| |
|
 |
|
 |
|
|
|
| |
|
|
xen-users
Re: [Xen-users] Xen 4 + Debian Squeeze + one VM in route mode and anothe
Le 06/08/2011 11:45, Thierry B a écrit :
> Le 04/08/2011 06:31, Todd Deshane a écrit :
>> Are you able to confirm that Xen is making use of these scripts? For
>> example, adding a set -x to the scripts and booting the guest to make
>> sure the scripts are being called. And/or manually checking that the
>> iptables rules are being put into place correctly Another approach is
>> described in this thread:
>> http://xen.markmail.org/search/?q=nat+networking#query:nat%20networking+page:1+mid:fksxauxxxqxotgz4+state:results
>> Which links to:
>> http://www.andrewsorensen.net/blog/post/nat-networking-in-debian-squeeze
>> Thanks, Todd
> Yes I'm able to confirm that because it's vif-nat which give the static
> ip 192.168.1.254 to vif-debianTest by modifiing that :
>
> routing_ip()
> {
> #echo $(echo $1 | awk -F. '{print $1"."$2"."$3"."$4 + 127}')
> echo $(echo $1 | awk -F. '{print $1"."$2"."$3"."254}')
> }
>
> I use a dedibox, and bridge mode is not authorized...I can only route
> with an ip failover that I have to buy or nat, and I'd like to have one
> VM which use an ip failover and other one NAT.
>
> Thanks.
>
>
> _______________________________________________
> Xen-users mailing list
> Xen-users@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-users
Hello,
This is my complete rules :
# iptables -L -v | more
Chain INPUT (policy DROP 860 packets, 95727 bytes)
pkts bytes target prot opt in out source destination
18 2185 ACCEPT all -- lo any anywhere anywhere
8 792 ACCEPT icmp -- any any anywhere anywhere
1065 83852 ACCEPT tcp -- eth0 any lev92-4-88-164-133-124.fbx.proxad
.net anywhere tcp dpt:ssh
5 544 ACCEPT all -- eth0 any anywhere anywhere
state RELATED,ESTABLISHED
0 0 ACCEPT all -- vif2.0 any anywhere anywhere
0 0 ACCEPT all -- vif-debianTest any anywhere anyw
here
Chain FORWARD (policy DROP 11 packets, 528 bytes)
pkts bytes target prot opt in out source destination
1517 322K ACCEPT all -- eth0 any anywhere anywhere
state RELATED,ESTABLISHED
10 496 ACCEPT all -- eth0 any anywhere 88-190-238-1
64.rev.dedibox.fr
1605 143K ACCEPT all -- vif2.0 any anywhere anywhere
0 0 ACCEPT all -- vif-xenwinxp any anywhere anywhe
re
0 0 ACCEPT all -- vif-debianTest any anywhere anyw
here
0 0 ACCEPT all -- any any anywhere anywhere
state RELATED,ESTABLISHED PHYSDEV match --physdev-out vif-debianTest
0 0 ACCEPT udp -- any any anywhere anywhere
PHYSDEV match --physdev-in vif-debianTest udp spt:bootpc dpt:bootps
0 0 ACCEPT all -- any any anywhere anywhere
state RELATED,ESTABLISHED PHYSDEV match --physdev-out vif-debianTest
0 0 ACCEPT all -- any any xenDebianTest anywhere
PHYSDEV match --physdev-in vif-debianTest
Chain OUTPUT (policy ACCEPT 886 packets, 129K bytes)
pkts bytes target prot opt in out source destination
24 2946 ACCEPT all -- any lo anywhere anywhere
# iptables -L -t nat -v | more
Chain PREROUTING (policy ACCEPT 1265 packets, 132K bytes)
pkts bytes target prot opt in out source destination
11 528 DNAT tcp -- eth0 any anywhere anywhere
tcp dpt:2222 to:192.168.1.2:22
Chain POSTROUTING (policy ACCEPT 27 packets, 1850 bytes)
pkts bytes target prot opt in out source destination
110 7826 SNAT all -- any eth0 88-190-238-164.rev.dedibox.fr an
ywhere to:88.190.238.164
0 0 SNAT all -- any any 192.168.0.2 anywhere
to:88.190.15.135
0 0 SNAT all -- any any xenDebianTest anywhere
to:88.190.15.135
Chain OUTPUT (policy ACCEPT 21 packets, 1538 bytes)
pkts bytes target prot opt in out source destination
Thanks :-)
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|
|
|
| |
|
Home