Trouble with port 80 nating (XenServer to WebServer VM)

Posted by Lain92 on Server Fault See other posts from Server Fault or by Lain92
Published on 2014-06-08T01:24:05Z Indexed on 2014/06/08 3:27 UTC
Read the original article Hit count: 261

Filed under:
|
|
|
|

I have a rent server running XenServer 6.2 I only have 1 public IP so i did some NAT to redirect ports 22 and 80 to my WebServer VM. I have a problem with the port 80 redirection.

When i use this redirection, i can get in the WebServer's Apache but this server lose Web access.

I get this kind of error :

W: Failed to fetch http://http.debian.net/debian/dists/wheezy/main/source/Sources  404  Not Found [IP: 46.4.205.44 80]

but i can ping anywhere.

XenserverIP:80 redirected to 10.0.0.2:80 (WebServer).

This is the port 80 redirection part of my XenServer iptables :

-A PREROUTING -i xenbr1 -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.0.0
.2:80

-A INPUT -i xenbr1 -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
COMMIT

What is wrong in my configuration? Is there a problem with XenServer?

Thanks for your help !

Edit : Here is my iptables full content :

*nat
:PREROUTING ACCEPT [51:4060]
:POSTROUTING ACCEPT [9:588]
:OUTPUT ACCEPT [9:588]
-A PREROUTING -p tcp -m tcp --dport 1234 -j DNAT --to-destination 10.0.0.2:22
-A PREROUTING -i xenbr1 -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.0.0
.2:80
-A POSTROUTING -s 10.0.0.0/255.255.255.0 -j MASQUERADE
COMMIT
*filter
:INPUT ACCEPT [5434:4284996]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [5014:6004729]
-A INPUT -i xenbr1 -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
COMMIT

Update :

I have a second server with 10.0.0.3 as IP and it has the same problem that 10.0.0.2 has.

© Server Fault or respective owner

Related posts about iptables

Related posts about http