 Oliver -- Diese Nachricht wurde digital unterschrieben oliwel's public key: http://www.oliwel.de/oliwel.crt Basiszertifikat: http://www.ldv.ei.tum.de/page72 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5146 bytes Desc: S/MIME Cryptographic Signature Url : http://daffy.hulpsystems.net/pipermail/vserver/attachments/20060106/f8478d71/smime-0001.bin ------------------------------ Message: 2 Date: Fri, 06 Jan 2006 15:17:10 +0100 From: stefan julius <[EMAIL PROTECTED]> Subject: [Vserver] can't access ssh To: [email protected] Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset="us-ascii" Hello sorry for the boring questions, about connection to a vserver via ssh, but i am working on it for more than one week and it won't be work. Maybe someone can help me. My system: P4 3GHz 2000 MB RAM Kernel 2.6.14.3-vs2.1.0-rc10 util-vserver-0.30.209 two NICs eth0 connected to the internet, it is a dedicated server, also there is a NIC eth1, without connection throught the net, but I though I use this for my local network, and performed vserver vhost00 build -m skeleton --hostname vhost00.(here my domainname) --netdev eth1 --interface v00=192.168.1.110/24 --context 50 after that I tarballed a preconfigured system sarge stable! Installation and all others works fine I have access to the vserver, also have connection to the internet with, I can perform apt-get update, also ssh and xinetd installation works fine. Accessing vserver with ssh from the host system also works fine. configured the sshd on the vserver to the local ip 192.168.1.110, on port 22 also on port 2222 Using OpenSSH_3.8.1 on the host and also on the vserver, set the ListenAdress on the host as mentioned to my host ip on port 22, I also tried it on port 2222 alias device is shown and all seems to be ok have installed Shorewall firewall, configured won't work, maybe here is the problem, or I have problem to configure my "Local Network", is it possible to use the onboard NIC without connection to the network as device for my Local network? here are my conf files maybe it will give further informations interfaces: loc eth1 detect routefilter,tcpflags net eth0 detect dhcp,routefilter,tcpflags masq: eth0:"my host ip" eth1 eth1:v00 eth1!85.214.22.240 192.168.1.110 nat: "my host ip" eth1 192.168.1.110 no no policy: all all ACCEPT net $FW ACCEPT info $FW net ACCEPT info loc $FW ACCEPT $FW loc ACCEPT loc net ACCEPT net loc ACCEPT routestopped: eth0 "my host ip" eth1 rules: ############################################################################## #ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL # PORT PORT(S) DEST # # Accept DNS connections from the firewall to the network # ACCEPT fw net tcp 53 ACCEPT fw net udp 53 ACCEPT net fw tcp 53 ACCEPT net fw udp 53 # Accept SSH connections from the firewall to the network ACCEPT fw net tcp 22 ACCEPT fw net udp 22 ACCEPT net fw tcp 22 # Ausgang zu anderen Rechnern ACCEPT net fw:192.168.1.110 tcp 22 ACCEPT net loc:192.168.1.110 tcp 22 DNAT net loc:192.168.1.110 tcp 22 22 "my host ip" 85.214.22.240 # Accept Webmin connections from the firewall to the network ACCEPT fw net tcp 777 ACCEPT fw net udp 777 ACCEPT net fw tcp 777 # Accept FTP connections from the firewall to the network ACCEPT fw net tcp 21 ACCEPT fw net udp 21 ACCEPT net fw tcp 21 ACCEPT net fw udp 21 # # Accept SSH connections from the local network for administration # #ACCEPT net fw tcp 22 # Allow Ping To And From Firewall # ACCEPT loc fw icmp 8 ACCEPT net fw icmp 8 ACCEPT fw loc icmp 8 ACCEPT fw net icmp 8 ACCEPT loc fw udp 53 ACCEPT loc fw tcp 80 zones: loc Local Local Internet net Net Internet won't work, maybe here is the problem, or I have problem to configure my "Local Network", is it possible to use the onboard NIC without connection to the network as device for my Local network? also tried inetd/xinetd You can't bind inetd to a interface, replace it with xinetd. config file: xinetd.conf defaults { bind = "my host ip" } also tried to make the host interface and IP available in a vserver http://deb.riseup.net/vserver/usage/. maybe someone can give me more informations how to access my vservers. Greetinx and thanx for ur help! Stefan -------------- next part -------------- An HTML attachment was scrubbed... URL: http://daffy.hulpsystems.net/pipermail/vserver/attachments/20060106/451245ab/attachment-0001.htm ------------------------------ Message: 3 Date: Fri, 06 Jan 2006 15:29:35 +0100 From: Oliver Welter <[EMAIL PROTECTED]> Subject: Re: [Vserver] can't access ssh To: [email protected] Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset="iso-8859-1" Hi Stefan, IIUC you can access the vServer from the host system, so the SSH is working ? Can you ping the vServer from outside ? Perhaps you have a problem with DNS resolution or so and cause a timeout on the connection because the guest tries a lookup on the connecting host... Try shutting down the shprewall for testing, perhaps this is an issue - networking with vServer is a bit strange sometimes.. Oliver/vserver
_______________________________________________ Vserver mailing list [email protected] http://list.linux-vserver.org/mailman/listinfo/vserver
