|
|
|
|
|
|
|
|
|
|
xen-users
[Xen-users] Re: Trouble using NAT with multiple bridges
Steven Brown wrote:
> I've got a network set up with xen where I have a chain of
> dom0<->domU<->domU<->etc. to simulate a multi-hop network path and
> implemented with multiple bridges (one per hop to keep them isolated).
> It works nicely locally, except that now I'm trying to have dom0 do NAT
> for that last hop out to internet and am running into problems (I've
> already fixed the ethtool/tx problem afaik).
I managed to 'solve' this with an ugly hack - since I could get the
first domU working, I have it also doing NAT. Then, all the packets
further in the chain appear to come from that working domU so the NAT in
dom0 works.
I'd still like to know what it is about NAT and multiple bridges that
causes this problem, though, and how to really solve it (removing the
duplicate NAT).
For reference, the hack:
dom0: iptables -m physdev ! --physdev-is-bridged -t nat -A POSTROUTING
-s 192.168.0.0/16 -j MASQUERADE
first domU: iptables -t nat -A POSTROUTING -s 192.168.0.0/16 -j MASQUERADE
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|
|
|
|
|