6,534
edits
Changes
VPS -> VE in →How to provide access from Internet to VPS: , some nicer formatting and linking, added →External Links
</pre>
== How to provide access from Internet to VPS a VE ==
In addition, to make some services in VPS VE with internal private IP address be accessible from the Internet, DNAT (Destination Network Address Translation) should be configured on the [[Hardware Node]]. To perform a simple DNAT setup, execute the following command on the [[Hardware Node]]:
<pre>
# iptables -t nat -A PREROUTING -p tcp -d ip_address --port port_num -i eth0 -j DNAT --to-destination vps_address:dst_port_num
</pre>
where <tt>vps_address </tt> is an IP address of VPSthe VE, <tt>dst_port_num </tt> is a tcp port, which required requires service use, <tt>ip_address </tt> is the external (public) IP address of your [[Hardware Node]], and <tt>port_num </tt> is a tcp port of [[Hardware Node]], which will be used for Internet connections to private VPS VE service. Note that this setup makes the service, which use is using <tt>port_num </tt> on the [[Hardware Node, ]] be unaccessible from the Internet. Also note that SNAT translation is required too.
For example, if you need a web server in a VPS VE to be accessible from outside, and, at the same time, keep a web server on the [[Hardware Node ]] be accessible, use the following config:
<pre>
# iptables -t nat -A PREROUTING -p tcp -d ip_address -p 8080 -i eth0 -j DNAT --to-destination vps_address:80
After applying this, you'll see VPS' web server at <nowiki>http://ip_address:8080/</nowiki>.
The <tt>iptables</tt> utility allows to set up more complex rules for Network Address Translation, involving various protocols and ports. If you wish to get more information on this, consult the numerous Internet sites (e.g. [http://www.netfilter.org www.netfilter.org]) and tutorials devoted to this issue. == External Links ==* [http://www.netfilter.org netfilter.org]
[[Category: HOWTO]]
[[Category: Networking]]
