[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-users] Issues with Xen and iptables

To: xen-users@xxxxxxxxxxxxxxxxxxx
From: Rainer Sokoll <rainer@xxxxxxxxxx>
Date: Fri, 29 Jan 2010 10:29:32 +0100
Delivery-date: Fri, 29 Jan 2010 01:31:12 -0800
List-id: Xen user discussion <xen-users.lists.xensource.com>

Hi,

I have a remote office connected to the head quarter through openvpn.
Works fine, as long as I route every traffic through the vpn. Now I need
to set up a splitted tunnel - all traffic to the head quarter must go
through the vpn, regular traffic goes directly into the internet.
The router in the remote office is a Xen dom0.
Routing works. I set up a (testing) rule for doing NAT:

iptables -o eth2 -t nat -A POSTROUTING -j SNAT -d x.x.x.x/32 --to-source y.y.y.y

I can see the rule in the POSTROUTING chain.
But if I do a "tcpdump -i eth2 -n host x.x.x.x", I can see that the
packets are not natted. Also "iptables -L -v -n -t nat" shows all
counters as 0 (zero) - it looks like my rule does not match any packet.
So my question is: are there issues with netfilter and Xen (in my case,
still 3.1)?

Any hint is appreciated,
Rainer

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

Follow-Ups:
- Re: [Xen-users] Issues with Xen and iptables
  - From: Fajar A. Nugraha

Prev by Date: Re: [Xen-users] 2.6.31.6 pv_ops can't boot pv_ops DomU kernel
Next by Date: Re: [Xen-users] 2.6.31.6 pv_ops can't boot pv_ops DomU kernel
Previous by thread: [Xen-users] support for hvm
Next by thread: Re: [Xen-users] Issues with Xen and iptables
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.