Changes

Jump to: navigation, search

Using NAT for container with private IPs

180 bytes added, 21:15, 4 November 2013
VE0 conntrack updated
== Prerequisites ==
 
Make sure that below prerequisites are met, otherwise it won't work for you!
=== IP forwarding ===
 '''IP forwarding should be turned on, ''' on the hardware node in order for container networking to work. Make sure it is turned on:
$ cat /proc/sys/net/ipv4/ip_forward
=== IP conntracks ===
'''IP connection tracking should be enabled for CT0. '''For OpenVZ kernels 2.6.8''', put the following line into /etc/modprobe.conf:  modprobe ip_conntrack ip_conntrack_enable_ve0=1 and reboot.
'''For recent OpenVZ kernels later than (2.6.8''', 9 and later) connection tracking for CT0 is enabled by default, but it can be disabled by vzctl (because it has a negative impact on venet performance). '''However'''So, make sure there is '''no''' line like
options ip_conntrack ip_conntrack_disable_ve0=1
or
options nf_conntrack ip_conntrack_disable_ve0=1
in <code>/etc/modules.conf </code>, <code>/etc/modprobe.conf</code>, or any file under <code>/etc/modprobe.confd/</code>. '''If there is such a line, comment it out (or remove) please change <code>=1</code> to <code>=0</code>''' and reboot.
== How to provide access for container to Internet ==
Retrieved from "https://wiki.openvz.org/Special:MobileDiff/14768"

Navigation menu