On Thu, Sep 18, 2003 at 04:30:30PM +0200, Gerald Leier wrote: > hi folks > > i only got one official internet routeable ip address and want to setup > a few servers in a vserver security context. > > what i did now was: > > create an dummy device (dummy0) and give it a privatipaddress. > then i added a vserver with the following settings: > IPROOT="10.0.0.3" > IPROOTDEV="dummy0"
should be no problem, if you stop using the dummy device (which is no real network device as the name suggests) best, Herbert > then i did: > iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE > > but all i can is ping around, the rest doesnt work at all. > also want to use real dest/source nat instead of masquerade. > > i recognized that i cant change routing within a vserver so > my thoughts might all be senseless crap. > > how should networking be done with vserver ? > > > i thought i build something like this: > > realserver: REALADDRESS > > vserver1: 10.0.0.1 > apache on :80,:443 (namebased virtualhosts, as a reverseproxy) > > vserver2: 10.0.0.2 > apache on any port (the realcontentserver, requests get forwarded > to this one) > > > anyone a hint on vserver networking ? > > sorry couldnt find any documentation on this also i didnt find a searchable > maillinglist. > > thanks > gerald > >
