3
edits
Changes
→Conntracks
In the stable OpenVZ kernels (those that are 2.6.8-based) netfilter connection tracking for [[VE0]] is disabled by default. If you have a stateful firewall enabled on the host node (it is there by default) you should either disable it, or enable connection tracking for [[VE0]].
To enable conntracks for VE0, add the following line to <code>/etc/modulesmodprobe.conf</code> file:
<pre>
options ip_conntrack ip_conntrack_enable_ve0=1
