Openvz: NAT private CT's IPs to internet

From vpsget wiki
Jump to: navigation, search


openvz7/6 NAT internal network to outside ; not fuck with bridged. Usefull when you need to host CTs with private and public ips on the same HW node and also make internal NW CT's being able to access internet and each other/any CT with IP from internal NW

SO you need to just assign pruvate IPs to CTs and configure iptables NAT rules

in next example:

<priv_range> = range with private ips  that will be used for CTs
<node_main_ip> =  openvz hardware server node ip address. ip generated randomly for example
<node_main_interface> = enp0s6  openvz node main interface
iptables -t nat -A POSTROUTING -s <priv_range> -o <node_main_interface> -j SNAT --to <node_main_ip>  
iptables -A FORWARD -s <priv_range> -j ACCEPT
iptables -A FORWARD -d <priv_range> -j ACCEPT
iptables -A INPUT -s <priv_range> -j ACCEPT