I recently installed OpenVZ on a server that is also running ISPConfig and am having some trouble getting virtual envs set up in a way that they can reach the world outside the host node.
My system is a Debian Etch, and OpenVZ was installed as described by falko
My ISP/hosting provider (a German one called Strato) gave me a 2nd IP address from a different subnet which I'd like to use for a OpenVZ VE. So, the host node's IP is 81.a.b.c, the VE's IP 85.x.y.z/32.
Now after creating a VE and assigning it the 85.x.y.z IP, I can ping and ssh from host to VE and from VE to host just fine, but that's about it - the VE cannot reach the Internet and can't be reached from elsewhere either.
On your average ISPC installation, would there be any firewall roules or something else that I'd need to adjust to allow this traffic?
What else could I be missing?
One thing I noticed is, when rebooting the server, at one point it actually is possible to ping the VE's 85.x.y.z IP. But it seems that's just until the remaining services (and ISPC) have finished starting up.
Any and all help would be appreciated... thanks!
Some configuration details:
- `ip route` on host node
81.a.b.c dev eth0 scope link
81.a.b.1 via 81.a.b.c dev eth0 scope link
85.x.y.z dev venet0 scope link
default via 81.a.b.1 dev eth0
- `ip route` in VE
192.0.2.1 dev venet0 scope link
default via 192.0.2.1 dev venet0
- `ip -V` in VE
ip utility, iproute2-ss071016
- Kernel version running on HN: 2.6.18-12-fza-686
- `sysctl -p` on HN
net.ipv4.conf.default.forwarding = 1
net.ipv4.conf.default.proxy_arp = 0
net.ipv4.ip_forward = 1
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.conf.all.rp_filter = 1
kernel.sysrq = 1
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0