HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   HOWTO-Related Questions (http://www.howtoforge.com/forums/forumdisplay.php?f=2)
-   -   The Perfect Xen 3.1.0 Setup For Debian Etch (http://www.howtoforge.com/forums/showthread.php?t=20080)

jacobhenry 3rd February 2008 04:39

The Perfect Xen 3.1.0 Setup For Debian Etch
 
I have successfully installed xen using the HowTo at http://www.howtoforge.com/debian_etch_xen_3.1. I chose to finish the final page, which was optional, with the hope of "Creat(ing) A Virtual Local Network From The Virtual Machines". This required me to change the gateway, netmask, and IP address of the instances.

My original goal was to create a virtual local network with the xen server acting as the router and name server:
The tutorial discusses how to use iptables to achieve port forwarding but this limits me to having one server (instance) per port. Many of my servers have there own web interface (trac, mysql, etc) which means I must somehow create a name server that provides the desired functionality (shown above). Any suggestions?

falko 3rd February 2008 19:40

You can try to use routing in Xen instead of NAT.

jacobhenry 21st April 2008 08:19

I am now having difficulties with the iptables discussed on the last page of the tutorial. What I need to do is forward all requests on port 3306 to my sql server. Right now this is what I have in /etc/network/if-up.d/iptables

Code:

#!/bin/sh

### Port Forwarding ###
iptables -A PREROUTING -t nat -p tcp -i eth0 --dport 3306 -j DNAT --to 10.0.0.2:3306

Even with these settings I am not able to connect to my sql server with a client. Here is the output of iptables -L:

Code:

Chain INPUT (policy ACCEPT)
target    prot opt source              destination       

Chain FORWARD (policy ACCEPT)
target    prot opt source              destination       
ACCEPT    0    --  api.scratchco.com    anywhere            PHYSDEV match --physdev-in vif1.0
ACCEPT    udp  --  anywhere            anywhere            PHYSDEV match --physdev-in vif1.0 udp spt:bootpc dpt:bootps
ACCEPT    0    --  svn.scratchco.com    anywhere            PHYSDEV match --physdev-in vif2.0
ACCEPT    udp  --  anywhere            anywhere            PHYSDEV match --physdev-in vif2.0 udp spt:bootpc dpt:bootps
ACCEPT    0    --  mysql.scratchco.com  anywhere            PHYSDEV match --physdev-in vif4.0
ACCEPT    udp  --  anywhere            anywhere            PHYSDEV match --physdev-in vif4.0 udp spt:bootpc dpt:bootps
ACCEPT    0    --  hudson.scratchco.com  anywhere            PHYSDEV match --physdev-in vif5.0
ACCEPT    udp  --  anywhere            anywhere            PHYSDEV match --physdev-in vif5.0 udp spt:bootpc dpt:bootps

Chain OUTPUT (policy ACCEPT)
target    prot opt source              destination

Any suggestions?

falko 22nd April 2008 16:54

Did you run
Code:

iptables -A PREROUTING -t nat -p tcp -i eth0 --dport 3306 -j DNAT --to 10.0.0.2:3306
on the shell as well?


All times are GMT +2. The time now is 21:38.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.