[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-users] networking nat strange behaviuor

I use debian etch amd64 and xen from the debian repositories;
I have created 2 paravirtualized server, (always debian amd64), a web server 
and a mail server.

The dom0 is attached to internet through  an ethernet modem (ppp0), with a 
dynamic ip.

I use, in dom0,

(network-script network-nat)
(vif-script     vif-nat

1.0.0.0.1 = web server domU (gateway 10.0.0.254)
1.0.0.0.2 = mail server domU (gateway 10.0.0.254)

In the dom0 firewall i have these relevant rules:

Input, output and forward all on accept;

echo 1 >> /proc/sys/net/ipv4/ip_forward

iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE

iptables -A PREROUTING -t nat -p tcp -i ppp0 --dport 25 -j DNAT --to 10.0.0.2:25

iptables -A PREROUTING -t nat -p tcp -i ppp0 --dport 465 -j DNAT --to 
10.0.0.2:465

iptables -A PREROUTING -t nat -p tcp -i ppp0 --dport 143 -j DNAT --to 
10.0.0.2:143

iptables -A PREROUTING -t nat -p tcp -i ppp0 --dport 993 -j DNAT --to 
10.0.0.2:993

iptables -t nat -A PREROUTING -p tcp -i ppp0 --dport 80 -j DNAT --to 10.0.0.1:80

Result: the web server can be contacted from outside, works perfectly
The mail server can't be contacted form outside;

What's wrong?

Thanks.



_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.