WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

[Xen-users] Port forwarding problems

To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-users] Port forwarding problems
From: "Atle Rudshaug" <atle.rudshaug@xxxxxxxxx>
Date: Fri, 14 Jul 2006 11:53:31 +0000
Delivery-date: Fri, 14 Jul 2006 04:54:14 -0700
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type; b=NyR8uzH8Fwe8Mxinzszwett1+DeeZJ7GXTx7np4B1moP5WaVWzeUuKr4i4ULvNrzch3wZKbtwJ1632Adc/xqhNElEAZHENgF/yuAGu3XV9VOR3cB4WWM1vKb3OQnAbolY+V1j2tx4iWz5+P7hhu1GQdkzjahV7jlNI1y0AybSdw=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
I am running Xen on a RHEL4 dom0 and have two RHEL4 domU's.  The domU's are both running Oracle 10g R2 database. I want to connect to these databases from another computer. Xen is set up with NAT network and all dom's have access to the internet and they can ping eachother so the network is up and running. My problem is that I cannot connect to the different oracle listeners running on the VM's. I have tried the following iptable rules:

iptables -A FORWARD -i eth0 -p tcp --dport 1500 -d 10.0.0.1 -j ACCEPT
iptables -A FORWARD -i eth0 -p tcp --dport 1501 -d 10.0.0.2 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A PREROUTING -t nat -p tcp -i eth0 --dport 1500 -j DNAT --to 10.0.0.1:1521
iptables -A PREROUTING -t nat -p tcp -i eth0 --dport 1501 -j DNAT --to 10.0.0.2:1521

The following parameters are set:
/proc/sys/net/ipv4/ip_forward is set to 1
In sysctl.conf: net.ipv4.ip_forward = 1

but I still cannot connect. Running tcpdump I get the following:

IP (..host_ip..) > (..client_ip..): icmp 56: host pcitdes003.cern.ch unreachable - admin prohibited

Anyone got any idea?

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
<Prev in Thread] Current Thread [Next in Thread>