Talk:Using NAT for container with private IPs
Revision as of 19:58, 8 April 2008 by Kir (talk | contribs) (Talk:Using NAT for VE with private IPs moved to Talk:Using NAT for container with private IPs: ve to container rename)
I was stumbling a lot with the configuration where allowing access to a service from outside, because I assumed that after adding the iptables DNAT rule, I could test the rule from the hardware node. The rule only works for packets send from outside.
I added some text about it now, but maybe someone could rephrase it more nicely.
For OpenVZ kernels later than 2.6.8, connection tracking for VE0 is enabled by default. However, make sure there is no line like options ip_conntrack ip_conntrack_disable_ve0=1
It seems to me that here must be =0 ??? Or not?
Shaplov 10:27, 23 June 2007 (EDT)