Iptables based router inside KVM virtual machine
Posted
by
Anton
on Super User
See other posts from Super User
or by Anton
Published on 2012-06-29T14:17:56Z
Indexed on
2012/06/29
15:18 UTC
Read the original article
Hit count: 310
I have KVM virtual machine (CentOS 6.2 x64), it has 2 NIC:
- eth0 - real external IP 1.2.3.4 (simplified example instead of real one)
- eth1 - local internal IP 172.16.0.1
Now I'm trying to make port mapping 1.2.3.4:80 => 172.16.0.2:80
Current iptables rules:
# Generated by iptables-save v1.4.7 on Fri Jun 29 17:53:36 2012
*nat
:OUTPUT ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -o eth0 -j MASQUERADE
-A PREROUTING -p tcp -m tcp -d 1.2.3.4 --dport 80 -j DNAT --to-destination 172.16.0.2:80
COMMIT
# Completed on Fri Jun 29 17:53:36 2012
# Generated by iptables-save v1.4.7 on Fri Jun 29 17:53:36 2012
*mangle
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT
# Completed on Fri Jun 29 17:53:36 2012
# Generated by iptables-save v1.4.7 on Fri Jun 29 17:53:36 2012
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
# Completed on Fri Jun 29 17:53:36 2012
But there is nothing works, I mean it does not forwards that port.
Similar configuration without virtualization seems to be working.
What am I missing?
Thanks!
© Super User or respective owner