Hi,
First, thanks for trying to help... I've been trying to figure this out for few days already, and still can't get it to work.
The problem is that I can't ping from a container to the internet.
I can ping the host.
I can ping other containers in the same network.
I can access 192.168.1.4:80 (container private IP) through xxx.yyy.zzz.15:50 (public ip with routing) from my computer.
I can access any port of the private IP if I route it previously.
I can NOT ping 8.8.8.8
I wanna be able to ping 8.8.8.8, and basically I wanna have internet access so I can install and update packages and such things...
My host is running Proxmox 5.2 over Debian within a ovh ks server.
My container is running debian 8, I previously tried as well with Centos 7 but couldn't get it to work either.
I don't have any firewall running.
Any help would be gladly accepted, thanks in advance!
host network configuration
container network configuration
container "route -n" output
host "route -n" output
host "iptables -L -t nat" output
THANKS!
First, thanks for trying to help... I've been trying to figure this out for few days already, and still can't get it to work.
The problem is that I can't ping from a container to the internet.
I can ping the host.
I can ping other containers in the same network.
I can access 192.168.1.4:80 (container private IP) through xxx.yyy.zzz.15:50 (public ip with routing) from my computer.
I can access any port of the private IP if I route it previously.
I can NOT ping 8.8.8.8
I wanna be able to ping 8.8.8.8, and basically I wanna have internet access so I can install and update packages and such things...
My host is running Proxmox 5.2 over Debian within a ovh ks server.
My container is running debian 8, I previously tried as well with Centos 7 but couldn't get it to work either.
I don't have any firewall running.
Any help would be gladly accepted, thanks in advance!
host network configuration
Code:
auto lo
iface lo inet loopback
iface enp1s0 inet manual
iface enp2s0 inet manual
auto vmbr0
iface vmbr0 inet static
address xxx.yyy.zzz.15/24
gateway xxx.yyy.zzz.254
bridge_ports enp1s0
bridge_stp off
bridge_fd 0
auto vmbr1
iface vmbr1 inet static
bridge_ports dummy0
bridge_stp off
bridge_fd 0
post-up /etc/pve/kvm-networking.sh
auto vmbr2
iface vmbr2 inet static
address 192.168.1.1
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
pre-up iptables -N PREROUTING
pre-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp -m tcp --dport 50 -j DNAT --to-destination 192.168.1.4:80
pre-up iptables -A PREROUTING -j ACCEPT
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -N POSTROUTING
post-up iptables -t nat -A POSTROUTING -s '192.168.1.0/24' -o vmbr0 -j MASQUERADE
post-up iptables -A POSTROUTING -j ACCEPT
pre-down iptables -t nat -D PREROUTING -i vmbr0 -p tcp -m tcp --dport 50 -j DNAT --to-destination 192.168.1.4:80
post-down iptables -t nat -D POSTROUTING -s '192.168.1.0/24' -o vmbr0 -j MASQUERADE
post-down iptables -X PREROUTING
post-down iptables -X POSTROUTING
post-down iptables -F -t nat
post-down iptables -Fcontainer network configuration
Code:
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 192.168.1.4
netmask 255.255.255.0
gateway 192.168.1.1container "route -n" output
Code:
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0host "route -n" output
Code:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 xxx.yyy.zzz.254 0.0.0.0 UG 0 0 0 enp1s0
0.0.0.0 xxx.yyy.zzz.254 0.0.0.0 UG 0 0 0 vmbr0
xxx.yyy.zzz.0 0.0.0.0 255.255.255.0 U 0 0 0 enp1s0
xxx.yyy.zzz.0 0.0.0.0 255.255.255.0 U 0 0 0 vmbr0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 vmbr2host "iptables -L -t nat" output
Code:
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DNAT tcp -- anywhere anywhere tcp dpt:re-mail-ck to:192.168.1.4:80
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 192.168.1.0/24 anywhereTHANKS!
