Dual Interface Virtual Servers Policy Based Routing
Virtual servers are connected to a private network and the public internet.
After the network is configured on the host, the network interfaces and routes are defined on the container. Policy based routing is used to connect both the private LAN and public internet.
IP Tables
For convenience, we created two table names that will be used for routing. These are created in the /etc/iproute2/rt_tables:
100 wanout
101 lanout
101 lanout
Policy Based Routing
On Debian systems, the routing is defined in the /etc/network/interfaces files. An example configuration for a container is:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 |
auto lo iface lo inet loopback auto eth1 iface eth1 inet static address 192.168.80.YYY netmask 255.255.255.0 network 192.168.80.0 broadcast 192.168.80.255 # WAN routing post-up ip route flush table wanout post-up ip route add default via 192.168.80.1 dev eth1 table wanout post-up ip rule add from 192.168.80.YYY table wanout priority 500 post-up ip route add default via 192.168.80.1 auto eth0 iface eth0 inet static address 192.168.10.YYY netmask 255.255.255.0 network 192.168.10.0 broadcast 192.168.10.255 # LAN routing post-up ip route flush table lanout post-up ip route add default via 192.168.10.1 dev eth0 table lanout post-up ip rule add from 192.168.10.YYY table lanout priority 501 |
Be the first to comment. Leave a comment