Openvz: NAT private CT's IPs to internet

From vpsget wiki
Revision as of 15:52, 11 June 2019 by Ndi (talk | contribs) (Created page with " DRAFT openvz7/6 NAT internal network to outside ; not fuck with bridged. Usefull when you need to host CTs with private and public ips on the same HW node and also make in...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

DRAFT

openvz7/6 NAT internal network to outside ; not fuck with bridged. Usefull when you need to host CTs with private and public ips on the same HW node and also make internal NW CT's being able to access internet and each other/any CT with IP from internal NW


SO you need to just assign pruvate IPs to CTs and configure iptables NAT rules

in next example: <priv_range> = 10.10.10.0/24 range with private ips that will be used for CTs <node_main_ip> = 46.4.44.44 openvz hardware server node ip address. ip generated randomly for example <node_main_interface> = enp0s6 openvz node main interface

iptables -t nat -A POSTROUTING -s <priv_range> -o <node_main_interface> -j SNAT --to <node_main_ip> iptables -A FORWARD -s <priv_range> -j ACCEPT iptables -A FORWARD -d <priv_range> -j ACCEPT iptables -A INPUT -s <priv_range> -j ACCEPT

Retrieved from "https://wiki.vpsget.com/index.php?title=Openvz:_NAT_private_CT%27s_IPs_to_internet&oldid=7323"