|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-users] Xen 4 + Debian Squeeze + one VM in route mode and another in nat mode
Le 06/08/2011 11:45, Thierry B a écrit : > Le 04/08/2011 06:31, Todd Deshane a écrit : >> Are you able to confirm that Xen is making use of these scripts? For >> example, adding a set -x to the scripts and booting the guest to make >> sure the scripts are being called. And/or manually checking that the >> iptables rules are being put into place correctly Another approach is >> described in this thread: >> http://xen.markmail.org/search/?q=nat+networking#query:nat%20networking+page:1+mid:fksxauxxxqxotgz4+state:results >> Which links to: >> http://www.andrewsorensen.net/blog/post/nat-networking-in-debian-squeeze >> Thanks, Todd > Yes I'm able to confirm that because it's vif-nat which give the static > ip 192.168.1.254 to vif-debianTest by modifiing that : > > routing_ip() > { > #echo $(echo $1 | awk -F. '{print $1"."$2"."$3"."$4 + 127}') > echo $(echo $1 | awk -F. '{print $1"."$2"."$3"."254}') > } > > I use a dedibox, and bridge mode is not authorized...I can only route > with an ip failover that I have to buy or nat, and I'd like to have one > VM which use an ip failover and other one NAT. > > Thanks. > > > _______________________________________________ > Xen-users mailing list > Xen-users@xxxxxxxxxxxxxxxxxxx > http://lists.xensource.com/xen-users Hello, This is my complete rules : # iptables -L -v | more Chain INPUT (policy DROP 860 packets, 95727 bytes) pkts bytes target prot opt in out source destination 18 2185 ACCEPT all -- lo any anywhere anywhere 8 792 ACCEPT icmp -- any any anywhere anywhere 1065 83852 ACCEPT tcp -- eth0 any lev92-4-88-164-133-124.fbx.proxad .net anywhere tcp dpt:ssh 5 544 ACCEPT all -- eth0 any anywhere anywhere state RELATED,ESTABLISHED 0 0 ACCEPT all -- vif2.0 any anywhere anywhere 0 0 ACCEPT all -- vif-debianTest any anywhere anyw here Chain FORWARD (policy DROP 11 packets, 528 bytes) pkts bytes target prot opt in out source destination 1517 322K ACCEPT all -- eth0 any anywhere anywhere state RELATED,ESTABLISHED 10 496 ACCEPT all -- eth0 any anywhere 88-190-238-1 64.rev.dedibox.fr 1605 143K ACCEPT all -- vif2.0 any anywhere anywhere 0 0 ACCEPT all -- vif-xenwinxp any anywhere anywhe re 0 0 ACCEPT all -- vif-debianTest any anywhere anyw here 0 0 ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED PHYSDEV match --physdev-out vif-debianTest 0 0 ACCEPT udp -- any any anywhere anywhere PHYSDEV match --physdev-in vif-debianTest udp spt:bootpc dpt:bootps 0 0 ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED PHYSDEV match --physdev-out vif-debianTest 0 0 ACCEPT all -- any any xenDebianTest anywhere PHYSDEV match --physdev-in vif-debianTest Chain OUTPUT (policy ACCEPT 886 packets, 129K bytes) pkts bytes target prot opt in out source destination 24 2946 ACCEPT all -- any lo anywhere anywhere # iptables -L -t nat -v | more Chain PREROUTING (policy ACCEPT 1265 packets, 132K bytes) pkts bytes target prot opt in out source destination 11 528 DNAT tcp -- eth0 any anywhere anywhere tcp dpt:2222 to:192.168.1.2:22 Chain POSTROUTING (policy ACCEPT 27 packets, 1850 bytes) pkts bytes target prot opt in out source destination 110 7826 SNAT all -- any eth0 88-190-238-164.rev.dedibox.fr an ywhere to:88.190.238.164 0 0 SNAT all -- any any 192.168.0.2 anywhere to:88.190.15.135 0 0 SNAT all -- any any xenDebianTest anywhere to:88.190.15.135 Chain OUTPUT (policy ACCEPT 21 packets, 1538 bytes) pkts bytes target prot opt in out source destination Thanks :-) _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |